1. Introduction
This Privacy Policy explains how Micalytics (“we”, “us”, “our”) collects, uses, and protects your personal data when you use our website, platform, and services related to MiCA white-paper generation and iXBRL validation.
We are committed to complying with the UK GDPR, EU GDPR, and applicable data-protection laws. By using Micalytics, you agree to the practices described here.
2. Data Controller
The data controller responsible for your personal data is:
Micalytics
United Kingdom
Email: info@micalytics.com
If you are located in the EU, an EU representative may be appointed if required by law.
3. What Personal Data We Collect
A. Data You Provide Directly
- Name
- Email address
- Organisation name
- Role / title
- Details submitted in forms (Expression of Interest, demo requests, support requests)
- Text you enter into the platform (draft white paper content, descriptions, notes, uploaded copy, etc.)
B. Product Usage Data
- Interactions with the platform
- iXBRL validation logs
- Timestamp of actions
- Internal analytics (non-identifying)
C. Technical Data
- IP address
- Browser type
- Device information
- Cookies (see Section 10)
D. Payment Data (If Enabled Later)
If Stripe or another processor is used, payment information is processed only by the processor — not by Micalytics.
4. How We Use Your Data
We process personal data for these purposes:
A. To deliver and operate the platform
- Generating MiCA white papers
- Running iXBRL validation
- Managing accounts and settings
- Providing customer support
B. To improve the platform
- Debugging, performance analytics
- Enhancing templates, validation rules, and accuracy
- Monitoring errors
C. To communicate with you
- Responding to enquiries
- Product updates
- Service notifications
D. To comply with legal obligations
- Fraud detection
- Regulatory compliance
- Requests from authorities (where legally required)
We do not use your data for advertising.
5. Lawful Bases for Processing
Under the GDPR, we rely on:
- Performance of a contract (providing the service)
- Legitimate interests (platform security, improvement, analytics)
- Consent (newsletter, cookies, demo form, optional features)
- Legal obligation (accounting, compliance)
6. How We Handle White Paper & iXBRL Content
The text and data you submit to generate MiCA documents may contain personal or organisational information. We process it solely to:
- generate white papers,
- validate iXBRL, and
- improve accuracy and reliability internally.
We do not use customer content to train public AI models, sell data, or share drafts with third parties.
If you choose, you may request:
- deletion of your data
- export of your data
- no retention of drafts (zero-retention mode — optional)
7. Data Storage & Retention
Retention periods
- Account details: retained while your account is active
- White papers / drafts: stored only as long as needed to provide the service
- Logs & analytics: up to 12 months
- Email enquiries: up to 24 months
- Legal/financial data: as required by law (typically 6–7 years)
You may request deletion at any time (Section 9).
8. Sharing of Personal Data
A. Service Providers (Processors)
- Cloud hosting (GCP, AWS, or equivalent)
- Email delivery (Resend, Postmark, SES)
- Analytics (privacy-preserving services only)
All processors operate under GDPR-compliant agreements.
B. Legal or Regulatory Authorities
Only where legally required (e.g., court order or legal obligation). We never sell personal data.
9. Your Rights (GDPR)
You have the right to:
- Access your data
- Correct inaccurate data
- Request deletion (“right to be forgotten”)
- Data portability
- Restrict processing
- Object to processing
- Withdraw consent at any time
To exercise any right, email info@micalytics.com. You also have the right to lodge a complaint with your supervisory authority.
10. Cookies
We use only essential and minimal analytics cookies.
Types:
- Essential cookies — required for site functionality
- Analytics cookies — privacy-preserving, anonymised
- No tracking, advertising, or cross-site identifiers
If you add a cookie banner later, this policy is compatible.
11. Security Measures
We implement:
- Encryption in transit (HTTPS/TLS)
- Hardened cloud infrastructure
- Access controls and role-based permissions
- Regular audits and logging
- No unnecessary data retention
- Segregation of customer data
Despite these measures, no system can be guaranteed 100% secure.
12. International Transfers
Data may be processed in:
- the United Kingdom
- the European Union
- the EEA
- other jurisdictions used by GDPR-compliant processors
Where data leaves the EEA, we rely on:
- adequacy decisions
- Standard Contractual Clauses (SCCs)
- equivalent safeguards
13. Children
Micalytics is not intended for individuals under 16. We do not knowingly collect children’s data.
14. Changes to the Policy
We may update this policy periodically. The latest version will always be available on this page.
For privacy questions or requests:
📧 info@micalytics.com