Privacy Notice

Last updated: May 5, 2026

PLEASE CAREFULLY READ THIS PRIVACY NOTICE AS IT APPLIES TO ALL PERSONAL DATA COLLECTED BY SINAIS LLC ("DECISION-APM," "COMPANY," "WE," "US," OR "OUR") THROUGH ITS WEBSITE LOCATED AT DECISION-APM.COM ("WEBSITE", "SITE" OR "PLATFORM") OR THROUGH OTHER SOURCES WHEN YOU USE ANY SERVICES OWNED OR OPERATED BY THE COMPANY.

1. Introduction

   Your privacy is important to us. This Privacy Notice informs you how and why we process your personal data, and the legal basis of our processing. We will only process your personal data as set out in this Privacy Notice. This Privacy Notice should be read in conjunction with Decision-APM Software as a Service Agreement.

   Please note that Decision-APM is a B2B Software as a Service targeted at businesses (Clients). During the course of delivering our service, we collect some personal data of natural persons within our Client's organisation. Where our Service is made available to you by a Decision-APM account holder (ex your Employer organisation or a Service Provider) through email invitation to join Decision-APM, such "Host account holder" will have a certain level of control over the data that you can view on their Decision-APM account. This control may enable the Host account holder to add you to their team or remove you from their account. Decision-APM will not be held responsible for the actions of such a Host account holder. If a Host account holder has restricted your access to any information on Decision-APM system, such access related queries should be directed to that Host account holder.

   Please note that in order to invite a user to join the Decision-APM platform, the existing account holder is required to provide Decision-APM with the invitee's first name, last name and work email address. Decision-APM only acts as a "Processor" when sending invitations to join Decision-APM on behalf of our Clients who are the "controller" of such personal data.

   We believe in the principle of data minimisation which is why we only collect the personal data that is necessary for us to deliver our Service. This Privacy Notice covers the personal data we process for all different data subject categories, and you may either fall in one or more of these categories. If you do not wish to read the entire Privacy Notice, you can view the table of content to see which data subject category you would like to learn about and visit the relevant sections of this Privacy Notice. If something is unclear, please feel free to contact us, and we will be happy to answer any questions relating to this Privacy Notice.

2. Scope of this Privacy Notice

   This Privacy Notice only applies to the processing of personal data for which the Company is the Data Controller. This Privacy Notice should be read by natural persons who fall within the following data subject categories:

   • Service Provider

     Data subjects who register an account as "CAPEX/OPEX optimization Service" on the Website.

   • Organization

     Data subjects with an "Industrial or Manufacturing" account on decision-apm.com. This includes organizations whose accounts are linked to service providers as well as those who register an account directly on the Website.

   • Team Members of Service Provider and Organization

     Data subjects who arrive/join Decision-APM by following an email invitation link sent through the Website by Service Providers or Organizations with existing Decision-APM account.

   • Website Visitor

     Data subjects who browse the Website.

   • Landing Page Visitor

     Data subjects who arrive at any Decision-APM landing pages.

3. Definition

   For this Privacy Notice the following words shall have the meaning as defined in Article 4 of General Data Protection Regulation as stated below:

   "Controller" The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

   "Personal Data" Any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

   "Processing" Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

   "Processor" A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

4. Sinais LLC as Data Controller

   Sinais LLC is the data controller for any personal data that we process for the data subject categories listed in section 2 of this Privacy Notice. If you have any questions or comments, you can contact the data controller at:

   Sinais LLC
   30 N Gould St, STE R
   Sheridan, WY 82801
   USA
   contact@sinais.io

5. How we obtain your personal data

   We obtain personal data during the course of our business as outlined below:

   • Service Provider

     Data subjects in the "Service Provider" category provide us with two types of personal data:

     • When Service Provider creates an account on the Website, they provide us with their personal data such as their first name, last name and work email address ("Account Data").

     • When Service Provider send us enquiries or support requests through email or the contact form on our Website, they provide us with their personal data such as their full name, email address, job title and content of their message ("Support & Enquiries Data").

   • Organization

     We receive the following personal data about Organization account holders on Decision-APM through the following sources:

     • When an Organization is invited by a Service Provider to join the Decision-APM platform, such Organization ("invitee") can create a linked account associated with the Service Provider account. To send the invitation, the Service Provider provides Decision-APM with the personal data for the invitee, including the invitee's first name, last name and email address ("Linked Account Data").

     • When an Organization sends us enquiries or support requests through email, the contact form on our Website, or the SalesIQ chat, they provide us with their personal data such as their name, email address, job title and the content of their message. We register this information as "Support & Enquiries Data".

