← Back to research.cy

Privacy Policy

Last updated: 26 February 2026

Operator: DailyMind LTD, HE 439283, Idaliou 7, 2540 Dali, Nicosia, Cyprus

Contact: info@research.cy

1. What we collect

We collect only what is necessary to operate the service:

• Waitlist sign-up: email address, optional segment preference (buyer/investor/agent), and UTM parameters (traffic source). Stored in our database on a server in Germany (Hetzner).
• Analytics (when enabled): Google Analytics 4 collects anonymized usage data (pages visited, device type, approximate location at country level). GA4 is loaded only after you give consent via the cookie banner. If you decline, no analytics data is collected.
• Server logs: standard HTTP logs (IP address, request path, timestamp, user agent) retained for 30 days for security and debugging. No personal profiling.

2. Why we collect it

• Waitlist email: to notify you when the platform launches and to communicate product updates. We do not sell or share your email with third parties.
• Analytics: to understand which features interest visitors and improve the product. Collected only with consent.
• Server logs: to maintain security and investigate abuse.

3. Legal basis (GDPR Art. 6)

• Consent (Art. 6(1)(a)) — for analytics cookies and marketing emails.
• Legitimate interest (Art. 6(1)(f)) — for server logs and security.
• Contract performance (Art. 6(1)(b)) — for waitlist functionality (you request early access, we deliver it).

4. Cookies

We use the following cookies:

• cookie_consent — stores your cookie preference (accept/decline). Strictly necessary, no consent required. Duration: 365 days.
• _ga, _ga_* — Google Analytics 4 cookies. Set only if you accept analytics cookies. Duration: up to 2 years. These cookies are set by Google (google.com domain). See Google's Privacy Policy.

No advertising cookies. No third-party tracking pixels.

5. Data sharing

We do not sell your data. We share data only with:

• Google LLC — analytics data, only if you consent. Data may be transferred to the US under EU-US Data Privacy Framework.
• Hetzner Online GmbH — our server provider in Germany. Data processing agreement in place.

6. Data retention

• Waitlist emails: until you unsubscribe or the service launches (whichever is first), then deleted within 30 days.
• Analytics: 14 months (GA4 default, anonymized).
• Server logs: 30 days.

7. Your rights

Under GDPR, you have the right to:

• Access your data (Art. 15)
• Rectify inaccurate data (Art. 16)
• Delete your data (Art. 17) — "right to be forgotten"
• Restrict processing (Art. 18)
• Data portability (Art. 20)
• Object to processing (Art. 21)
• Withdraw consent at any time (Art. 7(3))

To exercise any right, email info@research.cy. We will respond within 30 days.

You also have the right to lodge a complaint with the Commissioner for Personal Data Protection of the Republic of Cyprus (dataprotection.gov.cy).

8. Security

Data is transmitted over HTTPS (TLS 1.2+). The database is not publicly accessible. Access is restricted to authorized personnel only.

9. Changes

We may update this policy. Material changes will be communicated via the waitlist email. The "Last updated" date at the top reflects the latest revision.