1. Definitions

The data protection declaration of Dawnnex AI Automations is based on the terms used by the European legislator when issuing the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easy to read and understand for the public, our customers, and our business partners. To ensure this, we explain the terms used in advance.

We use the following terms in this privacy policy:

a) Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to identifiers such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

b) Data subject
The data subject is any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing
Processing means any operation or set of operations performed on personal data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.

e) Profiling
Profiling means any form of automated processing of personal data intended to evaluate certain personal aspects relating to a natural person — particularly to analyze or predict aspects concerning that person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization
Pseudonymization means the processing of personal data in such a manner that the data can no longer be attributed to a specific data subject without the use of additional information, provided such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g) Controller or person responsible for processing
The controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means are determined by Union or Member State law, the controller or the specific criteria for their nomination may be provided for by such law.

h) Processor
Processor means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

i) Recipient
Recipient means a natural or legal person, public authority, agency, or another body to whom personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data in the context of a particular inquiry under Union or Member State law shall not be regarded as recipients.

j) Third party
Third party means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent
Consent means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes — by a statement or by a clear affirmative action — which signifies agreement to the processing of personal data relating to them.

2. Name and Address of the Controller

The controller, within the meaning of the General Data Protection Regulation (GDPR), other applicable data protection laws in the member states of the European Union, and other provisions related to data protection, is:

Dawnnex AI Automations
[Your Street Address Here]
[City], [Postal Code]
Sri Lanka

Phone: [+94 your number here]
Email: [yourname]@dawnnex.com
Website: https://dawnnex.com

3. Cookies

The website of Dawnnex AI Automations uses cookies. Cookies are text files that are stored on a computer system via an internet browser.

Many websites and servers use cookies. A large number of cookies contain what is known as a cookie ID. A cookie ID is a unique identifier consisting of a string of characters that allows websites and servers to recognize the specific browser used by the data subject. This enables visited websites and servers to distinguish the individual browser of the user from other internet browsers. Each browser can thus be uniquely identified using its cookie ID.

By using cookies, Dawnnex AI Automations is able to provide users with more user-friendly features that would not be possible without cookies.

Cookies help optimize the information and services on our website for the benefit of users. As mentioned, cookies allow us to recognize returning users and make the website easier to use. For example, a user who permits cookies may not have to re-enter login credentials each time they visit the site, as this information can be recalled by the cookie stored on their device. Another example is the cookie used for a shopping cart in an online store — the system remembers the items a customer has placed in their cart using cookies.

Users can prevent the setting of cookies by our website at any time through the appropriate settings in their internet browser, thereby permanently disabling cookies. Furthermore, cookies already stored can be deleted at any time using an internet browser or compatible software. This is possible in all standard browsers. However, if the user deactivates the setting of cookies, some parts of our website may not function properly or may be partially limited in usability.

4. Collection of General Data and Information

The website of Dawnnex AI Automations collects a range of general data and information each time it is accessed by a data subject or an automated system. This general data and information is stored in the server’s log files. The following data may be collected:

• Browser types and versions used

• Operating system used by the accessing device

• The website from which the accessing system arrives at our website (referrer)

• Subpages visited on our website

• Date and time of access

• Internet Protocol (IP) address

• Internet service provider of the accessing system

• Other similar data and information used for security purposes, especially to prevent or respond to cyberattacks

Dawnnex AI Automations does not draw conclusions about the data subject from this information. Instead, this data is used to:

• Properly deliver website content

• Optimize website content and advertising

• Ensure long-term functionality of our IT systems and website technology

• Provide necessary information to law enforcement in case of a cyber incident.

This data is analyzed anonymously for statistical purposes and to enhance data protection and security within the company. All server log file data is stored separately from any personal data provided by a data subject.

5. Subscription to Our Newsletter

On the website of Dawnnex AI Automations, users have the opportunity to subscribe to our company’s newsletter. The input fields used during signup determine the personal data transmitted to the controller when a newsletter subscription is requested.

Dawnnex AI Automations periodically informs customers and business partners of company offers through this newsletter. A data subject will only receive the newsletter if:

• They have a valid email address

• They have actively registered for the newsletter

For legal compliance, a confirmation email will be sent to the email address provided during registration using the double opt-in process. This step ensures the owner of the email address has authorized the subscription.

