Privacy Policy

Last Updated: August 2023

This is the privacy policy of CADAICO GmbH ("CADAICO"). CADAICO is committed to demonstrating the highest level of integrity in dealing with our customers, token holders, contributors, participants and other business partners. When you access the presale platform (website) to participate in the CADAICO sale by making a payment to purchase CADAI token, CADAICO may collect, process and/or disclose data that identifies or makes you identifiable ("Personal Data") in accordance with this Privacy Policy ("Policy"). CADAICO will treat your Personal Data confidentially and in accordance with applicable data protection laws, in particular the EU General Data Protection Regulation ("GDPR").

The purpose of this Policy is to inform you what Personal Data is collected, stored, processed, used and/or disclosed by CADAICO, for what purposes and on what legal basis. CADAICO also informs you of your rights in relation to your personal data. CADAICO deletes your Personal Data when it is no longer required for the purposes stated in this Policy. CADAICO will also delete your Personal Data at your request and where further retention is neither required nor permitted by applicable law.

This policy was last updated on the effective date indicated above. This Policy may be amended or updated from time to time to reflect changes in our privacy practices with respect to the processing of Personal Data or changes in applicable law. CADAICO encourages you to read this policy carefully and to periodically visit this page to review any changes CADAICO may make.

1. Definitions

‘Controller’ means the entity that decides how and why Personal Data is Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.

‘Data Protection Authority’ means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws.

‘EEA’ means the European Economic Area.

‘Process’, ‘Processing’ or ‘Processed’ means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

‘Processor’ means any person or entity that Processes Personal Data on behalf of the Controller (other than employees of the Controller).

‘Services’ means any services provided by us.

‘Sensitive Personal Data’ means Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, or any other information that may be deemed to be sensitive under applicable law.

2. Name and contact details of the Controller

CADAICO GmbH
Rosmarinweg 19/2
73733 Esslingen
Baden-Wuerttemberg
Germany
Mail: info@cadai.co

3. ‍What personal data CADAICO processes

When you subscribe to the newsletter, sign-up & log-in to and/or use CADAICO products & services, CADAICO and it’s data processors may collect the following data.

Personal information: name, gender, date of birth/age, nationality;

- Contact details: address, email address, social media account details;

- Technical information about the device you use to order and communicate (mobile phone, tablet, notebook, personal computer, etc. (e.g. IP address).

CADAICO involves the following data processors in this process:
‍

Data processor MailChimp

To send newsletters and other information via mail, CADAICO uses "MailChimp", a service provided by The Rocket Science Group LLC, a company based in the State of Georgia in the United States. MailChimp stores your personal data in the USA, where the level of data protection is lower than in the EU/EEA.

For more information, please see MailChimp's privacy policy: https://mailchimp.com/legal/privacy/

Data processor Google

CADAICO uses Google Cloud, G Suite and Google Analytics, a service provided by Google Ireland Limited, a company incorporated under the laws of Ireland with offices at Gordon House, Barrow Street, Dublin 4, Ireland, to store your personal data. Google stores your personal data in the EU/EEA and the US, where the level of data protection is lower than in the EU/EEA.

For more information, please see Google's privacy policy: https://policies.google.com/privacy

Data processor SumSub

CADAICO uses SumSub for KYC and Identification purposes, a company located in London in the United Kingsdom. Sumsub adheres to the principles of personal data protection as envisaged in the EU GDPR and the UK GDPR.

For more information, CADAICO refers to SumSubs privacy policy: https://sumsub.com/privacy-notice-service/

Data processor Stripe

CADAICO uses Stripe for the processing of payments. For more information CADAICO refers to Stripes privacy policy:https://stripe.com/de/legal/privacy-center

Heroku & Vercel

CADAICO uses Heroku and Vercel for deploying and hosting backend respectively frontend functionality.

Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology.

For more information on Heroku we encourage visiting their privacy policy:
https://www.heroku.com/policy/security

‍Vercel provides a cloud platform for on-demand deployment, related hosting and sharing services and analytics tools ("Services").

For more information visit Vercels privacy policy: https://vercel.com/legal/privacy-policy

4. Your rights when CADIACO processes your Personal Data

You have the following rights, provided the legal requirements for such rights are met. You may exercise these rights at any time.

‍Right of access
‍You have the right at any time to request information on whether CADAICO is processing your personal data.Right of rectificationYou have the right to ask us to correct and/or complete your personal data if the personal data CADAICO processes about you is inaccurate or incomplete.

‍Right to erasure
‍You may request that your personal data be deleted if (i) the personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed; (ii) you revoke your consent to the processing and there is no other legal basis for the processing; (iii) your personal data has been processed unlawfully; (iv) the deletion of your personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which CADAICO is subject.

‍Right to restrict processing
‍You may request to restrict the processing of your personal data if (i) you deny the accuracy of the personal data for a period of time that enables us to verify the accuracy of the personal data; (ii) the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data; (iii) CADAICO no longer needs your personal data for the purposes of the processing, but you need it to establish, exercise or defend legal claims.

‍Right to data portability
‍You have the right to receive your personal data in a structured, commonly used and machine-readable format. You have the right to transfer your data to another controller. Where technically possible, you have the right to have your data transferred directly from us to another controller.

‍Right to restrict processing
‍You may request to restrict the processing of your personal data if (i) you deny the accuracy of the personal data for a period of time that enables us to verify the accuracy of the personal data; (ii) the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data; (iii) CADAICO no longer needs your personal data for the purposes of the processing, but you need it to establish, exercise or defend legal claims.

‍Right to object
‍You have the right to object to the processing of your personal data for certain processing purposes. If CADAICO processes your data on the basis of a legitimate interest (pursuant to Article 6(1)(f) of the GDPR), you have the right to object to this processing at any time for reasons relating to your particular situation. Such reasons exist in particular if they give special weight to your interests and therefore outweigh our interests, for example if CADAICO is not aware of these reasons and therefore could not take them into account in the context of the balancing of interests.If your personal data is processed for the purposes of direct marketing, you have the right to object at any time to the processing of your personal data for the purposes of such marketing, including the creation of profiles in connection with such direct marketing.

Right to complain to the supervisory authority
You have the right to contact the supervisory authority if you have any questions or complaints. The supervisory authority is the Baden-Wuerttemberg Data Protection and Freedom of Information Commissioner, see: https://www.baden-wuerttemberg.datenschutz.de/.

Please note that if you withdraw your consent to any or all of the uses or disclosures of your personal data, depending on the nature of your request, CADAICO may not be able to continue to provide you with our services or products or to manage any existing contractual relationship. Such withdrawal may also result in the termination of any agreement you may have with us. Our legal rights and remedies are expressly reserved in such event.