Privacy Policy

Version v1·Effective 13 May 2026

Privacy Policy for Disc

Last updated: 13 May 2026

This Privacy Policy (the “Policy”) explains how DISC TECHNOLOGIES LTD (“Disc”, “Company”, “we”, “us” or “our”) collects, uses, stores, processes, transfers and protects personal data when users access or use the Disc platform, applications, APIs, software, websites, integrations and associated services (collectively, the “Services”).

This Policy is intended to comply with applicable data protection and privacy legislation including, where applicable:

  • the UK General Data Protection Regulation (“UK GDPR”);
  • the Data Protection Act 2018;
  • the EU General Data Protection Regulation where applicable (“EU GDPR”);
  • applicable ePrivacy and electronic communications laws.

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.


1. Company Information

DISC TECHNOLOGIES LTD
Company number: 15852264
Registered office:
71-75 Shelton Street
Covent Garden
London
United Kingdom
WC2H 9JQ

For the purposes of applicable data protection law, DISC TECHNOLOGIES LTD is the data controller in respect of personal data processed through the Services unless otherwise stated.


2. Scope of this Policy

This Privacy Policy applies to:

  • users of the Disc platform;
  • website visitors;
  • prospective customers;
  • API users;
  • users of integrations and connected services;
  • recipients of communications from Disc.

This Policy does not apply to:

  • third-party platforms integrated with Disc;
  • brokers, exchanges or trading venues connected by users;
  • third-party websites linked from the Services.

Users are responsible for reviewing the privacy policies of any third-party services they choose to connect to or interact with.


3. Categories of Personal Data Collected

Disc may collect, generate, receive or otherwise process the following categories of personal data.

3.1 Account and Identity Information

Including:

  • full name;
  • username;
  • email address;
  • telephone number;
  • business or organisation details;
  • authentication credentials;
  • login identifiers.

3.2 Billing and Financial Information

Including:

  • billing address;
  • subscription details;
  • payment transaction metadata;
  • invoices;
  • usage-based billing records;
  • Credit consumption information.

Disc does not ordinarily store full payment card details directly and may utilise regulated third-party payment processors.

3.3 Technical and Device Information

Including:

  • IP addresses;
  • browser type;
  • operating system;
  • device identifiers;
  • API request logs;
  • crash logs;
  • system diagnostics;
  • latency metrics;
  • infrastructure telemetry;
  • session identifiers;
  • cookie identifiers.

3.4 Usage and Platform Activity Data

Including:

  • feature usage;
  • interaction logs;
  • models and workflows created;
  • signal configurations;
  • dashboard activity;
  • API usage;
  • integrations utilised;
  • infrastructure consumption metrics;
  • Credits usage;
  • support interactions.

3.5 User Content

Including:

  • uploaded files;
  • formulas;
  • scripts;
  • configurations;
  • prompts;
  • calculations;
  • automation logic;
  • model definitions;
  • workflow structures.

3.6 Communications Data

Including:

  • correspondence with support teams;
  • feedback submissions;
  • complaints;
  • survey responses;
  • communications preferences.

4. How Personal Data is Collected

Disc may collect personal data:

  • directly from users;
  • automatically through use of the Services;
  • through integrations authorised by users;
  • from analytics providers;
  • from payment processors;
  • from infrastructure providers;
  • from publicly available sources where lawful.

Data may be collected through:

  • account registration;
  • subscriptions;
  • platform interactions;
  • cookies and similar technologies;
  • APIs;
  • integrations;
  • customer support interactions;
  • marketing interactions.

5. Purposes of Processing

Disc may process personal data for the following purposes.

5.1 Provision of Services

Including:

  • operating the Platform;
  • authenticating users;
  • enabling platform functionality;
  • processing transactions;
  • providing customer support;
  • enabling integrations;
  • facilitating API access.

5.2 Platform Operations and Security

Including:

  • monitoring infrastructure stability;
  • preventing fraud;
  • preventing abuse;
  • detecting security incidents;
  • enforcing Terms and Conditions;
  • ensuring service integrity.

5.3 Billing and Commercial Operations

Including:

  • subscription management;
  • usage tracking;
  • Credits accounting;
  • invoice generation;
  • payment administration;
  • collections.

5.4 Product Improvement and Analytics

Including:

  • improving platform functionality;
  • performance monitoring;
  • feature development;
  • infrastructure optimisation;
  • troubleshooting;
  • usage analytics.

5.5 Legal and Regulatory Compliance

Including:

  • compliance with Applicable Laws;
  • responding to lawful requests;
  • regulatory cooperation;
  • dispute management;
  • legal claims.

5.6 Communications and Marketing

Including:

  • service announcements;
  • account notifications;
  • support communications;
  • product updates;
  • marketing communications where permitted by law.

Users may opt out of marketing communications at any time.


