Legal

Privacy Policy

Last Updated: 22 June 2026

Introduction

By using our Platform, you agree to the collection and use of your personal data as described in this Privacy Policy. If you do not agree with our practices, please do not use our Platform. Beyond the Privacy Policy, your use of our Platform is also subject to our Terms of Service.

In this Privacy Policy, the terms "Company", "we", "us", and "our" refer to Coin-Dash Ltd., and our relevant affiliates.

What Personal Data do we process?

For the purposes of this Privacy Policy, "Personal Data" is information that identifies an individual or may, with reasonable effort, identify an individual. Please note that we may also collect information that cannot be associated with a specific individual. However, if such information is combined with Personal Data, we will treat the combined information as Personal Data.

We collect information when you provide it to us, when you use our Website or Services, and when you integrate other sources to our Platform, as further described below.

A. Information You Provide to Us

Account Creation. When you create an account or otherwise use the Services, we collect information such as your name, email address, profile picture (if you sign in via Google or another OAuth provider), and authentication tokens. We may also collect or generate indirect identifiers (e.g., "USER12345").

User Content. We collect information that you provide in the input to our Services or create as output through our Services ("Content"), including your prompts and other content you upload or create, such as files, images, audio, video, webpages, boards, automations, mini-sites, workflows, chat transcripts, documents and any other content you create or upload to Brains, depending on the features you use.

Your Communications with Us. We collect information from you such as email address, phone number, or mailing address when you request information about our Services, register for our newsletter, request customer or technical support, or otherwise communicate with us. We also collect the contents of messages or attachments that you may send to us, as well as other information you choose to provide, and that may be associated with your communications.

Payment Information. When you purchase a subscription to the Services, you will need to provide payment information (e.g., financial account details, shipping information) to process your subscription. We use third-party payment providers to process payments on the Services (see below). We may receive information associated with your payment information, such as billing address and transaction information, but we do not directly store payment information on the Services. Payment information is stored and processed by our payment providers on our behalf.

B. Information Collected Automatically

When you use the Services, we also receive certain technical data automatically (described below, collectively "Technical Information"). This includes:

Device and Connection Information. Consistent with your device or browser permissions, your device or browser automatically sends us information about when and how you install, access, or use our Services. This includes information such as your device type, operating system information, browser information, mobile network, connection information, mobile operator or internet service provider (ISP), time zone setting, IP address (including information about the location of the device derived from your IP address), identifiers (including device or advertising identifiers, probabilistic identifiers, and other unique personal or online identifiers), and device location.

Usage Information. We collect information about your use of the Services, such as the dates and times of access, browsing history, search, information about the links you click and about third-party applications, services, and content you integrate or interact with, pages you view, and other information about how you use the Services, and technology on the devices you use to access the Services.

Log and Troubleshooting Information. We collect information about how our Services are performing when you use them. This information includes log files. If you or your device experiences an error, we may collect information about the error, the time the error occurred, the feature being used, the state of the application when the error occurred, and any communications or content provided at the time the error occurred.

Cookies & Similar Technologies. We and our service providers use cookies, scripts, or similar technologies ("Cookies") to manage the Services and to collect information about you and your use of the Services. These technologies help us to recognize you, customize or personalize your experience, market additional products or services to you, and analyze the use of our Services to make them safer and more useful to you.

C. Information from Other Sources

We may obtain information about you from other sources that you integrate to our Services, including through third-party services and organizations. For example, if you access our Platform or Services through a third-party application (e.g., Gmail, Google Calendar, Google Drive, GitHub, Monday, Telegram, and others), such as a social networking site or a third-party login service, we may collect information about you from that third party that you have made available via your privacy settings. When you connect an integration, we ingest the content you authorize so it can be searched, queried, and acted upon by you and your agents. Each integration is scoped to the minimum permissions needed and uses OAuth — we never see or store your password.

