Effective date: 29 August 2025
Silver Pulse — Privacy Policy
This Privacy Policy explains how and why personal data is collected, used and disclosed by Shellmond LTD in connection with the Silver Pulse website (the "Site"). It applies to visitors and users of the Site.

1. Controller details
Controller: Shellmond LTD.

Registered address: 25 Martiou, 27, D. Michael Tower, Office 105A, Egkomi, 2408, Nicosia, Cyprus.
Company registration number: HE 432318.

VAT ID: 10432318C.

Contact for privacy and DSARs: silverpulse@brayn.app.

2. Data we collect
We collect and process the following categories of personal data:
  • Identity and contact data: name, email address, phone number (optional).
  • Profile data: country of residence, age or year of birth (where provided).
  • Technical data: IP address, browser and device information, operating system, pages visited, referrer, timestamps and aggregated analytics.
  • Cookies and tracking data (see Cookie Policy).

3. Sources of data
We collect data you provide directly (form submissions, emails), data collected automatically during your use of the Site, and data received from third-party service providers where necessary.

4. Purposes of processing and legal bases (GDPR)
We process personal data for the following purposes and rely on the legal bases indicated:
  • Registration, account management and service delivery: Performance of a contract / pre-contractual measures.
  • Marketing communications (email): Consent — you may withdraw consent at any time.
  • Analytics and site improvement: Legitimate interests (to understand usage and improve the Site).
  • Fraud detection, security and legal compliance: Legitimate interests and legal obligations.

5. Retention periods (examples)
We retain personal data only as long as necessary for the purpose collected and to meet legal obligations. Typical retention periods:
  • Account and registration data: While account is active + 24 months of inactivity.
  • Marketing consents and preferences: Until consent is withdrawn.
  • Server logs and analytics: 6–24 months (aggregated where possible).
  • Records related to legal obligations: as required by law (e.g., tax laws).

6. Data sharing and international transfers
We may share personal data with:
  • Service providers and processors (hosting providers, email delivery, analytics, CDN).
  • Law enforcement, regulators or third parties when required by law or to protect rights.
  • Parties in connection with a corporate transaction (e.g., merger or sale).
International transfers: Data may be transferred to recipients outside the EEA (e.g., United States). Where transfers occur, we will use appropriate safeguards such as standard contractual clauses or rely on an adequacy decision.

7. Processors — examples
Examples of categories of processors we may use (placeholders; actual providers should be listed where known):
  • Hosting: e.g., cloud hosting providers (AWS, Google Cloud, etc.).
  • CDN: e.g., Cloudflare or similar.
  • Analytics: Google Analytics 4 (GA4) or similar.
  • Email delivery: SendGrid, Mailgun, or similar.
  • Payments: Stripe or similar (if payments offered).

8. Your rights
Depending on your jurisdiction you may have rights including:
  • Right of access to personal data we hold about you.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure (right to be forgotten) subject to legal limits.
  • Right to restrict processing.
  • Right to object to processing based on legitimate interests or direct marketing.
  • Right to data portability.
  • Right to withdraw consent at any time where processing is based on consent.
To exercise rights, contact us at the address above. For DSARs we may ask you to verify your identity. We will typically respond within 30 calendar days (may extend to 60 days for complex requests).

9. California privacy notice (CCPA / CPRA)
California residents have specific rights under the CCPA/CPRA:
  • Right to know categories of personal information collected and sold/shared;
  • Right to request deletion of personal information;
  • Right to opt-out of sale of personal information (we do not currently sell personal data, but if this changes, opt-out mechanisms will be provided).
To opt-out, California residents may use the web form: https://silverpulse.app/donotsell or email us with subject 'Do Not Sell My Personal Information' at the contact email.

10. Children
The Site is not intended for children under 13. We do not knowingly collect information from children under 13. If you believe we have inadvertently collected such data, contact us and we will take steps to delete it.

11. Automated decision-making and profiling
We do not use automated decision-making that produces legal or similarly significant effects. If we implement such processing in the future, we will provide information about the logic involved and the rights available to you.

12. Security measures
We implement administrative, technical and physical measures to protect personal data, including encryption in transit (TLS/SSL), access controls, logging, backups and vulnerability management. While we take reasonable steps to secure data, no internet transmission is completely secure.

13. Data breach notification
If a personal data breach occurs that is likely to result in a risk to the rights and freedoms of individuals, we will notify affected individuals and supervisory authorities as required by applicable law (e.g., within 72 hours to the relevant supervisory authority where required).
Contact: {contact_email}.

14. Record of processing activities (ROPA)
We maintain records of processing activities as required under applicable law and can provide details upon request where appropriate.

15. Supervisory authority and complaints
If you remain dissatisfied with our response you may lodge a complaint with the supervisory authority in your EU Member State or with the Cyprus Data Protection Commissioner: Cyprus Data Protection Commissioner, https://www.dataprotection.gov.cy.

16. Changes to this Privacy Policy
We may update this Privacy Policy. The Effective date reflects the last revision. We will post material changes on the Site and may notify users where required.

17. Contact information
Controller: Shellmond LTD.
Website: https://silverpulse.app.
Privacy & DSAR contact: silverpulse@brayn.app.