Dataswyft believes that appropriate privacy protection is an entitlement of everyone and that their personal data should be protected. Therefore Dataswyft will collect, store, use and disclose Personal Data in accordance with all applicable laws relating to the protection of Personal Data, including the EU Data Protection Directive 95/46/EC, the EU General Data Protection Regulation 2016/679, the EU ePrivacy Directive 2002/58/EC as amended by Directive 2009/136/EC, as amended or superseded from time to time, and any national implementing legislation (“Data Protection Laws”).
This Privacy Policy applies if you use the dataswyft.io website, Dataswyft Developers Portal Platform and a Dataswyft Personal Data Account (“PDA”) built upon the “Hub of All Things” MicroserverTM (“HAT”) and Dataswyft One Platform technology. This Privacy Policy also applies to any other Dataswyft-related applications, products and/or services that refer to or link to this Privacy Policy (“Services”).
References to “Dataswyft”, “we”, “us” or “our” are references to Dataswyft Limited and references to “you” and “your” are references to the individual who is using the Dataswyft service.
BY USING THE SITE AND OUR SERVICES, YOU AGREE TO THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT ACCESS THE SITE OR OTHERWISE USE THE SERVICE.
dataswyft.io Website
This Privacy Policy forms part of our dataswyft.io website, Dataswyft Developers Portal and all other sites owned by Dataswyft Limited and is incorporated within our Terms of Service which is located [here].
Personal Data Accounts (PDA)
This Privacy Policy forms part of, and is incorporated into, the PDA Owner Terms of Service. Your rights to use your PDA, including ownership of any intellectual property rights within your PDA, are set out in the PDA Owner Terms of Service which is available [here].
Personal data accounts (PDAs) use a new technology called a "HAT Microserver" that enables you to own and control your data in the cloud. PDAs are issued by Dataswyft and regulated by the HAT Community Foundation to ensure legal access to PDA data is enforced and that stewardship of the data in use on behalf of the PDA owners is ensured.
We use PDAs to give you full control over your data. In particular, we cannot access your PDA without your explicit permission;
For Contracted PDA please refer to the PDA User Guide, link found below.
If you need help to understand how PDAs work, including the use of data debits and data plugs, then please refer to the documentation available at [https://resources.dataswyft.io/contents/120e6d3f-0eca-4f30-abe4-e5ba2d05a069 ]. You can also get more information about PDAs here: (https://resources.dataswyft.io/contents/aa510da1-4af9-463c-8fb7-da46fd24be81).
As a result of our ability to provide you with the use of a PDA or any Services, we will obtain the following information which will include personal data (i.e. information that can identify you directly (e.g. by name) or indirectly (e.g. by personal characteristics or an IP address). Personal data does not include: publicly available information from government records; data where the identity has been removed (anonymous, de-identified, or aggregated consumer information); information specifically excluded from the scope of relevant privacy and security laws and regulations.
We reserve the right to collect information based on your usage of our service which is information collected automatically via our service, which can include: the IP addresses or domain names of the computers utilized by the users who use this service, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilised to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilised by the user, the various time details per visit (e.g., the time spent on each page within the site) and the details about the path followed within the site with special reference to the sequence of pages visited, other parameters about the device operating system and/or the user's IT environment, and data, conversion rates, marketing and conversion data and statistics, reports, analytics data, reviews and surveys (“Usage Data”). Usage Data is essentially anonymous when collected, but could be used indirectly to identify a person. Please see metadata below.
(a) Account Data – we obtain limited information about you when your PDA is first issued, such as your name and email address. Your email address is linked to your PDA. We will obtain additional information about you if you interact with us for any reason. We call this “Account Data”.
(b) Metadata – we will collect information about your device (if you are using a PDA) and your use of our Services. This will include:
We call all of the above information “Metadata” and it may be capable of identifying you personally. We may anonymise Metadata to produce aggregated information about how our Services are used and to identify and understand behavioural trends.
