1. Definitions and Interpretation

Personal Data – any information relating to an identifiable individual or identifiable natural person. This includes but is not limited to names, contact information, professional credentials, and other data provided directly or indirectly.

Non-Personal Data – data that does not directly identify an individual, such as aggregated usage statistics.

Data Controller – Mathesis, which determines the purposes and means of processing Personal Data.

Services – all software, analytics tools, platforms, and other solutions provided by Mathesis, including dashboards and APIs used by financial institutions to evaluate credit risk.

2. Scope of This Privacy Policy

This Privacy Policy explains how Mathesis collects, processes, stores, shares, and protects information in connection with:

• use of our analytics platform
• integration of client-provided data
• interactions with our sales, support, and onboarding teams

3. Information We Collect

We may collect the following categories of information:

a. Information You Provide Directly

• Name and contact details (email, phone)
• Company information and business role
• Credentials, profile and authentication data
• Correspondence and communications with us
• Contractual and billing information

b. Information Collected Automatically

• Log data such as IP address, device type, browser type, operating system
• Usage data related to how the Services are accessed and used
• API interaction logs

c. Information from Third Parties

We may receive information from:

• Clients, partners, or vendors
• Public or licensed data sources used to enhance credit risk modeling

4. How We Use Information

We use collected information for purposes including:

• Providing, operating, and maintaining the Services
• Processing analytics and generating risk insights
• Customizing and improving our tools
• Communicating with Users for support, updates, and notifications
• Research, reporting and internal analysis
• Enforcing terms, detecting fraud or misuse

We do not use Personal Data beyond what is necessary for the legitimate operation of our Services.

5. Data Sharing and Third Parties

We may share information with:

a. Service Providers

Trusted third parties that help with:

• Hosting, data processing, and security
• Communication and analytics services

These providers are contractually obligated to protect your information and only process it for the purposes we specify.

b. Legal and Regulatory Authorities

We may disclose information:

• To comply with legal obligations
• To respond to lawful requests by public authorities
• To protect the rights, property, or safety of Mathesis or others

c. Business Transfers

In the event of a corporate transaction such as merger, acquisition, reorganisation, or sale, user data may be transferred to the acquiring entity, subject to this Privacy Policy.

We do not sell Personal Data to third parties for marketing purposes.

6. Data Security

We implement administrative, technical, and physical safeguards to protect information from unauthorized access, loss, misuse, alteration, and destruction.

Measures include:

• Encryption
• Secure access controls
• Regular security audits
• Restricted access on a need-to-know basis

While we strive to protect your data, no system can be completely secure. Transmission of information is at your own risk.

7. Cookies and Tracking Technologies

Our websites and interfaces may use cookies and similar technologies to:

• Enable platform functionality
• Understand user interaction
• Improve user experience

You can control cookie preferences through your browser settings. If cookies are disabled, parts of the Services may not function fully.

8. Data Retention

We retain Personal Data only as long as necessary to fulfill the purposes outlined in this policy, or as required by law. We may retain aggregated or anonymized data after termination of accounts for analytics and business purposes.

9. Transfer of Data Outside Jurisdiction

Data collected may be stored and processed in jurisdictions other than your own, including where our servers or service providers are located. Where required by law, appropriate safeguards will be implemented to protect your privacy rights.

10. Your Rights and Choices

Depending on your jurisdiction, you may have rights including:

• Requesting access to or copies of your Personal Data
• Requesting correction of inaccurate data
• Requesting deletion of Personal Data
• Restricting or objecting to certain processing
• Requesting portability of data

To exercise these rights or inquire about your data, contact us as provided below.

11. Links to Third-Party Websites

Our Services may contain links to third-party sites. We are not responsible for their privacy practices. Review their policies before providing information.

12. Changes to This Privacy Policy

We may update this policy to reflect changes in business practices, legal requirements, or Service enhancements. Updated policies will be posted on our website with an updated effective date. Continued use of the Services constitutes acceptance of the updated policy.

13. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or your data, please contact:

14. Governing Law

This Privacy Policy is governed by applicable law, including data protection regulations relevant to your jurisdiction and the location of Mathesis.