   • Team Members of Service Providers or Organizations

     We receive the following personal data when Service Providers and Organizations (Registered Users) invite their Team Members to join the Decision-APM platform:

     • When a team member of a registered user is invited to join Decision-APM, the Company receives some basic personal data for that team member from the registered user such as the team member's first name, last name and email address ("Service Data").

     • When such team member send us enquiries or support requests through email or the contact form on our Website, they provide us with their personal data such as their full name, email address, job title and content of their message ("Support & Enquiries Data").

   • Website Visitors

     When someone visits our website, we process two types of personal data:

     • Personal data we collect when the Website Visitor contacts us through the contact form on our website which includes their full name, email address, company name, work phone number and country ("Contact Form Website Data").

     • Data we collect when the Website Visitor browses our website which includes information about the pages they visit as well as the date and time of their visit ("Browsing Data").

   • Landing Page Visitors

     From time to time we create landing pages that offer informative content in exchange for some personal data from data subjects. Depending on the specific page, data subjects can voluntarily provide us personal data such as their first name, last name and email address ("Contact Form Landing Page Data").

6. Why we process your personal data and legal basis

   We process the personal data of data subjects in the following categories:

   • Service Provider

     We process the personal data about our Service Provider for:

     • Purpose of processing "Account Data"

       • To create and maintain a user account

       • To provide a customized interface for registered users

       • To show application features applicable to company type

       • To communicate with registered users as and when needed

       Our legal basis for processing this personal data is the performance of our contract.

     • Purpose of processing "Support & Enquiries Data"

       • To respond to support requests and enquiries

       • To communicate with registered users as and when needed

       Our legal basis for processing this personal data is our legitimate interest.

   • Organization

     We process the personal data about Organization account holders for:

     • Purpose of processing "Linked Account Data"

       • To send the invited Organization an invitation link to join Decision-APM

       • To create and maintain a linked user account associated with a Service Provider account

       • To enable collaboration and information sharing inside the Decision-APM account

       • To communicate with registered users as and when needed

       Our legal basis for processing this personal data is the performance of our contract and our legitimate interest.

     • Purpose of processing "Support & Enquiries Data"

       • To respond to support requests and enquiries received by email, website contact form, or SalesIQ chat

       • To communicate with registered users as and when needed

       Our legal basis for processing this personal data is our legitimate interest.

   • Team Members of Service Providers or Organizations

     We process the personal data about Team Members of Service Providers or Organizations for:

     • Purpose of processing "Service Data"

       • To send the invitation link to the Team Member to join Decision-APM

       • To create and maintain a user account for the Team Member

       • To show relevant information inside the Decision-APM account

       • To enable Decision-APM users to collaborate with their team members

       • To communicate with the user as and when needed

       Our legal basis for processing this personal data is the performance of our contract and legitimate interest.

     • Purpose of processing "Support & Enquiries Data"

       • To respond to support requests and enquiries

       • To communicate with registered users as and when needed

       Our legal basis for processing this personal data is our legitimate interest.

   • Website Visitors

     We process the personal data about Website Visitors for:

     • Purpose of processing "Contact Form Website Data"

       • To respond to enquiries and support requests

       • To communicate with users who contact us

       Our legal basis for processing this personal data is our legitimate interest.

     • Purpose of processing "Browsing Data"

       • To operate, secure, and improve our Website and Services

       Our legal basis for processing this personal data is our legitimate interest.

   • Landing Page Visitors

     We process the personal data about Landing Page Visitors for:

     • Purpose of processing "Contact Form Landing Page Data"

       • To respond to enquiries and information requests submitted by the visitor

       • To provide the information or follow-up requested by the visitor

       Our legal basis for processing this personal data is our legitimate interest.

7. Disclosure and International Transfer of data

   We will not sell or rent any personal data that we hold to any third-party. In particular, no mobile phone information will be shared with third parties or affiliates for promotional purposes. We may share your personal data with persons and entities specified below under the following circumstances:

   • Our Employees

     Our employees may have access to your personal data including your full name, email address and company name during the course of delivering our Service to you.

   • Our Consultants and Advisers

     We may be assisted by consultants, advisers and analysts who assist us in delivering our Services to you. Wherever we engage any third-party to assist us with our Services, we do so after entering into suitable confidentiality agreements with them to ensure your personal data is not used for anything other than purposes specified in this Privacy Notice.

   • Other Processors

     Your personal data may be processed outside the European Economic Area by our data processors on our behalf. We currently use the following data processors:

     • Pantheon.io

       Our hosting service provider processes personal data of our users on our behalf, including service data, account data, linked account data, and support and enquiries data for Service Providers, Organizations, and Team Members. In this context, Pantheon acts as processor/service provider for infrastructure and hosting operations.