(c) PDA Data – once your PDA is ready for use, you decide what data goes into and out of your “PDA Database” based on your acceptance of contracts set up by us between your PDA and websites/apps. Your PDA Database is a database within your PDA that is used to store text based data. The term “PDA Data” refers to (i) any data that is stored in your PDA Database and (ii) any data that you bring into your PDA (such as photos), but excludes File Storage System Data (see below). You are in control of how your PDA Data is used. You can allow third parties to transfer data into your PDA Database, or you may transfer data into your PDA database yourself. You decide the types of personal data that go into your PDA database and the purposes for which that data is used. For example, you decide whether to:
(d) File Storage System Data – unless put into a text based format, files cannot be stored in the PDA Database. They must be stored in a separate storage system that is part of the PDA and which we call the “File Storage System”. This File Storage System is provided by Amazon Web Services and managed by Dataswyft. When you bring non-text based data into your PDA, this non-text data will get stored in the File Storage System – we call this data “File Storage System Data”. You are in control of how your File Storage System Data is used. You can allow third parties to transfer data into your File Storage System, or you can transfer data into your File Storage System yourself. You decide the types of data, including personal data, that go into your File Storage System and the purposes for which that data is used. For example, you decide whether to:
IF YOU FAIL TO PROVIDE PERSONAL INFORMATION
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.
The person who is primarily responsible for complying with data protection law in respect of the processing* of personal data is called a “controller”. Who the controller is depends on the type of personal data that is being processed and the purpose for that processing:
* When we refer to “processing” in this Privacy Policy we mean anything that can be done with personal data, including collection, holding, retrieving, consulting, using, disclosing, erasing and destruction.
(a) Account Data and Metadata – we use this data for some or all of the following purposes:
(b) PDA Data and File Storage System Data – we do not process your PDA Data or File Storage System Data except to the limited extent required to provide you with your PDA and Services, to comply with applicable law or legal process, or as otherwise specifically set out in this Privacy Policy. Except as described in this paragraph, all other processing (including access) to your HAT Data and File Storage System Data is controlled by you.
Please note that as a general rule, Datawift does not have access to your personal data within your developers portal or PDA. However, during routine, required or requested maintenance or technical support, Dataswyft may have access to that data at that particular time. Datswift will not use or process any data visible under the purpose of maintenance or technical support and will make you aware of all times this purpose is being performed.
(a) Account Data and Metadata – we may disclose any of these types of data internally within our business (e.g. to our teams in customer services, legal, finance, marketing and sales) for any of the purposes described in section 3 above. We may also disclose this data to third parties:
(b) PDA Data and File Storage System Data – if you instruct us to do so, we will facilitate the sharing of your PDA Data and File Storage System Data to a third party. This may happen, for example, in connection with a data debit that you authorise or in relation to data exported via an application(s). We will not disclose your PDA Data or File Storage System without your prior permission (unless we are required to comply with law or respond to compulsory legal process such as a search warrant or court order, in which case we will use reasonable efforts to give you notice before making any disclosure unless we are prohibited from doing so by law). We will stop any disclosures if you withdraw your permission. If your PDA is administered by a Dataswyft partner, they will have access to your personal data to register your PDA but will not have access to your PDA Data or File Storage System Data.
Dataswyft's legal basis to process your personal data will depend on the purpose for which that data is being processed. In general, we justify the processing of data, including personal data on one or more of the following bases:
(a) your permission – we will process your personal data if you have given us your permission, for example to carry out a data debit or use a data plug, or to allow us to send you emails about our products and services. You may withdraw your permission at any time by contacting us (see below). If you withdraw your permission it will not affect the lawfulness of any processing that has already taken place based on your permission prior to its withdrawal
(b) contract – the processing is necessary for the performance of the PDA Owner Agreement between you and Dataswyft under which you obtained a PDA and received Services. This legal basis applies, for example, to processing necessary to set up, operate and administer your PDA, provide maintenance and support, identify and authenticate you, and monitor your compliance with your contractual obligations and applicable policies
(c) legitimate interests – the processing is necessary for Dataswyft's or a third party’s legitimate interests as long as these interests are not overridden by your privacy rights. This legal basis applies, for example, to processing necessary to better understand our PDA Owners (including profiling and behavioural analytics), and to carry out marketing and communicate with our PDA Owners about our products and services. You can ask us to stop contacting you for marketing purposes or to stop analysing your data for profiling purposes at any time.
