Privacy Policy

Introduction
At DNX Network, we are committed to protecting your privacy. This Privacy Policy explains how DNX Network Sarl (“DNX Network”, “we”, “us”) collects, uses, and safeguards your personal data when you use our website and services (the “Platform”). It also describes your rights regarding your personal data and how you can exercise them. We adhere to all applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and Luxembourg’s laws on privacy protection.
By using the DNX Network Platform, you agree to the collection and use of information in accordance with this Privacy Policy. We may update this policy from time to time (see Changes to This Policy below), and we will notify you of any significant changes.
Data Controller: The data controller responsible for your personal data is DNX Network S.à r.l., located at 42 Rue de Hollerich, L-1740 Luxembourg, Luxembourg. You can contact us using the details provided in the Contact Us section of this Policy.
Personal Data We Collect
We collect various types of personal data from you when you visit our site, create an account, or use our services. This includes:

Identity and Contact Information: Such as your nickname, email address, phone number and username. This information is collected when you register an account or otherwise provide it to us. We only collect identity details that you choose to provide or that are necessary for service.
Account Credentials: When you register, we collect a username and password. Your password is stored in a protected form (e.g., hashed) and not in plain text for security. Please choose a strong password and keep it confidential. (See also the section on Security of Your Password below.)
Profile Information: If you create a profile on our Platform or provide additional details (such as profile descriptions, preferences, or demographic information), we will collect that information as part of your account profile.
Financial and Payment Information: If you make purchases on our Platform, we (or our payment processors on our behalf) collect payment details. This may include your credit or debit card number, bank account information, or other payment method details in tokenized or encrypted form.
Note: For security, DNX Network itself does not store full payment card numbers or security codes. We use accredited payment service providers who handle your card information. We may retain non-sensitive payment identifiers (e.g., a payment token, card type, expiration date, or an internal transaction ID) to enable transactions and for billing records.
One-Click Payment Data: If you enable our “one-click” payment feature (see One-Click Payment Feature below), we will store a token or reference for your payment method (provided by our payment partner) to allow quick future payments.
Communication Data: Any correspondence you send to us, such as emails, support tickets, or reports of problems, will include personal data like your email address and the content of your communication. If you use chat rooms or other interactive features on the Platform, the content you share (messages, posts, interactions) may be stored by us as part of your account history.
Usage Data: We collect technical data about how you access and use our Platform. This includes information such as your IP address, browser type and version, device identifiers, time and date of visits, pages viewed, clicks and actions on our site, and the referring website. We also log when you last logged in and other relevant activity to help secure your account and improve our services.
Cookies and Tracking Information: When you visit our website, we may place cookies and similar tracking technologies on your device. These technologies collect data about your browsing actions and preferences on our site (see Cookies and Tracking Technologies below for details). For example, we might collect information on which pages you visit and what links you click on our site, or whether you have seen a particular advertisement.
Third-Party Data: If you choose to connect or log in to our Platform through a third-party service (for example, using Google Single Sign-On), we may receive certain information from that service, such as your name and email address, as permitted by your privacy settings with that service. We treat this information in line with this Privacy Policy.
Sensitive Data: We do not intentionally collect any special categories of personal data about you (such as information on health, political opinions, biometric data, etc.) as part of our standard services. Please avoid sharing such sensitive data on the Platform. Note that in the context of webcam services, any personal data you volunteer (for example, in chat messages) will be processed in line with this Policy, but remember that personal information you disclose in public areas can be viewed by others.
Provision of Data: Some personal data is required to create an account and use the Platform (for example, an email address, a username, and payment information for purchasing services). If you choose not to provide mandatory information, you may not be able to register or use certain features. Optional fields are indicated as such and are provided at your discretion.

