How Eteries handles personal data

Eteries is operated by Cyber Studios Ltd, a private limited company registered in the United Kingdom. In this Privacy Policy, "Eteries", "we", "us", and "our" mean Cyber Studios Ltd as operator of the Eteries website, dashboard, search tools, and related services.

Cyber Studios Ltd, 124 City Road, London, EC1V 2NX, United Kingdom is the controller for personal data processed through Eteries, except where another party acts as an independent controller under its own terms.

For privacy questions or rights requests, contact hello@eteries.com.

This Privacy Policy applies to visitors to our public website, account holders, subscribers, and users of our dashboard, including company, official, address, and document-related pages.

Eteries indexes and presents business information, including data that may identify natural persons acting as company officials, shareholders, representatives, or contact points in source records. We treat that information in accordance with applicable data protection law, including the General Data Protection Regulation (EU) 2016/679 ("GDPR").

We may collect and process the following categories of personal data:

Account and profile data, including name, email address, authentication identifiers, and login/session information.

Billing and subscription data, including Stripe customer identifiers, subscription status, plan selection, billing period data, and limited transaction metadata. We do not store full payment card numbers.

Usage and device data, including IP address, browser type, approximate geo/device metadata, page views, events, and service interactions.

Search and product interaction data, including queries submitted, pages viewed, financial-data vote activity, and documents uploaded for parsing.

Public or third-party source data about company officials and related persons, including names, appointments, positions, and associated registration details appearing in business records.

We collect personal data directly from you when you create an account, sign in, subscribe, contact us, upload documents, or use the product.

We also collect structured company and official data from Cyprus Open Data (data.gov.cy), including these datasets:

• Organisations
• Organisation officials
• Registered office

Where available, we may also process information taken from registrar filings, public records, and paid study files in order to provide a more usable consolidated view.

We use personal data to:

Provide, secure, maintain, and improve Eteries.

Authenticate users and manage accounts and subscriptions.

Process payments, prevent fraud, and manage customer support.

Operate search, indexing, document parsing, and company intelligence features.

Monitor usage, diagnose technical issues, and improve performance.

Comply with legal obligations, enforce our terms, and protect our rights.

Under Article 6 GDPR, we rely on one or more of the following legal bases depending on the processing activity:

Article 6(1)(b): processing necessary to perform our contract with you, including account creation, subscription management, and delivering the service.

Article 6(1)(c): processing necessary to comply with legal obligations, including tax, accounting, and lawful disclosure obligations.

Article 6(1)(f): processing necessary for our legitimate interests, including service security, analytics, fraud prevention, product improvement, support, and the indexing and presentation of business registry information in a searchable format.

Article 6(1)(a): consent, where consent is required, such as for certain non-essential cookies or similar technologies.

Our legitimate interests include operating a searchable company intelligence platform, helping users review publicly available registration information more efficiently, securing the service, preventing abuse, understanding product usage, and maintaining reliable billing and support operations.

Where we rely on legitimate interests for business-record data relating to individuals, we aim to limit processing to information relevant to company registration, appointments, filings, and related compliance context.

We may share personal data with service providers that help us operate Eteries, including hosting, infrastructure, authentication, analytics, cloud storage, customer support, and payment processing.

Current key providers include:

• Stripe for payment processing, billing, and subscription administration.
• PostHog for product analytics and event measurement.
• Resend for transactional email delivery.
• PlanetScale for managed database infrastructure.
• Sentry for error monitoring, diagnostics, and service reliability.

We may also disclose personal data where required by law, to respond to valid legal requests, to enforce our rights, to investigate abuse, or in connection with a merger, acquisition, financing, or asset transfer.

We do not sell personal data in the ordinary meaning of that term.

Some of our processors may process personal data outside the European Economic Area. When that happens, we take steps intended to ensure an appropriate level of protection, such as relying on adequacy decisions, contractual safeguards, or equivalent transfer mechanisms where required.

We keep personal data for as long as reasonably necessary for the purposes described in this Privacy Policy, including providing the service, maintaining records, resolving disputes, enforcing our terms, and meeting legal, tax, accounting, and compliance obligations.

Public-source business record data may remain indexed while relevant to the product and our legitimate business purposes, subject to applicable law and valid rights requests.

Subject to applicable law, you may have the right to request access, rectification, erasure, restriction, objection, and data portability, and to withdraw consent where processing is based on consent.

You may also lodge a complaint with your local supervisory authority, including the Office of the Commissioner for Personal Data Protection in Cyprus if applicable.

We may ask for information necessary to verify your identity before acting on a request.

Eteries is not the official source of company registration data and does not guarantee that indexed records are complete, current, or free from error. Source records may contain duplicates, mismatches, or stale information.

If you believe data presented about you is inaccurate, incomplete, or misleading, contact us at hello@eteries.com. We may request supporting information and, where appropriate, review the issue against the original source or update our presentation layer.

We use measures intended to protect personal data against unauthorised access, alteration, disclosure, or destruction. No system is perfectly secure, and we cannot guarantee absolute security.

Eteries is intended for business and professional use and is not directed to children.

We may update this Privacy Policy from time to time. Material changes will be reflected on this page with an updated effective date.