Privacy policy

Last updated 20th of June 2025

This is our Privacy Notice. In this document we explain what kind of

personal data we collect via the Digital Sidekick products and services (the

“Services”). Personal data means all information by which a person can be

directly or indirectly identified and is a term under the General Data

Protection Regulation (“GDPR”). We also explain what role we have in the

processing of personal data, how long we retain personal data and what

rights you have as a data subject.

This Privacy Policy for Digital Sidekick describes how and why we might

access, collect, store, use, and/or share (“process”) your personal

information when you use the Services,. including when you:

● Visit and use our website at http://www.digitalsidekick.ai, or any other

website of ours

● Download and use our mobile application (Digital Sidekick), or any

other application of ours (the “Applications”)

● Engage with us in other related ways, including any sales, marketing,

or events

Personal data means all information by which a person can be directly or

indirectly identified and is a term under the General Data Protection

Regulation (“GDPR”). We also explain what role we have in the processing

of personal data, how long we retain personal data and what rights you

have as a data subject.

The protection of personal data is important to us. The website and our

app is therefore operated in accordance with the applicable laws on data

protection and data security, in particular with the provisions of the GDPR.The following explains which data we collect, how it is used by us and

which rights you have against us with regard to the use of your data.

Reading this Privacy Policy will help you understand your privacy rights

and choices. We are responsible for making decisions about how your

personal information is processed. If you do not agree with our policies and

practices, please do not use our Services.

If you want to know more about this Privacy Policy or if you have questions,

concerns or recommendations, please contact us via:

● hello@digitalsidekick.ai

● Being Frank BV, Veilingstraat 125, 3521 BE Utrecht, The Netherlands

1. Types of Information

We collect personal information that you voluntarily provide to us when

you register for the Services, use the Services, express an interest in

obtaining information about us or the Services, when you participate in

activities related to the Services, or when you contact us otherwise.

The personal information that we collect depends on the context of your

interactions with us and the Services, the choices you make, and the

products and features you use. The personal information we collect may

include the following:

1. name

2. email address

3. username

4. password

5. name of company / team

6. contact or authentication data7. comments, reactions, reviews and other input in different formats

based on your input in the Application(s) or website.

If you use our Application(s), we automatically collect the following

information:

8. device information (such as your mobile device ID, model, and

manufacturer)

9. the operating system and your system configuration information

10. browser type and version

11. Internet Protocol (IP) address

12. phone network

13. information about the features of our Application(s) you accessed

We may generate information about you, for example based on

information you provided to us. This includes:

● partially AI generated reports based on questionnaires completed by

you

● partially AI generated reports based on questionnaires completed by

you and other members of your team

● partially AI generated reports based on questionnaires completed by

you and your peers, direct reports and manager

2. Purposes of information processing

We process your information for the following purposes:

1. to provide, improve, and administer our Services: we cannot provide

the Services without obtaining certain personal details as well as

input you provide2. to facilitate account creation and authentication and otherwise

manage user accounts. We may process your information so you can

create and log in to your account, as well as keep your account in

working order

3. to communicate with you: we need to know how to contact you

4. to request feedback: we may process your information when

necessary to request feedback and to contact you about your use of

our Services

5. for security and fraud prevention: to prevent unauthorized third

parties from accessing your data and secure against fraud

6. to comply with applicable laws

7. to maintain the security and operation of our application(s)

8. for troubleshooting

9. for our internal analytics, improvements and reporting purposes: We

process your personal data to better understand how our users use

our Services so we can improve our services to engage and retain

users. In addition, we use such information to customize, measure,

and improve the Services and the content and layout of our

Applications, and to develop new services

We only process your personal data for a specified purpose and based on a

legal ground, including when necessary for the execution of an agreement

with you, to comply with a legal obligation or to protect a legitimate

interest.

In legal terms, we are the 'data controller' under European data protection

laws of the personal information described in this Privacy Policy, since we

determine the means and/or purposes of the data processing we perform.

3. Share personal information

We provide access to your personal data to our employees, contractors and

others that operate under our Digital Sidekick brand (“Digital Sidekick

personnel”) only if they need to have access to your personal data to

perform their tasks and duties. We ensure all Digital Sidekick personnel are

legally required to keep your personal data confidential.

We may share information in specific situations described in this section

and/or with the following third parties. Such third parties qualify as

"Processors"

, as these parties are instructed by us to process personal data

on our behalf, where this is necessary for third parties to perform their

tasks and duties. We enter into appropriate data processing agreements

with all Processors. Through these data processing agreements, the

Processors provide at least the same level of security as provided by us and

guarantee the confidentiality of your personal data. .

The third parties we may share personal information include:

1. Cloud Computing services, including Google Cloud Platform

2. Data Backup and Security, including Google Drive Backup

3. Customer support service providers, including OneSignal

4. Functionality and Infrastructure Optimisation, including Cloud

Storage for Firebase, Cloud Firestore, Firebase Hosting , Cloud

Functions for Firebase and AppCheck

5. Large Language Model (LLM) services, including Google Gemini

6. User Account Registration and Authentication, including Firebase

Authentication

7. Web and Mobile Analytics, including Google Analytics and Google

Analytics for Firebase8. Website Hosting, including Firebase Hosting

9. Website Performance Monitoring, including Firebase Crash

Reporting and Firebase Performance Monitoring

10. Website Testing, including Firebase Remote Config, Google Play

Console and TestFlight

As included above under 5., certain data is shared with LLM service

providers, to be able to provide summaries and personalized insights

based on your survey input ]. This data includes only certain questionnaires

completed by you and your colleagues using Digital Sidekick. While we use

efforts to exclude all your personal, company and team names, before

sharing this data with the LLM service providers, you are requested to not

share any information that could be used to identify you or any other

persons.