Purposes of Processing and Legal Bases
We process your personal data for the following purposes, and each processing activity is supported by a legal basis under GDPR:

Providing and Managing the Service: We use your personal data to create and manage your account, to allow you to access our Platform and use our webcam services, and to facilitate your overall user experience. This includes displaying content, maintaining your profile, and enabling you to interact with third-party webcam service providers through our Platform.
Legal basis: Contractual necessity (to provide the services you request).
Payment Processing and Purchases: We process your financial information and personal details as needed to process payments for services you purchase, to provide you with payment options, and to maintain records of those transactions.
Legal basis: Contractual necessity (to carry out payment transactions you initiate) and legal obligation (financial/accounting compliance).
One-Click Payment Feature: If you opt to use our one-click payment functionality, we will set up a pre-authorized payment method through our payment provider (e.g., storing a tokenized version of your card or establishing a billing agreement).
Legal basis: Contractual necessity and consent (by opting in and using the feature).
Communications and Customer Support: We use your contact information to send service-related communications (transaction confirmations, account notifications, updates, technical notices). If you contact us, we will use your data to respond and resolve issues.
Legal basis: Contractual necessity and legitimate interests (customer satisfaction and issue resolution).
Sending Newsletters and Information Bulletins: With your consent or as otherwise permitted by law, we may send newsletters, promotions, and updates.
Legal basis: Consent (opt-in) and, in some cases, legitimate interests (similar services to existing customers with opt-out).
Direct Marketing and Personalized Offers: We may analyze usage and transaction history to present tailored content or promotions.
Legal basis: Legitimate interests; where required, consent (e.g., certain cookie-based advertising).
Automatically Generating User Profiles: We may compile information (categories viewed, activity patterns) to improve personalization and service performance.
Legal basis: Legitimate interests; where required, consent for non-essential cookies/tracking.
Service Optimization and Platform Management: We analyze platform usage to improve functionality, fix bugs, and guide product decisions.
Legal basis: Legitimate interests; cookie-based analytics subject to consent where required.
Loyalty and Promotional Activities: We may run loyalty programs, contests, lotteries, or promotions (excluding unlicensed gambling).
Legal basis: Legitimate interests, contract, or consent depending on the activity.
Fraud Prevention and Security: We monitor IP addresses and account activity to detect and prevent fraud, abuse, and security incidents, and enforce rules.
Legal basis: Legitimate interests and, in some cases, legal obligation.
Compliance with Legal Obligations: We process personal data to comply with applicable Luxembourgish and EU legal obligations, including lawful requests from authorities.
Legal basis: Legal obligation.
Other Legitimate Business Purposes: We may process data for internal administration (auditing, reporting) and business transactions (mergers/acquisitions).
Legal basis: Legitimate interests (subject to your rights).

We will not use your personal data for incompatible purposes without first obtaining your consent or unless otherwise permitted or required by law. If we process data for a new purpose, we will update this Privacy Policy and notify you as necessary.
One-Click Payment Feature
We offer an optional “one-click” payment feature to make repeat purchases more convenient. This feature allows you to authorize future payments without re-entering payment details each time. Key points:

How it works: If you opt in, we work with our payment service provider to set up a pre-authorized payment method (e.g., a billing agreement or tokenized card storage). DNX Network does not store full card numbers; we store a secure token or reference.
Your authorization: By saving a payment method and using one-click, you authorize DNX Network and our payment partners to maintain the payment method on file and charge it for future purchases you initiate.
Future payments: One-click purchases are processed immediately using your saved method. Each use confirms your approval for the charge amount shown.
Opt-out and management: You can disable one-click or remove/update saved payment methods through your account settings or by contacting support. If disabled, you must enter payment details again for future purchases.
Security: Payment data is handled in compliance with PCI-DSS. Tokenization helps enable one-click convenience without storing sensitive card data on DNX Network servers.
Transparent billing: You will receive confirmations/receipts and can review one-click transactions in your account purchase history. If you notice an unrecognized charge, contact us promptly.

Using one-click payments is optional and not required to use the Platform.
Data Sharing and Disclosure
We treat your personal data with care and confidentiality. We do not sell or rent your personal information to third parties for their own marketing use. However, we may share personal data with trusted third parties to provide services and meet legal requirements, including:
Affiliated entities and partners
We may share data with affiliated companies or partners involved in providing the webcam services you access, such as confirming access rights or providing your username in a session. Partners may use data only to provide services and must handle it securely and in compliance with applicable laws.
Service providers (processors)
We use third-party companies that act as data processors under our instructions, including:

Payment processors: Process transactions and receive necessary personal/financial data. Providers are contractually obligated to protect data and use it only for payment processing.
Hosting and storage providers: Host the Platform and databases on secure servers and act on our instructions.
Analytics services: Tools such as Google Analytics may collect usage data (with consent where required). Information is typically aggregated or pseudonymous; analytics providers are bound by GDPR-compliant data processing terms.
Customer support and CRM tools: Help manage support tickets and user inquiries; appropriate safeguards are applied, including for providers outside Luxembourg.
Marketing and advertising partners: Assist with newsletters and advertising; cookie-based personalized advertising requires consent where applicable.