When registering, we also log the IP address of the device used at the time of signup, as well as the date and time of registration, as assigned by the Internet Service Provider (ISP). This data is necessary to trace any potential misuse of the email address and provides legal protection for the controller.

The personal data collected for newsletter registration is used solely for newsletter delivery. Subscribers may also receive notifications via email if necessary for the operation of the newsletter service or changes in technical conditions (e.g., updates to content or systems).

This personal data will not be shared with third parties. Subscription can be canceled by the data subject at any time. Consent for storing and using personal data for newsletter purposes can also be revoked at any time. A corresponding unsubscribe link is included in every newsletter. Alternatively, users can unsubscribe directly via our website or by contacting us through other means.

6. Newsletter Tracking

The newsletters of Dawnnex AI Automations may contain so-called tracking pixels. A tracking pixel is a small graphic embedded in emails sent in HTML format that enables log file recording and analysis. This allows for statistical evaluation of the success or failure of our email marketing campaigns.

Through the embedded tracking pixel, Dawnnex AI Automations can determine whether and when an email was opened by a subscriber and which links were clicked. This helps us measure engagement and improve the relevance of our future email communications.

Personal data collected through these tracking pixels is stored and evaluated by the controller for the sole purpose of optimizing our newsletter delivery and tailoring content more effectively to the interests of our subscribers. This data is not shared with third parties under any circumstances.

Subscribers may revoke their consent to this tracking at any time by unsubscribing from the newsletter. An unsubscribe action is automatically treated by Dawnnex AI Automations as a revocation of consent. Upon revocation, the relevant personal data will be deleted by the controller in accordance with data protection regulations.

7. Possibility to Contact via the Website

In accordance with legal requirements, the website of Dawnnex AI Automations provides information that allows users to contact our company quickly and electronically, including a general email address for direct communication.

If a data subject contacts the controller via email or through a contact form, the personal data voluntarily provided by the data subject will be automatically stored. Such data is stored solely for the purpose of responding to the inquiry or initiating further communication.

This personal data will not be disclosed to third parties under any circumstances.

8. Subscription to Comments on the Blog

Comments posted on the Dawnnex AI Automations blog may be subscribed to by third parties. Specifically, users have the option to subscribe to follow-up comments on a particular blog post after submitting their own comment.

If a data subject chooses to subscribe to comments, the controller will send an automatic confirmation email as part of the double opt-in procedure. This is done to verify whether the owner of the submitted email address has genuinely opted in to receive such notifications.

The option to subscribe to comments can be revoked by the data subject at any time.

8. Subscription to Comments on the Blog

Comments posted on the Dawnnex AI Automations blog may be subscribed to by third parties. Specifically, users have the option to subscribe to follow-up comments on a particular blog post after submitting their own comment.

If a data subject chooses to subscribe to comments, the controller will send an automatic confirmation email as part of the double opt-in procedure. This is done to verify whether the owner of the submitted email address has genuinely opted in to receive such notifications.

The option to subscribe to comments can be revoked by the data subject at any time.

9. Routine Deletion and Blocking of Personal Data

The controller processes and stores the personal data of a data subject only for the period necessary to fulfill the purpose of storage, or as permitted by the applicable laws and regulations of the European Union or other relevant legal authorities to which Dawnnex AI Automations is subject.

If the purpose of storage no longer applies, or if a legally prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with statutory requirements.

10. Rights of the Data Subject

Under the General Data Protection Regulation (GDPR), every individual whose personal data is processed by Dawnnex AI Automations has the following rights:

a) Right to Confirmation

You have the right to obtain confirmation from the controller as to whether or not personal data concerning you is being processed. You may exercise this right at any time by contacting our team.

b) Right to Information

You have the right to receive, free of charge, information about the personal data we store about you, including:

• The purpose of processing

• Categories of personal data processed

• Recipients or categories of recipients (especially in third countries or international organizations)

• The planned storage period or the criteria used to determine it

• The existence of rights to rectification, erasure, restriction of processing, or objection

• The right to lodge a complaint with a supervisory authority

• The source of the data (if not collected directly from you)

• The existence of automated decision-making, including profiling, and meaningful information about its logic and consequences

• Whether data has been transferred to a third country and the safeguards in place

To exercise this right, contact any team member at Dawnnex AI Automations.

c) Right to Rectification

You have the right to request the correction of inaccurate personal data and to have incomplete data completed. You can do this at any time by contacting us.

