firsttime

Privacy Policy

ORE Catapult Privacy Policy
1. Introduction
● ORE Catapult (hereinafter "we," "us," or "our") is committed to protecting the privacy of individuals who interact with our platform (the "Platform").
● This Privacy Policy explains how we collect, use, and share personal data from visitors to our Platform, particularly those who submit ideas, projects, or startup information.
● We are the Data Controller for the personal data collected through the Skipso platform. Skipso is our Data Processor.

2. Data We Collect
● We collect the following personal data:
          ○ First name

          ○ Last name

          ○ Email address

          ○ Phone number

          ○ Information about your Business and Innovation, including limited financial information.

          ○ Specific and restricted information about citizenship

3. Legal Basis for Processing
● We process your personal data based on:

          ○ Your consent; and

          ○ Our legitimate interests in evaluating and facilitating collaboration, investment, or introductions.

4. How We Use Your Data
● We use your personal data to:

          ○ Evaluate your Innovation.

          ○ Facilitate potential collaboration, investment, or introductions to partners (including third parties).

          ○ Communicate with you regarding your submission.

          ○ Send you updates regarding your activities on the platform.

          ○ Send group messages to users on the platform for updates relating to innovation activities or events.

5. Data Sharing
● We may share your personal data with:

          ○ Skipso (our Data Processor), who provides the Platform.

          ○ Potential partners, investors, or collaborators (with your consent or based on our legitimate interests).

          ○ Third-party service providers, such as Google Analytics (for marketing purposes) and Amazon Web Services (AWS).
● We take steps to ensure that your data is protected. Skipso's servers are located in Dublin, Ireland, North Virginia, US, or London, UK, depending on our preference, and your data will not leave the servers chosen by ORE Catapult.
● Each client has its own database, which is not accessible by other clients.

6. Data Retention
● We retain your personal data for no longer than as long as necessary to fulfill the purposes outlined in this policy, or as required by any applicable law.
● We retain database backups for up to 35 days.
● Client has the ability to dictate to Skipso the length of time which platform data and backup data is retained.
● Client can define the terms of how long certain data is retained on the platform. It is client’s responsibility to delete this data after a specified amount of time from the platform.

7. Your Rights
● You have the following rights regarding your personal data:

          ○ Right to access your data.

          ○ Right to rectify inaccurate data.

          ○ Right to erase your data (right to be forgotten).

          ○ Right to restrict processing.

          ○ Right to data portability.

          ○ Right to object to processing.

          ○ Right to withdraw consent (where applicable).

          ○ Users can request the erasure or a copy of any data pertaining to them on the platform.
● To exercise these rights, please contact us.

8. Security
● We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure,1 alteration, or destruction.2
● Skipso, as our Data Processor, also implements appropriate technical and organizational measures, including:

          ○ Data is encrypted during transport and at rest.

          ○ Use of SSL encryption and HTTPS protocol.

          ○ Web Application Firewall to block rogue requests and prevent vulnerabilities.

          ○ Intrusion detection and prevention systems.

          ○ Regular vulnerability assessments and penetration tests.

          ○ Role-based access control (RBAC) practices.

          ○ Automated point-in-time backups of our databases.

          ○ Security patches are applied to the server fleet weekly.
● More details about Skipso’s security measures can be found in Skipso’s Infrastructure and Security Overview.

9. Contact Information
● If you have any questions or concerns about this Privacy Policy, please contact us.

10. Changes to This Privacy Policy
● We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our Platform and notifying you via email.

11. Supervisory Authority
● You have the right to lodge a complaint with a supervisory authority.