Law enforcement and legal obligations
We may disclose data when required to comply with legal obligations (subpoenas, court orders) or to enforce terms, protect rights, investigate wrongdoing, or respond to lawful requests. We will disclose only what is legally required and may object to overly broad requests where appropriate.
Business transfers
If DNX Network is involved in a merger, acquisition, reorganization, bankruptcy, or sale of assets, personal data may be disclosed to successors or potential buyers and their advisors, subject to confidentiality protections. If the policy changes materially, you will be notified and, where applicable, asked for consent.
International data transfers
When transferring personal data outside the EU/EEA, we implement safeguards required by GDPR:

Switzerland: Recognized as providing an adequate level of protection under EU law.
United States and other non-adequate countries: We rely on approved mechanisms such as Standard Contractual Clauses (SCCs), and other lawful transfer mechanisms where applicable. (Note: EU–US Privacy Shield was invalidated in 2020; SCCs or similar safeguards are used instead.)

You may contact us for information about safeguards used for international transfers and to request a copy where appropriate.
No commercial sharing without consent: We do not share personal data with third parties for their own marketing/advertising purposes unless you have given explicit consent.
Data Storage and Security Measures
We implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage, including:

Secure hosting: Data stored on secure servers in professional data centers with security controls.
Encryption in transit: SSL/TLS encryption for data transmitted to and from the Platform.
Payment security: Sensitive card data is processed by external payment partners; DNX Network stores tokens/references rather than full card details.
Access controls and confidentiality: Access restricted to personnel with a need-to-know and under confidentiality obligations.
Password protection: Passwords are stored securely (hashed and protected); users should choose strong passwords and keep them confidential.
Account security features: Measures such as CAPTCHAs and login attempt limiting may be used to deter brute-force attacks.
Monitoring and testing: Security patching, firewalls, intrusion detection, and periodic audits/testing.
Data minimization and pseudonymization: Collection limited to necessary data; pseudonymized/aggregated data used where feasible.
Secure data deletion: Deletion or anonymization when data is no longer needed, including secure handling of archives/backups.
Third-party security: Contractual requirements that processors maintain appropriate security standards.
Incident response: Breach response procedures, including notification to users and regulators (e.g., CNPD) where required by GDPR.

No online system is completely secure. Users should also safeguard their information (log out on shared devices, avoid sending sensitive data via insecure channels).
Cookies and Tracking Technologies
We use cookies and similar technologies to operate the website, enhance user experience, analyze traffic, and support marketing.
What are cookies?
Cookies are small text files placed on your device by websites. They help recognize your device and remember information about your visit. Similar technologies include pixels/web beacons and device identifiers; for simplicity, we refer to these as “cookies.”
Cookies we use

Essential cookies (first-party): Required for core site functionality (login, session management, security, network management) and storing cookie preferences.
Analytics cookies (third-party): Used to understand site usage (e.g., via Google Analytics) and improve performance. Data is generally aggregated/pseudonymous. IP anonymization may be enabled where applicable. Retention may be limited (e.g., 24 months) depending on settings.
Advertising cookies (third-party): With consent, used to deliver relevant ads and measure campaign effectiveness. If declined, ads may be less targeted.
Social media cookies: Set by social platforms if you interact with social features (sharing buttons, social login). These cookies are controlled by the relevant provider.

Consent and choices
On first visit, a cookie banner requests preferences. Non-essential cookies are not set without consent. You can adjust preferences later (including via browser settings). Blocking essential cookies may impair site functionality.
Do Not Track signals
There is no universal standard for DNT interpretation. We honor cookie preferences set through our consent mechanism and relevant browser controls.
Cookie policy updates
For further details and a list of cookies, refer to the cookie consent tool or any dedicated Cookie Policy page, as updated over time.
Data Retention
We retain personal data only as long as necessary for the purposes described and to meet legal, accounting, and reporting requirements. Typical retention periods include:

