Privacy Policy

DeepChain Platform Privacy Policy

Version 2.0 | Effective Date: February 9, 2026

1. Introduction

At AICE Technology Ltd, a company registered in England and Wales (company number: [TO BE INSERTED]), with its registered office at [TO BE INSERTED], we are committed to protecting your privacy and ensuring you have a positive experience on our platform (www.deepchain.dev).

This Privacy Policy explains how we collect, use, disclose, and otherwise process personal data in connection with our services, in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018). Please read this policy carefully to understand our practices regarding your personal data.

We are committed to processing your personal data fairly, transparently, and in accordance with applicable data protection laws. This policy sets out how we handle personal data and your rights in relation to that data.

2. Who We Are and Data Controller Details

AICE Technology Ltd (referred to as "we," "us," "our," or the "Controller") is the data controller for the personal data we process about you when you use the DeepChain Platform. Our contact details are as follows:

  • Company: AICE Technology Ltd
  • Website: www.deepchain.dev
  • Email: privacy@aicetechnology.com
  • Registered in England and Wales
  • Company Registration Number: [TO BE INSERTED]
  • Registered Office Address: [TO BE INSERTED]

3. How We Use Your Data (Purposes and Legal Basis)

We process personal data for various purposes, each supported by a lawful basis under UK GDPR Article 6. Below are the primary purposes and their corresponding legal basis:

Service Delivery and Account Management

  • To provide, maintain, and improve the DeepChain Platform, including account creation, user authentication, and service delivery.
  • Legal Basis: Contractual Necessity (UK GDPR Article 6(1)(b)) – necessary to perform our contract with you

Platform Improvement and Analytics

  • To analyze usage patterns, improve platform features, and develop new functionality.
  • Legal Basis: Legitimate Interests (UK GDPR Article 6(1)(f)) – to enhance user experience and platform efficiency

Security and Compliance

  • To monitor and maintain platform security, detect and prevent fraud, and investigate suspicious activities.
  • Legal Basis: Legitimate Interests (UK GDPR Article 6(1)(f)) – to protect platform and user security

Customer Support

  • To respond to user inquiries, provide technical support, and resolve issues.
  • Legal Basis: Contractual Necessity (UK GDPR Article 6(1)(b)) – necessary to fulfil customer support obligations

Communications and Marketing

  • To send service updates, security alerts, and (with your consent) marketing communications about features and promotions.
  • Legal Basis: Legitimate Interests (UK GDPR Article 6(1)(f)) – to keep you informed about our services

Legal and Regulatory Compliance

  • To comply with legal obligations, respond to legal requests from authorities, and maintain records for legal purposes.
  • Legal Basis: Legal Obligation (UK GDPR Article 6(1)(c)) – to comply with applicable law

Billing and Licensing

  • To process payments, manage subscriptions, and issue invoices.
  • Legal Basis: Contractual Necessity (UK GDPR Article 6(1)(b)) – necessary to process payments and manage billing

4. Types of Personal Data We Collect

We collect various categories of personal data to provide and improve our services:

  • Account Information: name, email address, password, organisation details
  • Usage Data: log files, IP addresses, browser type, pages visited, time spent on platform
  • Device Information: device type, operating system, unique device identifiers
  • Payment Information: billing address, payment method details (processed securely by third parties)
  • Communication Records: support tickets, email correspondence, chat messages
  • Preference Data: language, notification settings, communication preferences

5. How Long We Retain Your Data

We retain personal data for as long as necessary to provide our services and fulfil the purposes outlined in this policy. Retention periods vary based on the type of data:

  • Account Data: retained for the duration of your account plus 6 years for accounting records (required by law)
  • Usage Data: retained for up to 12 months for analytics and security purposes
  • Payment Data: retained for 6 years to comply with tax and accounting regulations
  • Support Records: retained for 3 years for service improvement and dispute resolution

Once the retention period expires, we securely delete or anonymise the data, unless we are legally required to retain it longer.

6. When We Share Your Data

We do not sell, trade, or rent your personal data to third parties. However, we may share data in the following circumstances:

  • Service Providers: third-party vendors who provide payment processing, hosting, analytics, and support services (under data processing agreements)
  • Legal Requirements: when required by law, court order, or government request
  • Business Transfers: in the event of merger, acquisition, or asset sale, your data may be transferred (we will notify you)
  • With Your Consent: when you explicitly authorise us to share your data for specific purposes

7. How We Protect Your Data

We implement comprehensive technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction:

  • Encryption: TLS encryption for data in transit and AES-256 encryption for data at rest
  • Access Controls: role-based access control and multi-factor authentication
  • Monitoring: continuous security monitoring and intrusion detection
  • Regular Audits: periodic security assessments and penetration testing
  • Staff Training: employee education on data protection and security practices
  • Incident Response: documented procedures for responding to potential data breaches

8. Cookies and Tracking Technologies

Our platform uses cookies and similar technologies to enhance user experience, analyse usage, and maintain security. Please refer to our Cookie Policy for detailed information about the cookies we use and how to manage your preferences.