Specifically, when you connect Google services we access only the following, and only after you grant consent on Google's OAuth screen:

  • Gmail — message metadata (sender, recipients, subject, date, labels), message bodies, and attachments for messages you have authorized us to read. Used to make your inbox searchable inside brains and to draft / send replies on your behalf when you explicitly ask.
  • Google Calendar — event title, description, location, start/end time, attendees, and RSVP status for calendars you have authorized. Used to surface your agenda inside brains and, on your explicit confirmation, create or update events.
  • Google Drive — file metadata (name, type, owner, modified time) and file contents (Docs, Sheets, Slides, PDFs, images) for files you have authorized. Used to make your documents searchable and to create new files on your explicit confirmation.
  • Google Account profile — your name, email address, and profile picture, for sign-in and display inside brains.

You can disconnect any Google integration at any time from your brains settings, which revokes our access token. You can also revoke access directly from your Google Account permissions page.

YOU ARE UNDER NO LEGAL OBLIGATION TO AGREE TO THE COLLECTION OF SUCH PERSONAL DATA OR TO DELIVER THE PERSONAL DATA TO US AND THE DELIVERY OF THE PERSONAL DATA IS DONE WITH YOUR OWN FREE WILL AND CONSENT. HOWEVER, YOU AGREE THAT WITHOUT THE COLLECTION OR DELIVERY OF THE PERSONAL DATA WE MAY NOT BE ABLE TO OFFER YOU OUR PLATFORM NOR THAT YOU WILL BE ABLE TO USE ALL OF THE FUNCTIONALITIES, PLATFORM OR CONTENT OFFERED BY THE WEBSITE.

What are the purposes of processing?

We may use and share the Personal Data we collect for the following purposes:

  • Providing you with our Services.
  • Communicating with you regarding your use of our Services or in response to your inquiry, registration and all other forms of communication with us.
  • Security and access control purposes. This may include prevention or detection of fraud or financial crimes.
  • Managing and enforcing our rights, and any contracts with our customers, including managing any circumstances where transactions are disputed; manage, investigate, and resolve complaints.
  • Compliance with laws, directives and recommendations from authorities and internal regulations.
  • Internal research and development and improvement of our Platform.

Legal bases

We process Personal Data based on the basis of one or more of the following legal grounds:

  • Your consent, where required for specific processing activities;
  • The necessity to perform a contract with you, including processing related to the provision of our Services;
  • Compliance with our legal obligations; and
  • Our legitimate interests, including for internal research and development, the improvement of our Services, and the establishment, exercise, or defense of legal claims.

With whom do we share Personal Data?

We do not rent or sell any Personal Data. We may share Personal Data with the following categories of recipients:

  • Our affiliate companies, in order to provide you with our Services.
  • Trusted vendors and service providers — We may share your Personal Data, as is reasonably necessary, with our service providers, including vendors and suppliers that provide development services, technology, and support for the operation, maintenance, and analysis of our Services, as well as trusted vendors providing services such as fraud detection and prevention, data storage and analytics, and payment services, who are bound by confidentiality obligations. We will only share Personal Data to the extent necessary with such service providers.

We may share information, including Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale of an asset or transfer in the operation thereof) of the Company. In the event of the above, the acquiring company or transferee will assume the rights and obligations as described in this Privacy Policy.

We may also disclose Personal Data, or any information you submitted via our Platform if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies (including our agreements), including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, our affiliates, our users, yourself or any third-party; (vi) for the purpose of collaborating with law enforcement agencies; and (vii) in case we find it necessary in order to enforce intellectual property or other legal rights.

We note that all voluntary sharing or Personal Data as described above is only done in accordance with an applicable contractual engagement, which imposes the required obligations and undertakings related to Personal Data protection.

International transfers of Personal Data

Since we operate globally, it may be necessary to transfer data, including Personal Data, to jurisdictions other than your own. In these instances, we will ensure that the transfer aligns with the applicable data protection requirements.

How long do we retain your Personal Data?