Account information: Retained while your account is active. Accounts may be designated inactive after about eight (8) years with no activity.
Archived data: After inactivity or deletion requests, data may be archived with restricted access for an additional period (often two (2) years), for a total of about ten (10) years from last activity, to address legal/operational needs and statutes of limitation. After that, data is deleted or anonymized unless retention is required by law.
Payment and transaction records: Retained for at least ten (10) years to comply with Luxembourg accounting and tax requirements, even after account closure if needed.
Communications and support: Typically retained around 3–5 years after resolution, longer if legally significant.
Usage logs: Often retained for months for performance/security; certain account-linked logs may be retained longer (e.g., up to 8 years) for fraud/security investigations, then deleted or anonymized.
Chat and content data: Retention depends on feature context and moderation needs; content may be deleted or anonymized on account deletion where applicable.
Cookies: Persist until they expire or you delete them; derived analytics retention follows the settings of the relevant tools.

We may retain data longer where required by law or to protect legal interests (e.g., legal holds, disputes, investigations). When retention periods end, we delete or anonymize data.
Your Rights as a Data Subject
Subject to conditions and exceptions under GDPR and applicable laws, you have the following rights:

Right to access: Obtain confirmation of processing and access to your personal data, including key processing information. We may verify identity before responding.
Right to rectification: Correct inaccurate data or complete incomplete data.
Right to erasure (“right to be forgotten”): Request deletion in certain circumstances, subject to exceptions (e.g., legal obligations to retain transaction records).
Right to restrict processing: Request limitation of processing in specific situations (e.g., disputed accuracy, unlawful processing where you prefer restriction).
Right to object: Object to processing based on legitimate interests, unless compelling legitimate grounds override your rights or processing is needed for legal claims.
Right to object to direct marketing: Absolute right; you can opt out at any time via unsubscribe links, account settings, or contacting us.
Right to data portability: Receive certain data you provided in a structured, machine-readable format and have it transmitted to another controller where feasible (applies when processing is based on consent/contract and automated).
Right to withdraw consent: Withdraw consent at any time where consent is the legal basis; withdrawal does not affect prior lawful processing.
Right to set post-mortem instructions: Where applicable under certain jurisdictions, you may provide instructions for handling personal data after death.

To exercise these rights, contact us via the Contact Us section. We will verify your identity and typically respond within one month. For complex cases, this may be extended by up to two additional months, with notice and reasons provided. Requests are generally free of charge unless unfounded or excessive.
Right to lodge a complaint
You may lodge a complaint with a supervisory authority. In Luxembourg, this is the National Commission for Data Protection (CNPD), 15, Boulevard du Jazz, L-4370 Belvaux, Luxembourg. You may also contact your local authority if you reside or work outside Luxembourg.
Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or how we handle personal data, contact:
DNX Network S.à r.l. (Privacy Team)
42 Rue de Hollerich, L-1740 Luxembourg, Luxembourg
Email: data@dnxnetwork.lu
For general support issues unrelated to privacy (technical assistance, billing, content inquiries), contact: support@dnxnetwork.lu.
We aim to respond within a reasonable timeframe. For data access/deletion requests, this is typically within one month.
Changes to This Policy
We may update this Privacy Policy to reflect changes in practices, technologies, legal requirements, or operational needs. If we make changes, we will post the updated policy and change the “Last Updated” date. If changes are significant, we will provide a more prominent notice (e.g., a website notice or email, where appropriate).
Where consent is required for a change, we will obtain it. Otherwise, continued use of the Platform after updates may signify acceptance to the extent permitted by law. If you disagree with changes, you should stop using the services and, if desired, delete your account and/or contact us with concerns.
Last Updated: June 5, 2025

Privacy Policy

Identity and Contact Information: Such as your nickname, email address, phone number and username. This information is collected when you register an account or otherwise provide it to us. We only collect identity details that you choose to provide or that are necessary for service.

Account Credentials: When you register, we collect a username and password. Your password is stored in a protected form (e.g., hashed) and not in plain text for security. Please choose a strong password and keep it confidential. (See also the section on Security of Your Password below.)

Profile Information: If you create a profile on our Platform or provide additional details (such as profile descriptions, preferences, or demographic information), we will collect that information as part of your account profile.

One-Click Payment Data: If you enable our “one-click” payment feature (see One-Click Payment Feature below), we will store a token or reference for your payment method (provided by our payment partner) to allow quick future payments.

