SUMMARY OF KEY POINTS

‍

This summary provides key points from our Privacy Notice, but you can find out more details about any of these topics by using the table of contents below.

‍

What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use.

‍

Do we process any sensitive personal information? We do not intentionally collect or seek sensitive personal information. However, files you choose to connect to Diem may contain content that could be considered sensitive. Any such processing occurs only at your direction and only to provide the Services.

‍

Do we collect any information from third parties? We do not collect personal information from third parties except where you choose to connect a third-party service (for example, social login).

‍

How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so.

‍

In what situations and with which types of parties do we share personal information? We may share information in specific situations and with specific categories of third parties, such as service providers that help us operate the Services (e.g., hosting, analytics, performance monitoring, customer support). If you use optional AI features, limited data may be processed by AI service providers as described below.

‍

How do we keep your information safe? We have organizational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or storage technology can be guaranteed 100% secure.

‍

What are your rights? Depending on where you are located geographically, the applicable privacy law may give you certain rights regarding your personal information.

‍

How do you exercise your rights? The easiest way to exercise your rights is by submitting a data subject access request or by contacting us.

‍

Want to learn more about what we do with any information we collect? Review the Privacy Notice in full.

‍

TABLE OF CONTENTS

‍

1. WHAT INFORMATION DO WE COLLECT?

2. HOW DO WE PROCESS YOUR INFORMATION?

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

6. DO WE OFFER ARTIFICIAL INTELLIGENCE-BASED PRODUCTS?

7. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

8. HOW LONG DO WE KEEP YOUR INFORMATION?

9. HOW DO WE KEEP YOUR INFORMATION SAFE?

10. DO WE COLLECT INFORMATION FROM MINORS?

11. WHAT ARE YOUR PRIVACY RIGHTS?

12. CONTROLS FOR DO-NOT-TRACK FEATURES

13. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

14. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?

15. DO WE MAKE UPDATES TO THIS NOTICE?

16. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

17. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

‍

‍

‍

1. WHAT INFORMATION DO WE COLLECT?

‍

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

‍

Personal Information Provided by You.

The personal information we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

• names

• email addresses

• job titles

• billing addresses

• debit/credit card information (processed by our payment processors; we do not store full card details)

• usernames

• passwords

• contact preferences

‍

Sensitive Information

‍

We do not intentionally collect or seek sensitive personal information (sometimes called “special category” data in certain jurisdictions). However, files you choose to connect to Diem may contain content that could be considered sensitive (such as personal documents, identification documents, health documents, or personal images). Any such processing occurs solely at your direction and only for the purpose of providing the Services. Diem does not analyze, classify, or use such information for profiling, marketing, or advertising.

Payment Data
‍

We may collect data necessary to process your payment if you choose to make purchases, such as your billing details and transaction identifiers. All payment transactions are handled securely by our third-party payment processors, such as Stripe.

‍

We do not store or process full payment card details on our own servers. Payment information is handled in accordance with the payment processor’s privacy notice and security standards.

‍

Stripe privacy notice: https://stripe.com/privacy

Social Media Login Data
‍

We may provide you with the option to register with us using your existing social media account details, like your Facebook, X, or other social media account. If you choose to register in this way, we will collect certain profile information about you from the social media provider, as described in the section called “HOW DO WE HANDLE YOUR SOCIAL LOGINS?” below.

‍

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

‍

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, approximate location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for internal analytics and reporting purposes.

The information we collect includes:

• Log and Usage Data. Service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. This may include IP address, device information, browser type, and settings and information about your activity in the Services (such as date/time stamps, pages viewed, and actions you take such as which features you use), device event information (such as system activity, error reports (“crash dumps”), and hardware settings).

• Device Data. Information about your computer, phone, tablet, or other device you use to access the Services (such as IP address (or proxy server), device and application identification numbers, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information).

Google API

Our use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

‍

Information processed from your files (Local-First Processing)

‍

In Short: Diem is designed to process your files locally on your device wherever possible. We do not upload your files by default.

Diem is a desktop application designed to help users organize, preview, and search their own files across connected storage devices. The files you connect to Diem (including videos, images, documents, and other media) remain under your control.

‍

Local Processing

• By default, Diem processes file contents locally on your device.
• File previews, indexing, and metadata extraction are performed on-device wherever technically possible.
• We do not automatically upload the full contents of your files to our servers.

