Privacy Policy

Last update: 10 March 2025

This privacy policy has been drafted by Cosmo Network Ltd, registered under the laws of the United Kingdom with the company number 13014647, with its head office located at 167-169 Great Portland Street, 5th Floor, W1W 5PF London (“Cosmo Network”). Cosmo Network is a technological service that enables its users to upload files and make them accessible to third parties via a URL hyperlink, in return for payment. The purpose of this privacy policy is to describe the processing of personal data that Cosmo Network conducts, in order to fulfil its obligation of information as a data controller. This privacy policy is published and accessible at any time on the following website: https://uncoverme.app/privacy. This privacy policy is established in consideration of the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, as well as Law No. 78-17 of 6 January 1978 in its latest version (the “Personal Data Regulation”).

1. DEFINITIONS

The following definitions apply to this Privacy Policy: Application: Refers to the mobile application "Uncoverme" available on the App Store and Google Play. Data subject: Refers to an Uploader, a Downloader, or any other individual whose personal data is processed by Cosmo Network. Downloader: Refers to any natural person over the age of majority who downloads a File. Download Page: Refers to the webpage accessible with a dedicated URL address from which a File can be accessed against payment. File: Refers to any file shared via the Solution. Solution: Refers to the Application and the Download Pages. Uploader: Refers to any natural person over the age of majority who uploads a File on the Application. ‍

2. PERSONAL DATA COLLECTED AND PROCESSED

Cosmo Network processes the following personal data for the purposes mentioned below. ‍ FOR UPLOADERS General information (first and last name, date of birth, email address, postal address, phone number); Connection data on the Application (login credentials, password, session start and end time, IP address, location, session history); Banking information; Content of the Files uploaded on the Application (photographs, videos, and voice notes); Transactional data (number of Files shared, amounts received, transaction dates, withdrawals); Data related to the Uploader's device (operating system, language); Browsing data on the Application; Identification documents; Facial photograph (selfie); Warnings and sanctions in case of sharing inappropriate or illicit content. ‍ FOR DOWNLOADERS First and last name; Email address; Data related to the Downloader's device (operating system, language). The provision of certain data is required to access the Solution. For example, the refusal to provide the required data in the context of the identity verification process (identification document and, if applicable, photograph), will prevent the creation of an account on the Application. Banking information used for the payments made through the Solution, as well as the data processed during the identity verification process, are collected, processed, and stored by our service providers and Cosmo Network has no access to such data. ‍

3. DATA PROCESSING, PURPOSES AND LEGAL BASIS

4. RECIPIENTS OF PROCESSED PERSONAL DATA

The personal data collected and processed are necessary for the pursuit of all the aforementioned purposes and are exclusively intended for the internal management services of Cosmo Network, as well as, if necessary, for its processors. However, any illegal content of which Cosmo Network becomes aware may be reported and sent to the relevant authorities, including the Federal Bureau of Investigation (FBI), the International Criminal Police Organization (Interpol), and/or the French platform 'PHAROS'. The categories of sub-processors to whom personal data may be transmitted are the following: Daily operations: data processors that provide digital solutions useful for Cosmo Network’s daily operations, such as data hosting solutions, age verification, filtering of illicit contents, detection of errors or bugs in the Solution, monitoring of the use of the Solution, and updates to ensure the proper functioning of the Solution. Financial services: data processors that provide specialized financial services solutions, such as Masspay. Marketing and communication operations: data processors that provide online communication solutions and social media services, enabling data analysis for marketing purposes. Maintenance operations: data processors who have access to Cosmo Network’s technology to perform maintenance operations or address technical issues in the Solution in case of emergency. Management and advisory operations: data processors who assist Cosmo Network with management and compliance (whether accounting, legal, financial, or audit-related). It is specified that neither Cosmo Network nor its data processors sell, in any way, personal data of Data Subjects. ‍

5. RETENTION OF PERSONAL DATA

The data of Data Subjects is not retained beyond the period strictly necessary for the purposes outlined in Article 3 of the privacy policy. In particular: Data related to the creation and management of accounts is retained until the deletion of the Uploader's account or for a period of two (2) years from the last action on the Application. Files shared via the Application are retained for a period of three (3) months from their upload to the Application (unless a longer duration is decided by the Uploader or if the content is illicit). The email addresses of Downloaders are retained for the time necessary for Cosmo Network to send the File via email. Connection logs to the Solution are retained for a period of six (6) months. Data processed in connection with assistance requests are retained for the time required to address the request. Files whose content may be illicit are retained for the time necessary to analyze the situation and make a decision regarding account suspension. Identification documents provided in a request to exercise rights are retained for the duration necessary to verify the Data Subject’s identity. Cookies are retained for a period ranging from zero (0) to one hundred seventy-nine (179) days, depending on their nature. Cosmo Network undertakes to anonymize, archive or delete personal data of Data Subjects as soon as the purpose and retention period expire, subject to the time necessary to comply with its legal obligations, particularly in consideration of civil and commercial statute of limitations.

