Privacy Policy

Last Updated: 12.11.2025

This Privacy Policy explains how KRAUT ASSETS LTD ("we," "our," or "us") collects, uses, and protects your personal data when you use our website, software, and related services (collectively, the "Service").

We are committed to protecting your privacy and processing your personal data in compliance with the EU General Data Protection Regulation (GDPR) and applicable data protection laws of the Republic of Cyprus.

1. Data Controller

The data controller responsible for your personal data is:

KRAUT ASSETS LTD
Address: Georgiou Karaiskaki, 11-13, CARISA SALONICA COURT, Flat/Office 102, Pervolia, 7560, Larnaca, Republic of Cyprus
Email: hello@fonzo.io
Company Registration Number: HE 449906

2. Personal Data We Collect

We collect and process the following types of personal data:

a. Information You Provide Directly

• Account Information: name, email address, username, and password.
• Billing Information: payment details (processed securely via our payment provider), VAT number (if applicable).
• Communications: messages, support requests, and feedback you send to us.

b. Information We Collect Automatically

When you use our Service, we may automatically collect:

• IP address, browser type, device information, and operating system.
• Usage data such as pages visited, features used, and time spent on the Service.
• Cookies and similar technologies to enable functionality and analytics (see Section 8).

c. Information from Third Parties

We may receive limited information from third-party services you connect to our Service (e.g., payment processors or single sign-on providers), subject to your authorization and their privacy terms.

3. How We Use Your Data

We process your personal data to:

• Provide, operate, and maintain the Service;
• Manage your account and authenticate your identity;
• Process payments and issue invoices;
• Communicate with you (service updates, billing notices, support);
• Improve and develop our products and user experience;
• Detect, prevent, and respond to fraud, misuse, or security incidents;
• Comply with legal obligations.

We only process personal data when we have a legal basis to do so under GDPR, such as your consent, contractual necessity, legitimate interest, or legal compliance.

4. Legal Bases for Processing

Under the GDPR, we rely on the following legal bases:

• Performance of a contract: when processing is necessary to deliver the Service.
• Consent: for optional communications, cookies, and marketing activities.
• Legitimate interests: such as improving our Service or preventing misuse.
• Legal obligation: to comply with tax, accounting, or other legal requirements.

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required by law.
When your data is no longer needed, we securely delete or anonymize it.

6. Sharing and Disclosure of Data

We do not sell your personal data.
We may share it only with:

• Service Providers: trusted partners who perform functions such as payment processing, hosting, analytics, or customer support, under strict data protection agreements.
• Legal Authorities: if required to comply with applicable law or valid legal process.
• Business Transfers: in the event of a merger, acquisition, or sale, where your data remains protected under this Policy.

7. International Data Transfers

If we transfer personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place - such as EU Standard Contractual Clauses (SCCs) or equivalent measures - to protect your privacy and rights.

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

• Enable essential website functionality;
• Analyze usage and improve performance;
• Provide personalization and remember your preferences.

You can manage or disable cookies in your browser settings.

For more details, see our Cookie Policy.

9. Your Data Protection Rights

Under the GDPR, you have the following rights:

• Access: request a copy of your personal data we hold.
• Rectification: request correction of inaccurate or incomplete data.
• Erasure: request deletion of your data ("right to be forgotten").
• Restriction: request limited processing of your data.
• Portability: request a copy of your data in a structured, machine-readable format.
• Objection: object to processing based on legitimate interests or direct marketing.
• Withdrawal of Consent: where processing is based on consent, you may withdraw it at any time.

To exercise these rights, contact us at [Your Contact Email].
We may need to verify your identity before responding to your request.

If you believe we have violated your data protection rights, you may lodge a complaint with the Office of the Commissioner for Personal Data Protection (Cyprus): https://www.dataprotection.gov.cy

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction.
However, no online system is completely secure, and you acknowledge that you use the Service at your own risk.

11. Children’s Privacy

Our Service is not intended for children under 18 years of age.
We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us so we can remove it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
If we make material changes, we will notify you via email or by posting a prominent notice on our website before the change takes effect.

13. Contact Information

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: hello@fonzo.io
Address: KRAUT ASSETS LTD, Georgiou Karaiskaki, 11-13, CARISA SALONICA COURT, Flat/Office 102, Pervolia, 7560, Larnaca, Republic of Cyprus