       Data transferred to the United States of America
       Legal basis of processing: Contract
       Privacy compliance: Pantheon Data Processing Addendum, Pantheon Privacy Policy, and Standard Contractual Clauses (including EU 2021/914 where applicable). Pantheon maintains and updates a subprocessor list and contractual safeguards under applicable data protection laws. Additional Pantheon legal documentation is available at legal.pantheon.io.

     • Zoho (SalesIQ and related services)

       When users contact us through website forms, landing page forms, or SalesIQ chat, the submitted personal data may be processed on our behalf by Zoho and is subject to this Privacy Notice.

       Data transferred to the United States of America and other jurisdictions where Zoho operates
       Legal basis of processing: Contract and legitimate interest
       Privacy compliance: Zoho contractual data protection commitments and applicable safeguards.

   • Mergers and Acquisitions

     If in future we undergo any merger or acquisition, we may transfer personal data of our users to the new entity as a result of such transaction. Any such commercial transaction will not have any negative impact on your data rights as provided under this Privacy Notice.

   • Compliance with the laws

     We may disclose your personal information to comply with a law or upon requests from any government authority or other regulatory bodies.

   Sinais LLC will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice. Where transfers occur outside the originating jurisdiction, we rely on appropriate safeguards, including contractual data protection commitments and, where applicable, Standard Contractual Clauses and equivalent transfer mechanisms.

8. How long we keep your personal data

   By default we will not retain your personal data longer than required for our business purposes as specified below:

   Categories of Personal Data	Retention Period
   Trial Account Data	Three months after the end of the trial period
   Linked Account Data	Six months after termination of the primary user account
   Service Data	One year after termination of the account
   Contact Form Website Data	Six months from the date of last communication unless the data subject registers for a user account
   Contact Form Landing Page Data	Six months after the receipt of data unless the data subject registers for a user account
   Support and Enquiries Data	One year from the date of resolution of the support request. We may anonymise this data after one year to retain relevant technical analysis information.

   Please note that we may be required to retain your personal data longer than the aforementioned retention periods if required to establish or defend our legal rights or to comply with legal obligations.

9. We use Cookies

   We use cookies to optimize our Website. Cookies are small files that contain data that we use to identify you as a unique user. We send cookies to your browser from our Website. You can tell your browser to decline all cookies or to indicate when a cookie is being sent. If you decide to decline cookies from our Website, you may not be able to use some parts of our Service. For more information on cookies, please visit our Cookie Policy.

10. Security

    We strive to keep all your Personal Information secure. We use all commercially viable safeguards and industry best practices to protect your personal data. However, our Website and platform are built upon various software components that may have security vulnerabilities that we are unaware of, which is why we are unable to offer guarantees of absolute security.

    In the event of a data breach that impacts your personal data, we will promptly notify affected data subjects as required by applicable law.

11. Your Rights

    Individuals in the EEA have certain rights concerning their personal data processed by Decision-APM. If you are in the EEA at the time your data is being processed, you can exercise the following rights:

    • Right to access your data and data portability

      You can request access to the personal data that we have about you. We will provide the personal data record to you in a portable format and may request additional information to verify your identity before sharing personal data.

    • Right to rectification or erasure of your data

      You may request rectification of inaccurate/incomplete personal data or request deletion of your personal data. We may request additional information to verify your identity before making these changes.

    • Right to object to processing

      You have the right to object to processing based on legitimate interest in accordance with applicable law.

    • Right to lodge a complaint

      If you believe that we are not in compliance with our data protection obligations, you have the right to complain to your local supervisory authority.

12. Do Not Track (DNT)

    If you are a California resident, we would like to notify you that we currently do not respond to DNT signals.

13. Links to Third-Party Websites

    Our Website may contain links to third-party websites that are not owned or operated by us. If you click on a third-party link, you will be directed to that third-party website. These third-party sites have their own terms and privacy policies, and we encourage you to review them before using those services. We are not responsible for third-party content or practices.

14. Children's Privacy

    Our Website is not addressed to anyone under the age of sixteen (16) years ("Children"). If you are the parent or legal guardian of a Child who you believe has provided personally identifiable information, please contact us.

15. Changes to this Privacy Notice

    We may modify and update this Privacy Notice at any time at our sole discretion. If we modify this Privacy Notice, we will update the "Last updated" date at the top of this page. You are advised to review this Privacy Notice regularly.

16. Contact Us

    If you have any questions about our privacy practices or this privacy notice, you can contact us either through the contact page on our website or at:

    Sinais LLC
    30 N Gould St, STE R
    Sheridan, WY 82801
    USA
    contact@sinais.io