DeciMetrics
DeciMetrics
Home
LoginRequest Pilot

DeciMetrics Privacy Policy

Last Updated: September 8, 2025

This Privacy Policy describes how VERAVECTOR OÜ (registry code 17321530, established in Estonia) (“DeciMetrics”, “we”, “us”, or “our”) processes your personal data when you use the DeciMetrics platform and related services (“Services”).

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and applicable Estonian laws.

1. Information We Collect

  • Account Information: Name, email, password, company/organization (optional), and payment information (processed securely by third-party processors such as Stripe).

  • User Content: Decision models, contexts, criteria, alternatives, ratings, comparisons, justifications, uploaded files, prompts to AI features, and generated outputs.

  • Usage Data: IP address, device/browser type, operating system, timestamps, and interactions with features.

  • Cookies & Tracking: We use strictly necessary cookies for authentication, security, and preferences. With your consent, we may also use analytics cookies (e.g. Matomo/Google Analytics) to understand usage.

2. Legal Bases & Purposes of Processing

We process your personal data under the following legal bases (Art. 6 GDPR):

  • Contract: To provide and maintain your account, store User Content, and deliver Services.
  • Consent: For optional features such as analytics cookies or marketing communications.
  • Legitimate Interests: To improve functionality, ensure security, prevent fraud, and develop new features (balanced against your rights and freedoms).
  • Legal Obligation: To comply with applicable laws, tax, and accounting requirements.

3. How We Use Your Data

  • Service Delivery: Operate accounts, provide decision support features, and deliver customer support.
  • AI Assistance: Selected User Content may be transmitted securely to third-party AI providers (e.g., OpenAI) for generating suggestions. Your User Content is notused to train external AI models.
  • Service Improvement: Analyze anonymized/aggregated data to improve usability and performance.
  • Communication: Send important updates, responses to inquiries, and with consent, optional marketing.
  • Security & Compliance: Detect and prevent abuse, ensure system integrity, and comply with applicable laws.

4. Data Storage, Security & International Transfers

Storage: Data is primarily hosted on secure servers in the European Union.

Security: We implement encryption in transit and at rest, access controls, monitoring, and periodic reviews. While no system is 100% secure, we follow industry best practices.

Transfers: When data is processed outside the EU (e.g., by AI providers), we use safeguards such as Standard Contractual Clauses (SCCs) to maintain GDPR compliance.

5. Sharing of Data

  • Service Providers: Hosting (EU-based), payment processors, AI model access providers, analytics providers. All act under contract and confidentiality obligations.
  • Legal Requirements: Where disclosure is required by law or governmental request.
  • Business Transactions: In case of merger, acquisition, or restructuring, subject to safeguards.
  • Team Collaboration: If enabled, you may choose to share projects with other users.
  • Anonymized Data: Aggregated, de-identified data may be shared for research and reporting.

6. Your Responsibility for Input Data

You are responsible for the data you upload. For sensitive or confidential material, consider anonymization or abstraction, especially when using AI features.

7. Your Rights under GDPR

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion (“right to be forgotten”), subject to retention obligations
  • Restrict processing under certain conditions
  • Data portability in a structured, machine-readable format
  • Object to processing (including direct marketing)

To exercise your rights, contact us at privacy@decimetrics.com. You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate.

8. Data Retention

- Account data: kept for the lifetime of your account. - User Content: stored until you delete it or close your account. - Financial/transactional data: retained for up to 7 years (legal obligation). - Backups/logs: retained for a limited period (typically 90 days). - After account closure, personal data is deleted or anonymized within 90 days, unless legal obligations require longer storage.

9. Children’s Privacy

Our Services are not intended for individuals under 13 years old. We do not knowingly collect data from children. If we learn we have done so, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified by updating this page and, where appropriate, by email or in-app notice.

11. Contact Information

For privacy questions or exercising your rights, contact us at:

Email: privacy@decimetrics.com
Legal Entity: VERAVECTOR OÜ
Registry Code: 17321530
Address: Paadi tee 3-342, Haabneeme, Viimsi vald, Harjumaa, Estonia