(d) compliance with law – the processing is necessary to comply with our legal obligations or legal process (e.g. in connection with law enforcement, or fraud and crime prevention, or where we are required to disclose data under a court order).
Your use of our Services and your PDA may involve the transfer, storage and processing of your PDA Data, your Account Data and Metadata to countries outside the country of your residence. We will comply with applicable law when transferring your personal data. In particular, we will take appropriate measures to ensure any data that is transferred remains protected. Such measures may include the use of Standard Contractual Clauses approved by the European Commission to protect the transfer of personal data to countries outside the EEA (or equivalent measures approved in other jurisdictions, as relevant).
We retain Account Data and Metadata only for as long as necessary for the purpose for which that data was collected and in accordance with applicable law. We will destroy or erase this data from our systems when it is no longer required. As a general rule, we retain this data:
With regard to PDA Data and File Storage System Data, you decide how long to retain such data since you are in control of its deletion. You are free to delete your PDA Data and your File Storage System Data at any time by deleting your PDA. You do this by contacting us by email and requesting us to delete your PDA (see contact details below). If you delete your PDA you will be deleting all of your PDA Data and File Storage System Data and there will be no way of reversing such deletion if you change your mind. We recommend you download your PDA Data and File Storage System Data before you delete your PDA. If we are required by law, we may retain certain information even if you delete your PDA. We will notify you if this is the case (unless we are prevented from doing so by law). We may also retain PDA Data and File Storage System Data following deletion of your PDA in our back up system files for a short period until the files are deleted.
We take protection of your PDA Data very seriously and have put in place appropriate physical, administrative and technical security measures to safeguard all the information we collect in connection with the provision of PDAs and Services. We continually review all such measures and update them when appropriate. Dataswyft deploys multiple layers of protection to protect personal data stored in the HAT Microserver, whether at rest, in transit or in use.
We know how important it is to protect and manage your personal data. This section sets out some of the measures we have in place.
Whilst we take appropriate technical and organisational measures to safeguard your personal data, it is important that you keep your login details and devices protected from unauthorised access.
Please be aware that although we take reasonable steps to protect your information, no website, Internet data transmission, computer system, or wireless connection is completely secure. As a result, while we strive to protect your personal information, Dataswyft cannot ensure or warrant the security of any information you transmit via the Internet. By transmitting any such information to Dataswyft, you accept that you do so at your own risk.
You have certain rights in relation to Account Data and Metadata that we process about you. These rights are:
(i) The information is no longer necessary for the purpose which we originally used it for
(ii) we asked you for permission to use your personal information and you have changed your mind
(iii) we told you we were using your personal information for 'legitimate interests' and there is not a good reason to keep your personal information
(iv) you want us to stop sending you direct marketing information
(v) you believe we have used your personal information unlawfully
(vi) you believe that we have a legal obligation to stop holding your personal data
The right to erasure doesn't apply to all information, such as information that we are legally obliged to hold, information that we need to keep for our official duties or information relating to legal claims.
We may also refuse to delete information if there is no clear reason to do so or if it would be an excessive task.
If you would like to exercise any of your data subject rights in relation to Account Data and Metadata, please contact us (see s contact details).