6. Legal Bases for Processing

Where applicable under UK GDPR or EU GDPR, Disc processes personal data on one or more of the following legal bases:

  • performance of a contract;
  • legitimate interests;
  • legal obligation;
  • consent;
  • establishment, exercise or defence of legal claims.

Disc’s legitimate interests may include:

  • operating and improving the Services;
  • securing infrastructure;
  • fraud prevention;
  • enforcing legal rights;
  • maintaining service reliability;
  • developing commercial operations.

7. Cookies and Similar Technologies

Disc may use cookies, SDKs, pixels, local storage and similar technologies to:

  • maintain sessions;
  • authenticate users;
  • remember preferences;
  • analyse traffic;
  • measure platform performance;
  • improve usability;
  • detect abuse.

Users may control cookies through browser settings, although disabling cookies may impact platform functionality.


8. Data Sharing and Disclosure

Disc may share personal data with:

  • cloud infrastructure providers;
  • hosting providers;
  • analytics providers;
  • payment processors;
  • authentication providers;
  • customer support systems;
  • professional advisers;
  • auditors;
  • insurers;
  • regulatory authorities;
  • law enforcement authorities;
  • affiliated entities.

Disc does not sell personal data to third parties.

Disc may disclose personal data:

  • where legally required;
  • to enforce contractual rights;
  • to protect the security or integrity of the Services;
  • in connection with mergers, acquisitions, financing events or asset sales.

9. International Data Transfers

Personal data may be transferred to and processed in jurisdictions outside the United Kingdom or European Economic Area.

Where such transfers occur, Disc shall implement appropriate safeguards as required under applicable data protection laws, which may include:

  • adequacy regulations;
  • standard contractual clauses;
  • international data transfer agreements;
  • supplementary technical and organisational measures.

10. Data Retention

Disc retains personal data only for as long as reasonably necessary for:

  • provision of the Services;
  • compliance with legal obligations;
  • dispute resolution;
  • enforcement of agreements;
  • operational and security purposes.

Retention periods may vary depending on:

  • the nature of the data;
  • regulatory obligations;
  • contractual requirements;
  • litigation risks;
  • technical operational requirements.

Disc may retain anonymised or aggregated data indefinitely.


11. Security Measures

Disc implements commercially reasonable technical, organisational and administrative safeguards designed to protect personal data.

Such measures may include:

  • encryption;
  • access controls;
  • authentication mechanisms;
  • network security controls;
  • monitoring systems;
  • infrastructure segregation;
  • incident response procedures.

However, no internet-based service or electronic storage system can be guaranteed to be completely secure.

Users acknowledge that transmission of information via the internet is undertaken at their own risk.


12. User Responsibilities

Users are responsible for:

  • maintaining confidentiality of account credentials;
  • ensuring lawful use of the Services;
  • ensuring uploaded data is lawfully obtained;
  • ensuring they possess rights necessary to upload User Content;
  • ensuring integrations and automations comply with Applicable Laws.

Users must not upload:

  • unlawful content;
  • malicious code;
  • infringing material;
  • personal data they are not authorised to process.

13. Financial and Trading Data Disclaimer

Disc provides software and data infrastructure functionality only.

Disc does not provide:

  • investment advice;
  • financial advice;
  • trading advice;
  • brokerage services;
  • regulated financial services.

Users acknowledge that:

  • financial and market data may be delayed, inaccurate or incomplete;
  • user-generated calculations and models may contain errors;
  • trading and investment activity involves substantial risk.

Disc accepts no responsibility for decisions made by users based on outputs generated through the Platform.


14. Automated Processing and Analytics

Disc may utilise automated systems for:

  • fraud prevention;
  • infrastructure monitoring;
  • abuse detection;
  • billing calculations;
  • analytics;
  • product optimisation;
  • security operations.

Disc does not ordinarily make legally binding decisions about users solely through automated decision-making processes.


15. Data Subject Rights

Subject to applicable law, users may possess rights including:

  • right of access;
  • right to rectification;
  • right to erasure;
  • right to restriction of processing;
  • right to object;
  • right to data portability;
  • right to withdraw consent;
  • right to lodge complaints with supervisory authorities.

Requests may be submitted using the contact details set out below.

Disc may request identity verification before fulfilling requests.


16. Children’s Privacy

The Services are not intended for individuals under eighteen (18) years of age.

Disc does not knowingly collect personal data from children.


17. Third-Party Services and Integrations

The Services may permit integrations with third-party systems including:

  • brokers;
  • exchanges;
  • wallets;
  • APIs;
  • execution systems;
  • cloud platforms;
  • analytics services.

Users acknowledge that third-party services are governed by their own terms and privacy policies.

Disc is not responsible for the privacy practices, security measures, data processing activities or legal compliance of third-party services.


18. Contact

Questions regarding this Privacy Policy or data protection requests may be directed to:

DISC TECHNOLOGIES LTD
info@disc.tech
71-75 Shelton Street
Covent Garden
London
WC2H 9JQ
United Kingdom