In addition, we may share your personal data with counsellors that use the

Services for providing their counsellor services to you and who process

personal data for their own purposes. As such they do not qualify as

Processors but as “Controllers”.

4. Use of cookies

(1) In addition to the data mentioned above, a cookie is stored on your

computer by our Cookie Consent Banner when you use our website.

Cookies are small text files that are stored on your hard disk, assigned to

the browser you are using, and through which certain information flows to

the site that sets the cookie (here by us). Cookies cannot execute programs

or transfer viruses to your computer. They are used to make the Internet

offer more user-friendly and effective.(2) You can accept or reject the acceptance of cookies and third-party

cookies via the cookie consent banner. Excluded are the operationally

necessary cookies, which in the case of our website includes the cookie for

the Consent Banner. If you choose to remove cookies or reject cookies, this

could affect certain features or services of our services.

(3) All cookie and third-party cookie information can be accessed via the

banner.

For further information, please check our website for our cookie policy

http://www.digitalsidekick.ai

Most web browsers and some mobile operating systems and mobile

applications include a Do-Not-Track ('DNT') feature or setting you can

activate to signal your privacy preference not to have data about your

online browsing activities monitored and collected. At this stage, no

uniform technology standard for recognising and implementing DNT

signals has been finalized. As such, we do not currently respond to DNT

browser signals or any other mechanism that automatically communicates

your choice not to be tracked online. If a standard for online tracking is

adopted that we must follow in the future, we will inform you about that

practice in a revised version of this Privacy Policy.

5. Use of Google Analytics

We use Google Analytics on our website and app. This is a web analytics

service provided by Google Ireland Limited, Gordon House, Barrow Street,

Dublin 4, Ireland (hereinafter: Google).The Google Analytics service is used to analyze how our website is used.

The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the

analysis, optimization, and economic operation of our site and app.

Usage and user-related information, such as IP address, place, time, or

frequency of your visits to our website will be transmitted to a Google

server in the United States and stored there. However, we use Google

Analytics with the so-called anonymization function, whereby Google

truncates the IP address within the EU or the EEA before it is transmitted

to the US. The data collected in this way is in turn used by Google to

provide us with an evaluation of visits to our website and what visitors do

once there. This data can also be used to provide other services related to

the use of our website and of the internet in general.

Google states that it will not connect your IP address to other data. In

addition, Google provides further information regarding its data protection

practices at

https://www.google.com/intl/de/policies/privacy/partners, including options

you can exercise to prevent such use of your data.

To opt out of being tracked by Google Analytics across the services, visit

https://tools.google.com/dlpage/gaoptout. For more information on the

privacy practices of Google, please visit the Google Privacy & Terms page.

6. Term of data storage

We keep your information for as long as necessary to fulfill the purposes

outlined in this Privacy Policy unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for

the purposes set out in this Privacy Policy, unless a longer retention periodis required or permitted by law (such as tax, accounting, or other legal

requirements).

When we have no ongoing legitimate business need to process your

personal information, we will either delete or anonymise such information,

or, if this is not possible (for example, because your personal information

has been stored in backup archives), then we will securely store your

personal information and isolate it from any further processing until

deletion is possible.

7. Data safety

We aim to protect your personal information through a system of

organizational and technical security measures.

We have implemented appropriate and reasonable technical and

organizational security measures designed to protect the security of any

personal information we process. However, despite our safeguards and

efforts to secure your information, no electronic transmission over the

Internet or information storage technology can be guaranteed to be 100%

secure, so we cannot promise or guarantee that hackers, cybercriminals, or

other unauthorized third parties will not be able to defeat our security and

improperly collect, access, steal, or modify your information. Although we

will do our best to protect your personal information, transmission of

personal information to and from our services is at your own risk. You

should only access the services within a secure environment.

8. User rights

You have the right to request access to the personal information we collect

from you, details about how we have processed it, correct inaccuracies, ordelete your personal information. You may also have the right to withdraw

your consent to our processing of your personal information, which may

lead to us no longer providing the Services to you. We will consider and act

upon any request in accordance with applicable data laws. The rights may

be limited in some circumstances by applicable law. To request to review,

update, or delete your personal information, please contact us via

hello@digitalsidekick.ai and / or use change personal information and

delete account in our app.

Upon your request to terminate your account, we will deactivate or delete

your account and information from our active databases. However, we may

retain some information in our files to prevent fraud, troubleshoot

problems, assist with any investigations, enforce our legal terms and/or

comply with applicable legal requirements.

However, please note that this will not affect the lawfulness of the

processing before its withdrawal nor, will it affect the processing of your

personal information conducted in reliance on lawful processing grounds

other than consent.

9. Changes to policy

We will update this Policy as necessary to stay compliant with relevant

laws, when our Services are updated or to make general improvements.

We encourage you to review this Privacy Policy frequently to be informed

of how we are protecting your information.