9. Your Rights Under UK GDPR

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, you have the following rights:

Right of Access

  • You have the right to obtain confirmation of whether we hold your personal data and to receive a copy of such data.

Right to Rectification

  • You have the right to request correction of inaccurate or incomplete personal data.

Right to Erasure

  • You have the right to request deletion of your personal data in certain circumstances (the "right to be forgotten").

Right to Restrict Processing

  • You have the right to request limitation of how we process your personal data.

Right to Data Portability

  • You have the right to receive your personal data in a structured, commonly-used, machine-readable format and transmit it to another controller.

Right to Object

  • You have the right to object to processing of your personal data, including for marketing purposes.

Right to Lodge a Complaint with the ICO

  • You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have breached your data protection rights. You do not need to contact us first, although we would appreciate the opportunity to address your concerns. ICO contact details are provided below:
  • Information Commissioner's Office (ICO)
  • Wycliffe House, Water Lane
  • Wilmslow, Cheshire, SK9 5AF
  • Website: ico.org.uk
  • Helpline: 0303 123 1113

To exercise any of these rights, please contact us using the details provided in Section 2. We will respond to your request within 30 days of receipt.

10. Complaint Handling and Resolution

We are committed to resolving any concerns about our privacy practices promptly and fairly, in accordance with the Digital User Act 2025 (DUAA 2025).

How to Submit a Complaint

  • If you have concerns about how we process your personal data, you can submit a complaint by:
  • Email: privacy@aicetechnology.com
  • Mail: The address provided in Section 2
  • Providing clear details of your complaint, including dates, specific actions, and what remedy you seek

Our Response Process

  • Acknowledgment: We will acknowledge receipt of your complaint within 30 days
  • Investigation: We will investigate your complaint thoroughly and fairly
  • Response: We will provide a substantive response without undue delay, explaining our findings and any actions taken
  • Escalation: If you are not satisfied with our response, you have the right to escalate your complaint to the Information Commissioner's Office (ICO)

Our goal is to resolve issues at the earliest opportunity. We encourage you to contact us directly before escalating to the ICO, though you have the right to do so at any time.

11. International Data Transfers

Some of our service providers and infrastructure may be located outside the United Kingdom. When we transfer personal data internationally, we ensure appropriate safeguards are in place:

  • UK International Data Transfer Agreement (IDTA): where applicable, as approved by the Information Commissioner's Office
  • UK Addendum to the EU Standard Contractual Clauses: as recognised by the ICO for transfers to the European Union and other jurisdictions
  • Adequacy Decisions: where the recipient country has an adequacy decision from the UK government

These mechanisms ensure your data receives equivalent protection to that provided under UK GDPR. For more information on international transfers and the safeguards in place, please contact us at privacy@aicetechnology.com.

12. Compliance and Certifications

AICE Technology Ltd maintains compliance with multiple regulatory and security standards, including:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018 (DPA 2018)
  • SOC 2 Type II certification
  • ISO 27001 information security standards
  • HIPAA compliance (where applicable for healthcare data)

We conduct regular audits and assessments to ensure ongoing compliance with these standards and applicable data protection laws.

13. Children's Privacy

The DeepChain Platform is not intended for children under 13 years of age. In accordance with the UK Data Protection Act 2018, we comply with children's privacy protections as follows:

Age of Digital Consent

  • Under UK law, the age of digital consent is 13 years. Children under 13 cannot provide valid consent to process their personal data, and we do not knowingly collect personal data from children under 13. If a parent or guardian discovers that we have collected data from a child under 13, please contact us immediately for removal.

Enhanced Protections for Ages 13–18

  • For users aged 13 to 18, we provide enhanced privacy protections, including:
  • Parental notification rights (upon request)
  • Simplified data deletion options
  • Restricted marketing communications without explicit consent
  • Clear and age-appropriate privacy information

Users aged 13–17 in the UK may require parental or guardian consent for account creation, depending on our terms of service. Parents or guardians can contact us to exercise rights on behalf of minors.

14. Third-Party Links

The DeepChain Platform may contain links to third-party websites and services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing personal information or engaging with their services.

15. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Any material changes will be communicated to you via email or a prominent notice on our platform. Your continued use of the DeepChain Platform after changes constitute your acceptance of the updated policy.

Current Version: 2.0 (Effective February 9, 2026)

For questions about this Privacy Policy, please contact us at privacy@aicetechnology.com

AICE Technology Ltd | www.deepchain.dev