Privacy Policy
Version 0.3 · Effective 25 April 2025
1. Who we are
Duon Labs, Inc. ("Duon Labs", "we", "us") builds AI-powered forecasting tools.
This notice covers:
- duonlabs.com (marketing site)
- platform.duonlabs.com (the "Console", where users create accounts and manage API keys)
- Any other Duon Labs sub-domains that link to this policy.
2. What we collect
| Category | Examples | Where | Purpose |
|---|---|---|---|
| Device & usage | IP (truncated), browser, timestamps | All sites | Security, analytics |
| Account | Email, name, hashed password, 2FA | Console | Account security |
| Service data | API key, request logs (pseudonymised) | Console | Run service, monitor abuse |
| Contact | Email, name, company, message | Contact forms | Respond to inquiries |
| Cookies | Session, CSRF, analytics, consent | All sites | Login, preferences, traffic |
We do NOT collect or store crypto wallets or payment card numbers on these sites, and we do NOT sell or rent personal data.
3. How & why we use your data
| Purpose | GDPR legal basis |
|---|---|
| Provide and secure the Console | Contract (Art 6 (b)) |
| Site analytics, crash logs | Legitimate interest |
| Newsletters, non-essential cookies | Consent |
| Compliance with law, safety | Legal obligation |
4. Sharing
We share personal data only with:
- Service providers (cloud hosting, e-mail delivery, analytics) that are bound by data-processing agreements and only process data on our instructions.
- Authorities or other parties when required by applicable law or to protect rights and safety.
No ad networks, data brokers, or social-media pixels are embedded.
5. Cookies & tracking
- Essential cookies (session, CSRF) load automatically.
- Non-essential cookies (analytics) load only after you opt-in via the cookie banner.
You can revoke consent at any time via the banner settings or your browser.
6. Your rights
Depending on where you live (e.g., EU/EEA, UK, California), you can:
- Access, correct, export, or delete your data.
- Object to or restrict certain processing.
- Withdraw consent for analytics or marketing at any time.
To exercise any right, e-mail privacy@duonlabs.com. We respond within 30 days.
7. Data retention
| Data type | Typical retention |
|---|---|
| Account & service logs | Life of account + 12 months |
| Contact / support tickets | 24 months after last interaction |
| Aggregated analytics | Kept or anonymised after 14 months |
Back-ups kept longer solely for security, legal, or disaster-recovery purposes.
8. Where your data is stored & international transfers
- Primary hosting: All application and database servers are located in the European Union (currently Frankfurt & Amsterdam data centres).
- Sub-processors outside the EU: Certain ancillary services (e-mail delivery, error logging) are US-based. When data flows to them, we rely on Standard Contractual Clauses (GDPR Art 46) and vendor audits to ensure equivalent protection.
- Your choice: If you prefer we not transfer personal data outside the EEA, contact us; we will disable non-EU vendors for your account where feasible or delete the data.
9. Children
Our sites are not directed to children under 16. We do not knowingly collect their data. If you believe we have inadvertently done so, please contact us for deletion.
10. Changes
We will post any updates here and revise the "Effective Date". Material changes may also be highlighted via a site banner or, for Console users, e-mail.
11. Contact
Duon Labs, Inc.
8 The Green, STE D, Dover, Delaware 19901, United States
E-mail: contact@duonlabs.com