6. PERSONAL DATA TRANSFERS

Personal data processed by Cosmo Network is hosted by Google Cloud, whose servers are located in Belgium. Some of the personal data processed by Cosmo Network is transferred outside the European Union, including to the United States. In such a case, Cosmo Network ensures that data processors have implemented appropriate legal, technical and organizational measures to govern any transfer of personal data, in particular by using the standard contractual clauses established by the European Commission. ‍

7. COOKIES AND OTHER TRACKERS

Cosmo Network uses cookies and trackers, which are small computer files stored on your devices, to collect data about your browsing habits, record your visits to specific pages, and provide additional services such as enhancing your browsing comfort. It is also provided that these rules are not applicable if the access to information stored in the user's terminal equipment or the registration of information in the user's terminal equipment (i) either has the exclusive purpose of enabling or facilitating communication by electronic means, or (ii) is strictly necessary for the provision of an online communication service at the express request of the user. Within the framework of this exception, Cosmo Network uses the following cookies: Fraud prevention cookies, particularly for banking fraud. These cookies are retained for a period of 4 days from their deposit. Cookies necessary for processing the payment of a File. These cookies are retained for the duration of a user session. Cookies necessary for displaying the Downloader's interface on the Download Pages. These cookies are retained for a period ranging from 6 to 179 days from their deposit. Cookies for detecting errors and malfunctions in the Solution. These cookies are retained for a period ranging from 5 to 178 days from their deposit. Cookies that store the user's expressed choice regarding cookie deposits. These cookies are retained for a period of six (6) months from the last acceptance, refusal, or customization by the user.‍

8. DATA SUBJECT'S RIGHTS

In accordance with the Personal Data Regulation, Data Subjects benefit from various rights over their personal data, such as: Right of access: any Data Subject can find out what personal data Cosmo Network has about him or her and obtain a copy of this data. Right to rectification and to erasure: Data Subjects can ask for the correction of inaccurate or outdated personal data about them, as well as their deletion. Right to object and to restriction of processing: Data Subjects can object to how Cosmo Network processes their personal data or request that the processing concerning them be restricted, to the extent possible and subject to compelling legitimate grounds that Cosmo Network may have for continuing processing, such as legal obligations to combat money laundering and the financing of terrorism. Right to withdraw consent: any Data Subject who has consented to a processing has the right to withdraw his or her consent, without affecting the lawfulness of processing based on consent before its withdrawal. Right to data portability: Data Subjects can request Cosmo Network to send their personal data in a structured, commonly used and machine-readable format for transmission to another data controller, provided that this is possible. Right to set directives regarding the fate of personal data after death: any individual may provide Cosmo Network with directives concerning the handling of their data in the event of death, including whether or not to disclose their data to third parties. Right to lodge a complaint with a supervisory authority: any Data Subject may contact the CNIL or any competent data protection authority, if he or she believes that Cosmo Network has not complied with certain rules set out in the Personal Data Regulation (information on how to lodge a complaint with the CNIL is provided on its site).

For any question relating to the processing of their personal data or to exercise their rights under the Personal Data Regulation, data subjects may contact Cosmo Network at the following addresses: Via email at: hey@uncoverme.app Via letter at: Cosmo Network Ltd, Personal Data, 167-169 Great Portland Street, 5th Floor, W1W 5PF London Note that the exercise of the rights provided by the Personal Data Regulations is not without limit – Cosmo Network is entitled to refuse to act on manifestly unfounded or excessive requests - and each of them meets conditions that are imposed by the Personal Data Regulation. As such, the following elements are specified: Identity: any data subject must prove his or her identity and indicate the address at which he or she wishes to be contacted. Response time: the requests are processed by Cosmo Network within a reasonable time taking into account the complexity, the number of requests formulated and the Personal Data Regulation. Free of charge: the exercise of rights is in principle free of charge. In cases where a request would imply important costs, the data subject could be required to pay a fee. These requirements must be respected, otherwise requests may not be processed.

9. SECURITY MEASURES

Cosmo Network takes all necessary physical, logical, and organizational security measures to ensure a high level of protection for personal data, particularly to prevent it from being altered, damaged, or disclosed to unauthorized persons. In the event of changes to the means used to ensure the security of personal data, Cosmo Network commits to not reducing the level of security.

10. CHANGES TO THE PRIVACY POLICY

Cosmo Network may change this privacy policy from time to time as the manner in which personal data is handled may change due to development of the Solution, or applicable rules. In such a situation, the Data Subjects will be notified of updates, either by sending an email or through a notice on the Solution, at least 15 days prior to a material change to the privacy policy.