DemyCorp
Back to home

Privacy Policy

Effective date: 31 December 2025

This Privacy Policy explains how Demy collects, uses, and safeguards personal and customer data in line with GDPR, the UK Data Protection Act, and US data protection laws such as the CCPA. The practices described here are modelled on the data handling principles adopted by modern analytics platforms such as hex.com.

  1. Information We Collect
    We collect account information you provide (name, email, company details), authentication metadata, and usage data to improve the Service. Customer data you upload (files, datasets, prompts) remains under your control. We act as a data processor for that content.
  2. Use of Information
    We process personal data to provision accounts, deliver features, secure the platform, provide support, and comply with legal obligations. We do not use customer data to train third-party models or sell it to advertisers.
  3. Legal Bases for Processing
    For EU/UK users we rely on contractual necessity to provide the Service, legitimate interest for product improvements, and consent for optional communications. For US users we process data as permitted under the CCPA and other applicable state laws.
  4. Data Sharing
    We use sub-processors (cloud hosting, email, support tooling) under written data processing agreements. Each sub-processor is vetted for security and privacy controls. We may disclose data if required by law or to protect our rights, property, or users.
  5. International Transfers
    Data may be stored in the United States or the European Union. When transferring data internationally we implement appropriate safeguards such as Standard Contractual Clauses or UK International Data Transfer Addendums.
  6. Security
    We apply administrative, technical, and organisational measures to protect data including encryption in transit, access controls, audit logging, and regular risk reviews. Customers are responsible for managing user access to the platform.
  7. Data Retention
    We retain personal data for the duration of the contract and delete or anonymise it when it is no longer needed or upon request, subject to lawful retention requirements. Customer data can be deleted by workspace admins at any time.
  8. Your Rights
    Depending on your jurisdiction you may have the right to access, rectify, port, erase, or restrict processing of your personal data. EU/UK residents can contact our Data Protection Officer at privacy@demycorp.com. US residents can exercise CCPA rights at the same email address. We aim to respond within thirty (30) days.
  9. Children
    The Service is not directed to children under thirteen (13) and we do not knowingly collect their personal information. If you believe we have such data, please contact us and we will delete it promptly.
  10. Changes to this Policy
    We may update this Policy to reflect legal, technical, or business developments. When we update the Policy we will revise the effective date and notify you through the Service or by email where appropriate.
  11. Contact
    For privacy inquiries contact hello@demycorp.com or write to Demy Corp, 6 Giles Avenue Daganhem London RM10 9TB.
Looking for our Terms & Conditions? Read them here.