d) Right to Erasure (“Right to be Forgotten”)

You have the right to request the immediate deletion of your personal data if one of the following applies:

• The data is no longer necessary for its original purpose

• You withdraw your consent and there’s no other legal basis for processing

• You object to processing and there are no overriding legitimate grounds

• Your data was processed unlawfully

• Erasure is required to fulfil a legal obligation

• The data was collected in relation to services offered to a child under Article 8(1) GDPR

If we have made your data public and are obligated to delete it, we will also take reasonable steps to inform other data controllers processing the same data of your erasure request.

e) Right to Restrict Processing

You have the right to request restriction of processing if:

• You contest the accuracy of the data (while it is being verified)

• The processing is unlawful and you oppose erasure

• We no longer need the data, but you require it for legal claims

• You objected to processing and a decision on that objection is pending

If you meet any of the above criteria, contact us to initiate the restriction.

f) Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller. This applies if:

• The processing is based on consent or a contract, and

• It is carried out by automated means

Where technically feasible, you may request that we transmit the data directly to another controller.

g) Right to Object

You have the right to object at any time to the processing of your personal data where it is based on public interest or legitimate interests (Article 6(1)(e) or (f) GDPR), including profiling.

We will no longer process your data unless we can demonstrate compelling legitimate grounds that override your interests or if the processing is for the establishment, exercise, or defense of legal claims.

You also have the right to object to the processing of your data for direct marketing purposes. If you object, we will no longer process your data for this purpose.

This also applies to processing for scientific, historical, or statistical research, unless required for a task carried out in the public interest.

You may exercise your objection right by contacting us or using any automated tools provided with our services.

h) Automated Decisions Including Profiling

You have the right not to be subject to a decision based solely on automated processing — including profiling — that has legal or similarly significant effects on you, unless the decision:

• Is necessary for entering into or performing a contract

• Is authorized by law and includes safeguards for your rights

• Is based on your explicit consent

In such cases, we will take appropriate steps to safeguard your rights, including the right to obtain human intervention, express your point of view, and contest the decision.

i) Right to Withdraw Consent

You have the right to withdraw your consent to data processing at any time. Withdrawal of consent does not affect the legality of processing carried out before the withdrawal.

You may exercise this right by contacting our team.

11. Data Protection Regulations for the Use of Facebook

The website of Dawnnex AI Automations integrates components from Facebook, a social networking platform.

A social network enables users to interact, share content, and build communities online. Facebook allows its users to create personal profiles, upload photos, connect with others, and share company-related or personal information.

In the UK and EU, Facebook is operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Meta Platforms Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, is the parent company. For UK-based users, Meta Platforms Ireland Ltd. is considered the data controller responsible for data protection compliance under UK GDPR.

When you visit a page on our website that includes a Facebook plug-in (e.g., the “Like” button), your browser automatically downloads content from Facebook. This process informs Facebook of the specific page you are visiting on our website, even if you do not interact with the plug-in.

If you are logged into Facebook while browsing our site, Facebook may link your visit to your personal Facebook account. Any interaction with plug-in features (such as clicking "Like" or posting a comment) will also be attributed to your Facebook user profile. This data may then be stored and processed by Facebook.

If you wish to prevent Facebook from associating your visit to our site with your Facebook account, please log out of your Facebook account before accessing our website.

Facebook’s data policy — available at https://www.facebook.com/about/privacy — provides detailed information on how Meta processes personal data. It also explains your privacy settings and available tools for limiting or preventing the sharing of information.

Additional third-party applications or browser extensions may be used to block Facebook tracking if you wish to increase your privacy.

12. Data Protection Regulations for the Use of Google Analytics (with Anonymization Function)

This website uses components of Google Analytics (with IP anonymization), a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics helps us understand how users interact with our website. It collects and analyzes data such as referral websites, the pages visited, session duration, and user behavior. This information is used to improve the user experience and assess the effectiveness of our marketing efforts.

To ensure data protection, we use the "_gat._anonymizeIp" extension. This function shortens and anonymizes your IP address when accessing our website from within the UK, European Union, or European Economic Area (EEA). This means no full IP addresses are stored or processed.