Purposes of Processing and Legal Bases We process your personal data for the following purposes, and each processing activity is supported by a legal basis under GDPR:

Sending Newsletters and Information Bulletins: With your consent or as otherwise permitted by law, we may send newsletters, promotions, and updates. Legal basis: Consent (opt-in) and, in some cases, legitimate interests (similar services to existing customers with opt-out).

Direct Marketing and Personalized Offers: We may analyze usage and transaction history to present tailored content or promotions. Legal basis: Legitimate interests; where required, consent (e.g., certain cookie-based advertising).

Automatically Generating User Profiles: We may compile information (categories viewed, activity patterns) to improve personalization and service performance. Legal basis: Legitimate interests; where required, consent for non-essential cookies/tracking.

Service Optimization and Platform Management: We analyze platform usage to improve functionality, fix bugs, and guide product decisions. Legal basis: Legitimate interests; cookie-based analytics subject to consent where required.

Loyalty and Promotional Activities: We may run loyalty programs, contests, lotteries, or promotions (excluding unlicensed gambling). Legal basis: Legitimate interests, contract, or consent depending on the activity.

Fraud Prevention and Security: We monitor IP addresses and account activity to detect and prevent fraud, abuse, and security incidents, and enforce rules. Legal basis: Legitimate interests and, in some cases, legal obligation.

Compliance with Legal Obligations: We process personal data to comply with applicable Luxembourgish and EU legal obligations, including lawful requests from authorities. Legal basis: Legal obligation.

Other Legitimate Business Purposes: We may process data for internal administration (auditing, reporting) and business transactions (mergers/acquisitions). Legal basis: Legitimate interests (subject to your rights).

How it works: If you opt in, we work with our payment service provider to set up a pre-authorized payment method (e.g., a billing agreement or tokenized card storage). DNX Network does not store full card numbers; we store a secure token or reference.

Your authorization: By saving a payment method and using one-click, you authorize DNX Network and our payment partners to maintain the payment method on file and charge it for future purchases you initiate.

Future payments: One-click purchases are processed immediately using your saved method. Each use confirms your approval for the charge amount shown.

Opt-out and management: You can disable one-click or remove/update saved payment methods through your account settings or by contacting support. If disabled, you must enter payment details again for future purchases.

Security: Payment data is handled in compliance with PCI-DSS. Tokenization helps enable one-click convenience without storing sensitive card data on DNX Network servers.

Transparent billing: You will receive confirmations/receipts and can review one-click transactions in your account purchase history. If you notice an unrecognized charge, contact us promptly.

Payment processors: Process transactions and receive necessary personal/financial data. Providers are contractually obligated to protect data and use it only for payment processing.

Hosting and storage providers: Host the Platform and databases on secure servers and act on our instructions.

Analytics services: Tools such as Google Analytics may collect usage data (with consent where required). Information is typically aggregated or pseudonymous; analytics providers are bound by GDPR-compliant data processing terms.

Customer support and CRM tools: Help manage support tickets and user inquiries; appropriate safeguards are applied, including for providers outside Luxembourg.

Marketing and advertising partners: Assist with newsletters and advertising; cookie-based personalized advertising requires consent where applicable.

Switzerland: Recognized as providing an adequate level of protection under EU law.

United States and other non-adequate countries: We rely on approved mechanisms such as Standard Contractual Clauses (SCCs), and other lawful transfer mechanisms where applicable. (Note: EU–US Privacy Shield was invalidated in 2020; SCCs or similar safeguards are used instead.)

Secure hosting: Data stored on secure servers in professional data centers with security controls.

Encryption in transit: SSL/TLS encryption for data transmitted to and from the Platform.

Payment security: Sensitive card data is processed by external payment partners; DNX Network stores tokens/references rather than full card details.

Access controls and confidentiality: Access restricted to personnel with a need-to-know and under confidentiality obligations.

Password protection: Passwords are stored securely (hashed and protected); users should choose strong passwords and keep them confidential.

Account security features: Measures such as CAPTCHAs and login attempt limiting may be used to deter brute-force attacks.

Monitoring and testing: Security patching, firewalls, intrusion detection, and periodic audits/testing.

Data minimization and pseudonymization: Collection limited to necessary data; pseudonymized/aggregated data used where feasible.