We retain Personal Data for as long as needed to provide you with our Services and to comply with our legal obligations, resolve disputes and enforce our agreements (unless we are instructed otherwise). Retention periods will be determined to take into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we may keep records containing users' Personal Data, compliance related data, communications and anything else as required by applicable laws and regulations.

We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion.

How do we protect your data?

We have implemented administrative, technical, and physical safeguards to help prevent unauthorized access, use, or disclosure of your Personal Data. While we seek to protect your information to ensure that it is kept confidential, we cannot guarantee the security of any information. You should be aware that there is always some risk involved in transmitting information over the internet and that there is also some risk that others could find a way to thwart our security systems. Such breaches can lead to things such as reputational harm, fraud or identity theft. Therefore, we encourage you to exercise discretion regarding the Personal Data you choose to disclose. If you feel that your privacy was treated not in accordance with our Privacy Policy, or if any person attempted to abuse the Platform or acted in an inappropriate manner, please contact us directly via our contact details available below.

What are your rights with respect to your Personal Data?

Depending on the jurisdiction in which you reside, you may have certain rights under relevant applicable laws regarding the collection and processing of your Personal Data. To the extent these rights apply and concern you, you can contact us via the contact details available below and ask us to exercise the following rights:

  • Rights of access to your Personal Data: You have the right to receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with supplementary information.
  • Right of data portability: You have the right to request us to move, copy and transfer your Personal Data easily from one IT environment to another, in a safe and secure way, without affecting its usability.
  • Right of rectification: You have the right to request rectification of your Personal Data in our control in the event that you believe the Personal Data held by the Company is inaccurate, incomplete or outdated.
  • Right of deletion/erasure: You have the right to request that the Company erases or deletes Personal Data held about you at any time.
  • Right to restriction or objection to processing: You have the right to request that the Company restricts or ceases conducting certain Personal Data processes at any time.
  • Right to withdraw your consent: To the extent we process Personal Data on the basis of your consent, you have the right to withdraw your given consent at any time.
  • Right to limit use and disclosure of your sensitive Personal Data: You have the right to request to limit the collection of your sensitive Personal Data, to that use which is necessary to perform our Services.
  • Right not to be subject to automated decision making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly effects to you.
  • Right to opt-out of the sale or share of Personal Data: In the event that we sell or share your Personal Data for behavioral advertising purposes, you have the right to submit a request to opt-out of the sale or share of your Personal Data. After you opt-out, we may continue disclosing some Personal Data to our partners to help us perform business-related functions such as, but not limited to, providing the Services, ensuring that the Services are working correctly and securely, providing aggregate statistics and analytics and preventing fraud.
  • Right to non-discrimination: You have the right to be free from any discrimination for exercising your rights, such as offering you different pricing or products, or by providing you with a different level or quality of services, based solely upon your request.

If you wish to exercise any of the above-mentioned rights or raise any concern, please contact us at legal@mybrains.ai or use the postal addresses mentioned at the bottom of this Privacy Policy. We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

If you are located in the EEA or the United Kingdom, you also have the right to lodge a complaint with the competent data protection supervisory authority in your country. You can find a list of authorities in the EEA here: edpb.europa.eu/about-edpb/board/members_en. You can reach the UK supervisory authority here: ico.org.uk/global/contact-us.

Please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements.

Minors

We do not knowingly collect or solicit Personal Data from anyone under the age of consent (as determined under the applicable laws where the individual resides; "Age of Consent"). By accessing, using or interacting with our Platform, you certify to us that you are not under the Age of Consent. In the event we learn that we have collected Personal Data from an individual under the Age of Consent without verification of parental consent, we will delete that information upon discovery. If you believe that we might have any information from or about an individual under the Age of Consent, then please contact us through the contact details available below.

Updates to this Privacy Policy

We may revise this Privacy Policy from time to time, in our sole discretion, and the most current version will always be posted on our Platform (as reflected in the "Last Updated" heading). We encourage you to review this Privacy Policy regularly for any changes.

Contact information

If you have any further questions, please contact us by email at legal@mybrains.ai.