‍

Metadata and Derived Data

‍

To provide core functionality, Diem may process limited technical information derived from your files, such as:

• file names

• file paths

• file types

• timestamps

• file sizes

• non-reversible identifiers and/or embeddings used to enable search and organization

This derived data is used solely to provide and improve the Services and does not replace your original files.

‍

User Control

‍

You remain responsible for:

• which drives or folders you connect
• which files are indexed
• whether you enable optional AI-powered features that may require cloud processing (as described below)

‍

‍

2. HOW DO WE PROCESS YOUR INFORMATION?

‍

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.
‍

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

• To facilitate account creation and authentication and otherwise manage user accounts.

• To request feedback.

• To protect our Services (including fraud monitoring and prevention).

• To identify usage trends and improve the Services.

• To save or protect an individual’s vital interest (for example, to prevent harm).

‍

‍

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

‍

In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason to do so under applicable law (for example, consent, contract, legal obligations, vital interests, and legitimate interests).
‍

If you are located in the EU or UK.

We may rely on the following legal bases:

• Consent. You can withdraw your consent at any time.

• Legitimate Interests. For example, to analyze and improve the Services, diagnose problems, prevent fraud, and improve user experience.

• Legal Obligations. To comply with applicable laws and regulations.

• Vital Interests. To protect safety.
  ‍

If you are located in Canada.

We may process your information with express or implied consent, and in some cases as permitted by law without consent (for example, for fraud prevention or investigations).

‍

‍

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

‍

In Short: We may share information in specific situations described in this section and/or with specific categories of third parties.

‍

Vendors, Consultants, and Other Third-Party Service Providers.

‍ We may share your data with third-party vendors, service providers, contractors, or agents (“third parties”) who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place designed to help safeguard your personal information.
‍

The categories of third parties we may share personal information with are as follows:

• Data Analytics Services
• Performance Monitoring Tools
• User Account Registration & Authentication Services
• Customer Support Tools
• Payment Processors

‍

We may also share your personal information in the following situations:

• Business Transfers. In connection with a merger, sale of assets, financing, or acquisition.

• Affiliates. With our affiliates, who must honor this Privacy Notice.

• Business Partners. To offer certain products, services, or promotions (if applicable).

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

‍

In Short: We use limited cookies and similar technologies primarily for essential website functionality and analytics.

‍

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our website. These technologies help us maintain security, prevent crashes, fix bugs, save preferences, and understand website usage.
‍

We do not use cookies within the desktop application itself.
‍

If we introduce advertising or behavioral tracking in the future, we will update this Privacy Notice and provide any required choices and controls.
‍

Specific information about how we use such technologies and how you can refuse certain cookies may be provided in a separate Cookie Notice, where applicable.
‍

‍

6. DO WE OFFER ARTIFICIAL INTELLIGENCE-BASED PRODUCTS?

‍

In Short: Yes. Diem offers optional AI-powered features. These features are designed with data minimization and user control in mind.

‍

Use of AI Technologies

‍

Diem offers optional features powered by artificial intelligence and machine learning technologies (“AI Products”) to assist with functions such as intelligent search, content analysis, and organization.

We provide these AI Products using carefully selected third-party service providers (“AI Service Providers”), which may include OpenAI.

How AI Processing Works

• AI features are optional and are only used when enabled by the user.
• When AI features are used, Diem processes only the minimum data necessary to deliver the requested functionality.
• Where possible, data is pseudonymized or abstracted (for example, using embeddings rather than raw files).
• We do not use your data to build user profiles or for advertising purposes.

‍

Data Sharing With AI Providers

‍

When AI processing requires third-party services:

• Relevant inputs and outputs may be transmitted securely to the AI Service Provider.
• Such data is processed solely to deliver the requested feature.
• We do not permit AI Service Providers to use your data to train or improve their models.
• We require AI Service Providers to process data in accordance with applicable data protection laws and contractual safeguards.

‍

No Model Training on User Data

We do not use your files, file contents, or AI inputs or outputs to train Diem’s own models or any third-party AI models.

‍

International Transfers

Where AI processing involves data transfer outside your country of residence, we rely on appropriate safeguards such as standard contractual clauses or equivalent lawful mechanisms.

‍

‍

7. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

‍

In Short: If you choose to register or log in using a social media account, we may have access to certain information about you.

