Monolith

Privacy Policy

Last updated: May 20, 2025

Table of Contents

1. Introduction

Welcome to Monolith ("Monolith", "we", "our", or "us"). This Privacy Policy explains how we collect, use, store, and protect personal data when you or your organization use our website at www.monolith.life and our cloud-based SaaS platform and related services ("Service"). By using the Service, you agree to this Privacy Policy. If you do not agree, please do not use our Service.

2. Who This Policy Applies To

This Privacy Policy applies to business representatives, administrators, and users who access or use the Service on behalf of a company or other organization. The Service is not intended for individual consumers or children under 18.

3. Data Controller Information

Monolith
info@monolith.life

4. Information We Collect

  • Account Information: Name, business email, company name, role, and login credentials when you register or are invited to the Service.
  • Business Data: Documents, files, messages, or other content uploaded, submitted, or generated through the Service ("User Content").
  • Usage Data: Information about how you use the Service, including access logs, actions taken, device/browser type, IP address, and general location (country/city).
  • Support & Communications: Information you provide when you contact us, request support, or otherwise communicate with us.
  • Cookies & Tracking: We use cookies and similar technologies to operate the Service, understand usage, and improve performance. For details, see Section 10.

5. How We Use Your Data

  • Provide the Service: To operate, maintain, and provide all features of the Service to your organization.
  • Account Management: To create and manage user accounts, authenticate access, and communicate about your account.
  • Support & Security: To respond to requests, prevent fraud or misuse, and ensure the security and integrity of the Service.
  • Product Improvement: To analyze usage and improve the Service, including troubleshooting, analytics, and product development.
  • Legal & Compliance: To comply with legal obligations, enforce agreements, and protect the rights of Monolith, our users, and others.
  • Marketing: To send business communications about new features or updates. You may opt out of non-essential communications at any time.

6. Lawful Bases for Processing

  • Performance of Contract: Most processing is necessary to provide the Service under our contract with your organization.
  • Legitimate Interests: For security, analytics, business operations, and communications relevant to your business use.
  • Legal Obligation: Compliance with applicable laws and regulations.
  • Consent: Where required (e.g., for certain cookies or marketing), we will obtain your consent.

7. Data Sharing & Subprocessors

  • Service Providers: We use trusted subprocessors to host, process, or support the Service (e.g., cloud providers, analytics, email). All subprocessors are contractually bound to protect your data under GDPR terms.
  • Legal Requests: We may disclose data if required by law, regulation, or valid legal process.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, we may transfer data as part of the transaction. You will be notified of any change in control or data use.
  • No Sale of Personal Data: We do not sell personal data to third parties.

8. International Data Transfers

Your data may be processed in the Netherlands, the European Economic Area (EEA), or other countries where our subprocessors operate. Where data is transferred outside the EEA, we use Standard Contractual Clauses or other approved safeguards to ensure adequate protection under GDPR.

9. Data Retention

We retain your data as long as necessary to provide the Service and for legitimate business purposes (such as legal compliance, dispute resolution, and enforcing our agreements). Account data and User Content are deleted upon request by your organization or upon termination, subject to legal requirements.

10. Cookies & Analytics

  • Essential Cookies: Required for site functionality and security.
  • Analytics Cookies: Used to measure usage and improve the Service. You may opt out of analytics cookies via your browser settings or our cookie banner (where applicable).
  • Third-Party Tools: We may use third-party analytics or service tools, which process data on our behalf and do not use your information for their own purposes.

11. Your Rights Under GDPR

  • Access: You may request access to your personal data.
  • Rectification: You may correct inaccurate or incomplete data.
  • Erasure: You may request deletion of your data in certain circumstances.
  • Restriction: You may restrict processing in certain cases.
  • Portability: You may request to receive your data in a portable format.
  • Objection: You may object to processing where we rely on legitimate interests.
  • Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.
  • To exercise these rights, contact us at info@monolith.life.
  • Supervisory Authority: You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.

12. Data Security

  • We implement appropriate technical and organizational measures to protect your personal data and User Content, including encryption, access controls, secure hosting, and regular security reviews.
  • While we strive to protect your data, no method of transmission or storage is 100% secure.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Continued use of the Service after changes take effect constitutes acceptance of the new policy.

14. Contact Us

For questions or requests regarding your personal data or this Privacy Policy, please contact us at info@monolith.life or write to us at our business address in the Netherlands.

© 2025 Monolith All rights reserved.