Privacy Policy

Effective date: 1st January 2026

This Privacy Policy explains how TrueDigi, operated by Datacultr
Fintech Limited (“TrueDigi”, “we”, “us”, “our”), collects, uses, discloses, and
protects information when you:

  1. visit our website truedigi.ai (the “Site”);
  2. request a demo or contact us; and/or
  3. access and use our AI-powered engagement platform, including our software,
    SDKs, APIs, dashboards, and related services (the “Platform” / “Services”).

1) Roles: when we are a Controller vs. a Processor

A. Website visitors and business contacts: TrueDigi acts as a
data controller for personal data collected via the Site (e.g., demo requests,
contact forms, sales inquiries), and for limited business administration and
security purposes.

B. End-customer data processed for our enterprise clients: When
regulated lenders, banks, fintechs, telcos, or utilities (each a “Client”) use
TrueDigi to engage with their customers, TrueDigi typically processes personal
data on behalf of the Client as a processor/service provider, under the Client’s
instructions and under a Data Processing Agreement (DPA). In these cases, the Client
is the controller/data fiduciary responsible for providing notices to end-users and
handling most rights requests.

Important: If you are an end-customer of a
bank/lender/organization using TrueDigi and you want to exercise your privacy
rights, you should generally contact that organization first (see Section 10).

2) Information we collect

Depending on how you interact with us, we may collect the following categories:

A. Information you provide

  • Business contact details: name, work email, company, job
    title, phone number, country/city, and communications with us (e.g.,
    sales/support).
  • Account information (Platform users): login credentials and
    profile details for authorized users of Client accounts (e.g., administrators,
    agents).
  • Demo or inquiry details: information submitted via Site forms
    (e.g., use case, volume, requirements).

B. Information collected automatically

  • Device and usage data: IP address, browser type, device
    identifiers, pages viewed, timestamps, referring pages, and interactions with
    emails (open/click events where enabled).
  • Log files: standard server logs used for security,
    troubleshooting, and analytics.
  • Cookies / similar technologies: as described in Section 6.

C. Information we receive from others

  • Clients and partners: where you are a Platform user
    provisioned by a Client, or where partners refer business inquiries.

3) How we use personal data

Where TrueDigi acts as a controller (notably for the Site and business contacts),
we use personal data to:

  • operate and secure the Site and Services;
  • respond to inquiries and provide demos, proposals, and support;
  • manage our relationship with prospective/current clients (sales, contracting,
    billing administration);
  • analyze usage and improve the Site/Services;
  • comply with legal obligations and enforce our rights.

Marketing communications: where permitted by law, we may send
product/service updates. You can opt out at any time using the unsubscribe
mechanism or by contacting us.

4) How we process data for Clients

When we process personal data on behalf of a Client (processor/service provider
role), we process such data only:

  • to provide the Services and perform the agreement with the Client;
  • according to the Client’s documented instructions; and
  • as otherwise required by applicable law.

5) Legal bases

Depending on applicable law and context, we rely on one or more of the following:

  • Contract: to provide the Site/Services you request or
    administer Platform access.
  • Legitimate interests: e.g., securing and improving the
    Site/Services, preventing fraud, business communications (balanced against
    your rights).
  • Consent: e.g., where required for certain cookies/marketing
    in specific jurisdictions.
  • Legal obligation: compliance, lawful requests, and regulatory
    requirements.

6) Cookies and analytics

We use cookies and similar technologies for:

  • essential Site functionality and security;
  • preferences;
  • analytics and performance measurement; and
  • (where enabled) marketing measurement.

Our current stack may include analytics and crash/logging tools (e.g., Google
Analytics and Firebase or equivalent) to understand Site/app performance and
improve reliability. You can manage cookies via your browser settings, and (where
implemented) via our cookie banner/preferences tool.

7) Sharing and disclosures

We may share personal data with:

  • Service providers / subprocessors: hosting, security,
    analytics, communications, customer support tooling, and similar vendors
    acting under contract and confidentiality obligations
  • Our corporate group: for internal administration, security,
    and business operations
  • Clients: to provide the Services and support the Client’s
    instructions.
  • Legal and regulatory recipients: if required by law, to
    protect rights/safety, investigate fraud, or respond to lawful requests

We do not “sell” personal data in the ordinary commercial sense.

8) International data transfers

TrueDigi operates globally. Personal data may be processed in countries other than
where you live (including where we, our Clients, or our service providers operate).

Where required by applicable law, we implement appropriate safeguards for cross-border
transfers (e.g., contractual protections and security measures). In processor contexts,
transfer mechanisms may also be governed by the Client’s DPA and instructions.

9) Data retention

We retain personal data only as long as necessary for the purposes described in this
Policy, including:

  • duration of the business relationship and account access;
  • support, audit, and security needs; and
  • legal/regulatory retention and dispute resolution.

In processor contexts, retention and deletion are governed by the Client contract/DPA
and Client instructions, subject to law.

10) Your privacy rights

Depending on your jurisdiction, you may have rights such as:

  • access, correction, deletion;
  • withdrawal of consent (where processing is based on consent);
  • restriction, objection, portability (where applicable);
  • grievance/complaint rights with a supervisory authority.

End-customers of our Clients: If your data relates to a
bank/lender/organization using TrueDigi, your request will generally be handled by
that organization (the controller/data fiduciary). We may redirect your request
accordingly.

How to contact us for rights requests: Email:
privacy@truedigi.ai

Please include enough information for us to verify your identity and locate relevant
records. We may request additional information proportionate to the request.

11) Security

We maintain technical and organizational measures designed to protect personal data
against unauthorized access, loss, misuse, alteration, or disclosure. However, no
security system is perfect, and we cannot guarantee absolute security.

12) Children / minors

Our Site and Services are not intended for individuals under 18, and we do not
knowingly collect personal data from children. If you believe a child has provided
personal data, contact us and we will take appropriate steps.

13) Third-party sites and services

The Site or Services may link to third-party sites or include third-party features.
Their privacy practices are governed by their own policies, and we are not responsible
for third-party practices.

14) Changes to this Policy

We may update this Policy from time to time. We will post the updated version on
this page.

15) Contact us

For privacy questions or requests:
privacy@truedigi.ai

This Privacy Policy was last revised on 21st January 2026.