Secure data deletion: Deletion or anonymization when data is no longer needed, including secure handling of archives/backups.

Third-party security: Contractual requirements that processors maintain appropriate security standards.

Incident response: Breach response procedures, including notification to users and regulators (e.g., CNPD) where required by GDPR.

Essential cookies (first-party): Required for core site functionality (login, session management, security, network management) and storing cookie preferences.

Analytics cookies (third-party): Used to understand site usage (e.g., via Google Analytics) and improve performance. Data is generally aggregated/pseudonymous. IP anonymization may be enabled where applicable. Retention may be limited (e.g., 24 months) depending on settings.

Advertising cookies (third-party): With consent, used to deliver relevant ads and measure campaign effectiveness. If declined, ads may be less targeted.

Social media cookies: Set by social platforms if you interact with social features (sharing buttons, social login). These cookies are controlled by the relevant provider.

Account information: Retained while your account is active. Accounts may be designated inactive after about eight (8) years with no activity.

Payment and transaction records: Retained for at least ten (10) years to comply with Luxembourg accounting and tax requirements, even after account closure if needed.

Communications and support: Typically retained around 3–5 years after resolution, longer if legally significant.

Usage logs: Often retained for months for performance/security; certain account-linked logs may be retained longer (e.g., up to 8 years) for fraud/security investigations, then deleted or anonymized.

Chat and content data: Retention depends on feature context and moderation needs; content may be deleted or anonymized on account deletion where applicable.

Cookies: Persist until they expire or you delete them; derived analytics retention follows the settings of the relevant tools.

Right to access: Obtain confirmation of processing and access to your personal data, including key processing information. We may verify identity before responding.

Right to rectification: Correct inaccurate data or complete incomplete data.

Right to erasure (“right to be forgotten”): Request deletion in certain circumstances, subject to exceptions (e.g., legal obligations to retain transaction records).

Right to restrict processing: Request limitation of processing in specific situations (e.g., disputed accuracy, unlawful processing where you prefer restriction).

Right to object: Object to processing based on legitimate interests, unless compelling legitimate grounds override your rights or processing is needed for legal claims.

Right to object to direct marketing: Absolute right; you can opt out at any time via unsubscribe links, account settings, or contacting us.

Right to data portability: Receive certain data you provided in a structured, machine-readable format and have it transmitted to another controller where feasible (applies when processing is based on consent/contract and automated).

Right to withdraw consent: Withdraw consent at any time where consent is the legal basis; withdrawal does not affect prior lawful processing.

Right to set post-mortem instructions: Where applicable under certain jurisdictions, you may provide instructions for handling personal data after death.

Purposes of Processing and Legal Bases
We process your personal data for the following purposes, and each processing activity is supported by a legal basis under GDPR:

Sending Newsletters and Information Bulletins: With your consent or as otherwise permitted by law, we may send newsletters, promotions, and updates.
Legal basis: Consent (opt-in) and, in some cases, legitimate interests (similar services to existing customers with opt-out).

Direct Marketing and Personalized Offers: We may analyze usage and transaction history to present tailored content or promotions.
Legal basis: Legitimate interests; where required, consent (e.g., certain cookie-based advertising).

Automatically Generating User Profiles: We may compile information (categories viewed, activity patterns) to improve personalization and service performance.
Legal basis: Legitimate interests; where required, consent for non-essential cookies/tracking.

Service Optimization and Platform Management: We analyze platform usage to improve functionality, fix bugs, and guide product decisions.
Legal basis: Legitimate interests; cookie-based analytics subject to consent where required.

Loyalty and Promotional Activities: We may run loyalty programs, contests, lotteries, or promotions (excluding unlicensed gambling).
Legal basis: Legitimate interests, contract, or consent depending on the activity.

Fraud Prevention and Security: We monitor IP addresses and account activity to detect and prevent fraud, abuse, and security incidents, and enforce rules.
Legal basis: Legitimate interests and, in some cases, legal obligation.

Compliance with Legal Obligations: We process personal data to comply with applicable Luxembourgish and EU legal obligations, including lawful requests from authorities.
Legal basis: Legal obligation.

Other Legitimate Business Purposes: We may process data for internal administration (auditing, reporting) and business transactions (mergers/acquisitions).
Legal basis: Legitimate interests (subject to your rights).