Privacy Policy | Dissei Data

Draft for review. This is a starting template tailored to this site's data flows. It is not legal advice. Before relying on it, have it reviewed by qualified counsel and fill the remaining placeholder below — your registered business address.

1Who we are

This website, data.dissei.ai ("the Site"), is operated by Dissei, Inc. ("Dissei", "we", "us"), a company incorporated in the United States. We are the data controller for the personal data described in this policy, including under the EU/UK GDPR for visitors in the EEA and the UK.

Legal entity: Dissei, Inc. (incorporated in the United States)
Registered address: [your registered business address]
Privacy contact: privacy@dissei.credit

2What we collect, why, and our legal basis

We keep data collection to a minimum. We process the following:

Contact form (name, email, message)

When you submit the contact form, we collect the name, email address, and message you provide, plus technical metadata of the request (approximate location, network/ISP, and IP address supplied by our infrastructure). We use this to respond to and handle your enquiry. Legal basis: our legitimate interest in responding to enquiries (Art. 6(1)(f)) and, where your enquiry concerns a possible engagement, steps taken at your request prior to entering a contract (Art. 6(1)(b)).

Server logs & security

Our hosting and network providers process request data (IP address, user-agent, timestamps, pages requested) to deliver the Site, ensure availability, and prevent abuse and fraud. Legal basis: legitimate interest in the security and operation of the Site (Art. 6(1)(f)).

Aggregate analytics

We use Cloudflare Web Analytics, which is privacy-first and cookieless. It measures aggregate traffic (page views, referrers, country, device/browser, performance metrics) without setting cookies, without cross-site tracking, and without building a profile of you. Legal basis: legitimate interest in understanding and improving the Site (Art. 6(1)(f)).

B2B visitor identification

We use Clay to identify the organisation (company) associated with a visit, based on the visiting network's IP address, so that we can understand which businesses are interested in our services. This tool sets a first-party cookie and runs on all visits to this site. Legal basis: our legitimate interest in business-to-business outreach (Art. 6(1)(f)). We do not use it to identify you as an individual.

3Cookies and similar technologies

Strictly necessary: none beyond what is technically required to serve the Site.
Analytics: Cloudflare Web Analytics is cookieless — no consent required.
Marketing / visitor identification: a first-party cookie set by Clay to recognise returning visitors for company-level identification. It is set on all visits to this site.

You can clear or block these cookies at any time through your browser settings, and you may object to this processing by contacting us (see "Your rights" below).

4Who we share data with (processors)

We do not sell your personal data. We share it only with service providers ("processors") who act on our instructions under data-processing agreements:

Vercel Inc. — website hosting and content delivery (United States).
Cloudflare, Inc. — content delivery, edge functions, form-submission storage, and cookieless analytics (United States / global).
Clay (Clay Labs, Inc.) — B2B visitor identification (United States).
Resend and Amazon Web Services (Amazon SES, eu-west-1) — transactional email delivery (European Union, Ireland).
Google (Google Workspace) — receipt and handling of email sent to us (United States / global).

We may also disclose data where required by law or to protect our legal rights.

5International transfers

Some providers above are located outside the EU/EEA (notably the United States). Where personal data is transferred outside the EU/EEA, we rely on appropriate safeguards — the European Commission's Standard Contractual Clauses and/or the provider's certification under the EU–US Data Privacy Framework. A copy of the relevant safeguards is available on request.

6How long we keep it

Contact-form submissions: retained for up to 24 months after our last contact with you, then deleted.
Server logs: retained for a short period (typically up to 30 days) for security and abuse prevention.
Aggregate analytics: retained only in aggregate, non-identifying form.
Visitor-identification data: retained according to our Clay account retention settings.

7Your rights

Depending on where you live, you may have some or all of the following rights (for example, under the EU/UK GDPR):

access the personal data we hold about you;
have inaccurate data corrected (rectification);
have your data erased ("right to be forgotten");
restrict or object to our processing;
data portability;
withdraw consent at any time, where processing is based on consent.

To exercise any of these, email privacy@dissei.credit. EEA/UK visitors may also lodge a complaint with their local data protection authority. California residents have rights under the CCPA/CPRA — to know, access, delete, and correct their personal information, and to opt out of its "sale" or "sharing"; we do not sell your personal information. To exercise CCPA/CPRA rights, email the same address.

8How we protect your data

We use providers that encrypt data in transit (HTTPS/TLS) and apply access controls and security headers. No method of transmission or storage is completely secure, but we take reasonable measures appropriate to the sensitivity of the data.

9Children

The Site is a business service not directed to children, and we do not knowingly collect data from anyone under 16.

10Changes to this policy

We may update this policy from time to time. The "Last updated" date above reflects the latest version; material changes will be highlighted on this page.

11Contact

Questions about this policy or your data? Email privacy@dissei.credit or write to us at the registered address above.