How Google Analytics Works

Google Analytics sets a cookie on your device to track usage of our website. The cookie stores information such as:

• The time of visit

• Your general geographic location

• Pages visited and duration

• Your IP address (in anonymized form)

When you visit a page that includes the Google Analytics component, your browser automatically sends this data to Google for analysis. The anonymized data may be used by Google to generate website usage reports for us and to provide related services such as performance insights and ad attribution. Google may also share this data with third parties if required by law or if third parties process the data on Google's behalf.

Please note that some data may be transferred to and stored on servers in the United States. Google complies with standard contractual clauses and international data transfer safeguards under UK data protection law.

How to Opt Out

You can prevent cookies from being set by adjusting your browser settings. This will also prevent Google Analytics from placing cookies on your device. Additionally, you can install the Google Analytics Opt-out Browser Add-on, which is available at:
https://tools.google.com/dlpage/gaoptout

This tool communicates with Google Analytics via JavaScript and prevents user data from being collected and transmitted. If you clear your browser’s cache, reformat your device, or reinstall your operating system, you’ll need to reinstall the add-on.

For more information, please refer to Google’s privacy policies and terms:

• https://www.google.com/intl/en/policies/privacy/

• https://marketingplatform.google.com/about/analytics/terms/gb/

• https://support.google.com/analytics

13. Data Protection Regulations for the Use of Instagram

This website includes integrated components from Instagram, a social media platform that enables users to share photos, videos, and other content. Instagram also allows content to be shared across additional social networks.

In the United Kingdom and European Union, Instagram is operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

When you visit a page on our website that contains an Instagram plug-in (such as the Instagram logo or “Insta” button), your browser automatically downloads content directly from Instagram. During this process, Instagram receives information about which specific page of our website you are visiting.

If you are logged into your Instagram account at the time of visiting our website, Instagram may associate your visit with your personal user account. Any interaction with embedded Instagram elements (such as liking a post or clicking a link) may be linked to your Instagram profile. This data is collected, stored, and processed by Instagram/Meta in accordance with their privacy policy.

Instagram will receive this data whether or not you interact with the embedded component, as long as you are logged into your Instagram account during your visit. If you do not want this data to be associated with your Instagram account, please log out of Instagram before accessing our website.

For more information on how Instagram (Meta) processes your personal data, please refer to their privacy policies at:

• https://help.instagram.com/155833707900388

• https://www.instagram.com/about/legal/privacy/

14. Data Protection Regulations for the Use of LinkedIn

This website integrates components of LinkedIn, a business-oriented social networking platform used globally for maintaining and establishing professional contacts. With over 400 million registered users across more than 200 countries, LinkedIn is the world’s largest platform for professional networking.

For users located outside the United States, including the United Kingdom, LinkedIn is operated by:
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
(For U.S. users, the responsible entity is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.)

When you access a page on our website that includes a LinkedIn plug-in (such as a “Share” or “Follow” button), your browser automatically connects to LinkedIn’s servers to load the relevant content. Through this process, LinkedIn becomes aware of which specific subpage you are visiting.

If you are logged into LinkedIn at the time of your visit, LinkedIn may associate your activity on our site with your personal LinkedIn account. For example, if you click a LinkedIn button on our website, this interaction may be linked to your LinkedIn profile and stored accordingly.

This tracking occurs whether or not you interact with the plug-in, provided you are logged into LinkedIn during your visit. If you wish to prevent LinkedIn from collecting this data, you must log out of your LinkedIn account before visiting our website.

LinkedIn provides privacy controls at:
👉 https://www.linkedin.com/psettings/guest-controls
Here, you can manage your communication preferences and targeted advertising settings.

Additionally, LinkedIn works with third-party partners (e.g., Google Analytics, Quantcast, DoubleClick, BlueKai, Nielsen, etc.) that may place cookies for tracking and analytics purposes.

You can review and manage these via LinkedIn’s cookie policy:
👉 https://www.linkedin.com/legal/cookie-policy

LinkedIn’s full privacy policy is available at:
👉 https://www.linkedin.com/legal/privacy-policy

15. Data Protection Regulations for the Use of X (formerly Twitter)

This website integrates components from X (formerly Twitter), a microblogging platform that enables users to post and share short-form content known as “tweets” or posts, limited to 280 characters. These posts are public by default and may be visible even to non-registered users. Content can also be amplified through reposts, hashtags, or embedded links, allowing wide digital distribution.