With regard to PDA Data and File Storage System Data, you are the controller of this data, therefore you are able to satisfy all of the above rights yourself. If you are unable to do so then you can contact us and we will try to help you. Please refer to section 7 (above) for an explanation of how you can delete your PDA Data and File Storage .
You must be at least 18 years old to use a PDA or Services. We do not knowingly issue PDAs to children.
Dataswyft bears no responsibility for the policies of third parties on the collection and use of your PDA Data. When your PDA Data is shared with third parties in accordance with this Privacy Policy, the collection and use of such PDA Data by third parties will be subject to their privacy policies as well as laws applicable to them.
Sometimes things go wrong and you may feel unhappy about something we’ve done (or failed to do). You have the right to complain to the UK Information Commissioner’s office (or other appropriate data protection supervisory authority) if you think we have not complied with our data protection obligations – but before you do raise a complaint we’d very much like the opportunity to address your concerns or fix anything that we may have got wrong – so please contact us (details below) and give us a chance to make things right.
If you would like to exercise any of your data subject rights or contact us for any other purpose, you can do so in one of the following ways:
This Privacy Policy is subject to change and may be updated on a regular basis. It is important that you check back often for updates to this Privacy Policy. If we update the Privacy Policy, we will let you know in advance about changes we consider to be material by placing a notice on relevant Services or by emailing you, where appropriate. The most current version of this Privacy Policy will be available on our website. You can check the "effective date" posted at the top to see when the Privacy Policy was last updated. If you continue to use your PDA and/or our Services following the upload of a new version of this Privacy Policy on Dataswyft's website, it means that you accept the changes.
If you link our website to any third party websites, we do not have control over the privacy notices on these websites and so we encourage you to carefully read them before sharing any personal information. We have no control over information shared with these sites and cannot be responsible for the privacy policies or practices of these sites.
Where we provide links to websites of other organisations, this privacy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices on the other websites you visit.
Dataswyft terms and Conditions can be located via the following Dataswyft Legal
We use a cookies tool on our website to gain consent for the optional cookies we use.
Cookies that are necessary for functionality, security and accessibility are set and are not deleted by the tool.
We may use geolocation data such as IP address or geographical location from your computer or mobile device. We do this to ensure we are able to provide the best service e.g. we may optimise the performance of our service to you based on your location, as well as to attribute costs of service that may differ based on the regions PDAs operate in. Our use of geolocation data is made clear within our Cookies Policy [Dataswyft Legal] which will provide you with information regarding the types of location data used, what we are using the data for and how long we will keep it. Dataswyft takes Data protection seriously and can confirm that no geolocation data will be shared with third parties. Your geolocation data will be solely used for improving our service and for Dataswyft internal functions only. We will use all best endeavours to ensure all data will be anonymised.
You can read more about how we use cookies, and how to change your cookies preferences, on our Cookies Policy.
Dataswyft Developers Portal And Platform (Dataswyft One)
If you are a developer, our personal data management platform, Dataswyft One, allows you to offer Personal Data Accounts (PDAs) from your own app or website.
PDAs give your app identity authentication, file storage, per-user databases, and serverless AI functions via API.
We provide developers with infrastructure APIs (compute, storage, database) for integrating with PDAs to easily build apps that are compliant with data protection and privacy laws like GDPR and CCPA.
This enables developers to securely and legally transact on sensitive customer data by directly licensing the data from PDA owners.
To integrate with our infrastructure, you would need to use Dataswyft’s developers portal, including the SDKs, tutorials and documentation as well as calling on APIs to issue PDAs, store, access and process data.
PDAs within Dataswyft developers portal are test PDAs subject to a separate set of terms and conditions [Developers Portals End User Licence Agreement - Dataswyft Legal ]. Dataswyft Developers Portal provides the User with a development and testing environment including test PDA subjects. The User agrees to use the Dataswyft Developers Portal as a development and testing environment only. Dataswyft reserves the right to monitor User activity and remove the User and all User applications from the Developer Portal if the User is in breach of this obligation.