‍

Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook or X logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information may vary but will often include your name, email address, and profile picture, and other information you choose to make public.

‍

We will use the information we receive only for the purposes described in this Privacy Notice or that are otherwise made clear to you. We do not control and are not responsible for other uses of your personal information by your third-party social media provider. We recommend you review their privacy notice.

‍

‍

8. HOW LONG DO WE KEEP YOUR INFORMATION?

‍

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.

‍

We retain personal information only for as long as necessary to provide the Services and fulfill the purposes described in this Privacy Notice.

• Account information is retained for the duration of your account.

• Derived technical data used for indexing or AI features is retained only as long as required to provide functionality.

• Logs and diagnostic data are retained for limited periods to maintain security and system integrity.

‍

When we have no ongoing legitimate business need to process your personal information, we will delete or anonymize it, or, if not possible (for example, stored in backups), securely store and isolate it until deletion is possible.

‍

‍

9. HOW DO WE KEEP YOUR INFORMATION SAFE?

‍

In Short: We aim to protect your personal information through organizational and technical security measures.

‍

We implement reasonable technical and organizational security measures designed to protect the security of personal information we process. However, no electronic transmission over the Internet or information storage technology can be guaranteed 100% secure.

‍

‍

10. DO WE COLLECT INFORMATION FROM MINORS?

‍

In Short: We do not knowingly collect data from or market to children under 18 years of age.

‍

We do not knowingly collect, solicit data from, or market to children under 18. If we learn that personal information from users under 18 has been collected, we will deactivate the account and take reasonable measures to delete such data. Contact us at hello@downloaddiem.com if you believe we may have collected information from a minor.

‍

‍

11. WHAT ARE YOUR PRIVACY RIGHTS?

‍

In Short: Depending on where you are located, you may have rights that allow you greater access to and control over your personal information.

‍

In some regions (like the EEA, UK, Switzerland, and Canada), you may have rights including:

• request access and obtain a copy of your personal information
• request rectification or erasure
• restrict processing
• data portability
• object to processing
• not to be subject to certain automated decision-making (where applicable)

To make such a request, contact us using the details in “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” below.

‍

Withdrawing your consent: If we rely on your consent, you may withdraw it at any time.

Opting out of marketing: You can unsubscribe using the link in our emails or by contacting us. We may still send service-related messages.

‍

Account Information: You may review or change your account information by logging into your account settings. You may also request account deletion.

‍

‍

12. CONTROLS FOR DO-NOT-TRACK FEATURES

‍

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature. No uniform standard exists for DNT signals, so we do not currently respond to them. If a standard is adopted, we will update this notice.

13. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

‍

In Short: If you are a resident of certain US states, you may have additional rights.

‍

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Montana, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have rights to access, correct, delete, or obtain a copy of your personal information, and to opt out of certain processing in some cases.

‍

We do not sell personal information. If we engage in “sharing” for targeted advertising under certain US state laws in the future, we will provide appropriate disclosures and opt-out rights.

‍

To exercise these rights, email hello@downloaddiem.com or submit a request as described below.

‍

‍

14. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?

‍

Australia and New Zealand

‍

We collect and process your personal information under Australia’s Privacy Act 1988 and New Zealand’s Privacy Act 2020. You may request access to or correction of your personal information by contacting us.

‍

Republic of South Africa

‍

You may request access to or correction of your personal information. If you are unsatisfied with how we address a complaint, you can contact:

‍

The Information Regulator (South Africa)

General enquiries: enquiries@inforegulator.org.za

Complaints (complete POPIA/PAIA form 5): PAIAComplaints@inforegulator.org.za & POPIAComplaints@inforegulator.org.za

‍

15. DO WE MAKE UPDATES TO THIS NOTICE?

‍

In Short: Yes. We may update this notice as necessary.

‍

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated “Last updated” date. If we make material changes, we may notify you by posting a notice or by sending you a notification.

‍

‍

16. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

‍

If you have questions or comments, you may email us at hello@downloaddiem.com or contact us by post at:

‍

Diem Data Management Inc.

1603 Capitol Ave Ste 415 PMB 25382

Cheyenne, WY 82001-4562

United States

‍

17. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

‍

Depending on your location, you may have the right to request access, correction, deletion, or portability of your personal information, or to withdraw consent where applicable.
To request to review, update, or delete your personal information, please submit a request by emailing hello@downloaddiem.com

‍

‍