In the United Kingdom and European Union, X is operated by:
Twitter International Unlimited Company (a subsidiary of X Corp.), One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

When a page on our website containing an X plug-in or button is loaded, your browser automatically connects to X’s servers to display the component. During this process, X receives information about the specific subpage you are visiting.

If you are logged into your X account during your visit to our site, X may associate your activity with your personal user profile. This includes interactions such as clicking an embedded “Repost” or “Follow” button. These interactions, and the associated visit data, may be stored and processed by X.

This transmission of data occurs regardless of whether you interact with the X plug-in, as long as you're logged in to your X account during your session. If you wish to prevent this, log out of X before accessing our website.

The integration of X serves to enhance the digital reach of Dawnnex AI Automations and to enable users to share our content more easily across professional and public networks.

For more details about how X processes personal data, refer to their privacy policy:
👉 https://twitter.com/privacy

17. Legal Basis for Processing

Dawnnex AI Automations processes personal data in accordance with the UK General Data Protection Regulation (UK GDPR). The legal bases for our data processing activities are outlined below:

• Article 6(1)(a) UK GDPR – Consent:
  We rely on this legal basis when the data subject has given clear consent for the processing of their personal data for a specific purpose.

• Article 6(1)(b) UK GDPR – Contract performance:
  Processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract (e.g. when responding to enquiries or fulfilling service requests).

• Article 6(1)(c) UK GDPR – Legal obligation:
  Processing is necessary to comply with a legal obligation to which our company is subject, such as tax reporting or regulatory compliance.

• Article 6(1)(d) UK GDPR – Vital interests:
  In rare circumstances, processing may be necessary to protect the vital interests of the data subject or another natural person — for example, in a medical emergency where personal details need to be shared with healthcare professionals.

• Article 6(1)(f) UK GDPR – Legitimate interests:
  Processing is also lawful where it is necessary for the purposes of the legitimate interests pursued by Dawnnex AI Automations or a third party, provided such interests are not overridden by the data subject’s fundamental rights and freedoms.

Legitimate interest may include cases such as:

• Direct communication with existing customers

• Website analytics

• Network and information security

• Preventing fraud or misuse of services

The UK GDPR (Recital 47) recognises that a legitimate interest may be assumed if the data subject is a client or customer of the controller.

18. Legitimate Interests Pursued by the Controller or a Third Party

Where the processing of personal data is based on Article 6(1)(f) UK GDPR, it is carried out on the basis of the legitimate interests of Dawnnex AI Automations. These interests include the efficient and secure operation of our business activities, the delivery of high-quality services, and the protection of the rights and wellbeing of our employees, partners, and shareholders.

19. Duration for Which Personal Data Is Stored

The duration for which personal data is stored depends on the statutory retention periods applicable under relevant UK laws (e.g. tax, commercial, or regulatory requirements). Once the legal retention period has expired, the corresponding data is routinely deleted, provided it is no longer necessary for the fulfilment of a contract or the initiation of a new one.

20. Legal or Contractual Requirements for Providing Personal Data

In some cases, the provision of personal data is a legal requirement (e.g. for tax compliance), or it may be necessary under a contractual agreement (e.g. to establish or execute a contract).

It may be required, for example, that a data subject provides us with personal data in order to enter into a contract with Dawnnex AI Automations. If the required data is not provided, we may be unable to conclude or perform the contract.

Before providing personal data, individuals are encouraged to contact us. We will inform the data subject whether:

• The provision of personal data is required by law or contract

• The provision is necessary to enter into a contract

• There is an obligation to provide the data

• The potential consequences of not providing the data

This ensures data subjects can make informed decisions based on the legal and practical implications of sharing or withholding personal information.

20. Legal or Contractual Requirements for Providing Personal Data

In some cases, the provision of personal data is a legal requirement (e.g. for tax compliance), or it may be necessary under a contractual agreement (e.g. to establish or execute a contract).

It may be required, for example, that a data subject provides us with personal data in order to enter into a contract with Dawnnex AI Automations. If the required data is not provided, we may be unable to conclude or perform the contract.

Before providing personal data, individuals are encouraged to contact us. We will inform the data subject whether:

• The provision of personal data is required by law or contract

• The provision is necessary to enter into a contract

• There is an obligation to provide the data

• The potential consequences of not providing the data

This ensures data subjects can make informed decisions based on the legal and practical implications of sharing or withholding personal information.