Privacy Policy

Your privacy and data protection are fundamental to our quantum-enhanced cybersecurity platform

Last Updated: January 1, 2025 | Effective Date: January 1, 2025

Table of Contents

1. Introduction

Welcome to PHANTAQSM (Protective Honeyed Adversarial Network Through Quantum Agent Simulation & Mapping). This Privacy Policy explains how we collect, use, process, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

PHANTAQSM is Europe's first quantum-enhanced agentic cybersecurity defense platform, designed with EU data sovereignty and privacy by design at its core. We are committed to protecting your privacy while delivering cutting-edge quantum security solutions.

Key Principles: Data minimization, purpose limitation, storage limitation, accuracy, lawfulness, fairness, transparency, and accountability.

2. Data Controller

PHANTAQSM Technologies Europe B.V.

Registered Address:

Wilhelmina van Pruisenweg 104
2595 AN The Hague
Netherlands

Contact Information

Email: privacy@phantaqsm.eu

DPO: dpo@phantaqsm.eu

Phone: +31 70 123 4567

3. Data We Collect

3.1 Personal Information You Provide

  • Account Information: Name, email address, job title, organization
  • Contact Details: Phone number, business address, department
  • Security Credentials: Encrypted authentication tokens, access permissions
  • Professional Information: Industry sector, security clearance level (if applicable)
  • Communication Data: Support requests, feedback, meeting recordings

3.2 Technical and Usage Data

  • System Logs: Login timestamps, feature usage, quantum processing events
  • Network Data: IP addresses, device identifiers, browser information
  • Performance Metrics: Response times, error logs, system health indicators
  • Security Analytics: Threat detection patterns, behavioral analysis (anonymized)

3.3 Quantum Security Data

  • Quantum Signatures: Cryptographic proofs, quantum-safe certificates
  • Attribution Intelligence: Threat actor patterns, attack methodologies
  • Blockchain Records: Immutable audit trails, evidence chains
  • AI Agent Interactions: Deception layer analytics, adversary behavior modeling

5. How We Use Your Data

Primary Purposes

  • • Quantum cybersecurity service delivery
  • • Threat detection and attribution
  • • AI agent orchestration and management
  • • Blockchain-based evidence generation
  • • User authentication and access control
  • • System monitoring and optimization

Secondary Purposes

  • • Service improvement and development
  • • Security research and analytics
  • • Customer support and training
  • • Regulatory compliance reporting
  • • Product customization
  • • Marketing communications (with consent)

6. Data Sharing and Disclosure

6.1 EU-Only Data Sharing

We operate under EU data sovereignty principles. Personal data is only shared within the EU/EEA unless explicitly required by law or with your consent.

6.2 Authorized Recipients

EU Cloud Providers: AWS Europe, Google Cloud EU, Microsoft Azure EU

EU Security Partners: ENISA-approved threat intelligence feeds

Quantum Computing Providers: EU-based quantum processing services

Legal Authorities: EU law enforcement, cybersecurity agencies

Auditors: EU-certified security auditors

Resellers: Authorized EU government contractors

We never sell personal data to third parties or share it with non-EU entities without explicit consent or legal obligation.

7. Data Storage and Security

EU Data Residency

  • • Primary: Netherlands (Amsterdam)
  • • Secondary: Germany (Frankfurt)
  • • Backup: Ireland (Dublin)
  • • All within EU/EEA jurisdiction

Security Controls

  • • AES-256 encryption at rest
  • • TLS 1.3 encryption in transit
  • • Zero-knowledge architecture
  • • Multi-factor authentication
  • • Regular security audits

8. Quantum Security Measures

Post-Quantum Cryptography

  • • NIST-approved algorithms (ML-KEM, ML-DSA)
  • • Quantum-resistant key exchange
  • • Future-proof encryption standards
  • • Hybrid classical-quantum protection

Quantum Attribution Engine

  • • Immutable blockchain evidence trails
  • • Quantum-enhanced threat analysis
  • • Court-admissible attribution proofs
  • • Zero-knowledge verification protocols

Our quantum security measures ensure your data remains protected even against future quantum computing threats.

9. Data Retention

Data CategoryRetention PeriodLegal Basis
Account InformationDuration of service + 3 yearsContract & Legal Obligation
Security Logs7 yearsLegal Obligation (NIS2)
Threat Intelligence10 yearsLegitimate Interest
Blockchain EvidencePermanent (immutable)Legal Obligation
Marketing DataUntil consent withdrawnConsent

10. Your Rights Under GDPR

Right of Access (Art. 15)

Request a copy of your personal data we process

Right to Rectification (Art. 16)

Correct inaccurate or incomplete data

Right to Erasure (Art. 17)

Request deletion of your personal data

Right to Restrict Processing (Art. 18)

Limit how we process your data

Right to Data Portability (Art. 20)

Receive your data in a structured format

Right to Object (Art. 21)

Object to processing based on legitimate interest

Right to Withdraw Consent

Withdraw consent for consent-based processing

Right to Lodge a Complaint

File a complaint with your local supervisory authority

To exercise any of these rights, contact us at privacy@phantaqsm.eu. We will respond within 30 days.

11. Cookies and Tracking

Essential Cookies

Required for platform functionality

  • • Authentication tokens
  • • Session management
  • • Security preferences

Analytics Cookies

With your consent

  • • Usage statistics
  • • Performance metrics
  • • Feature adoption

Marketing Cookies

With your explicit consent

  • • Personalized content
  • • Campaign tracking
  • • Interest profiling

12. International Data Transfers

EU Data Sovereignty

We maintain strict EU data residency. Personal data is processed exclusively within EU/EEA countries with adequate data protection laws.

Safeguards

  • • EU adequacy decisions
  • • Standard Contractual Clauses (SCCs)
  • • Binding Corporate Rules (BCRs)

Emergency Exceptions

Data may only be transferred outside EU/EEA in exceptional circumstances:

  • • Legal obligations
  • • Vital interests protection
  • • Explicit consent
  • • Public interest

13. Children's Privacy

PHANTAQSM is designed for professional cybersecurity use and is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16.

If you believe we have inadvertently collected data from a child under 16, please contact us immediately at privacy@phantaqsm.eu, and we will promptly delete such information.

14. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes through:

  • • Email notification to registered users
  • • Prominent notice on our platform
  • • 30-day advance notice for significant changes

Current version: 1.0 | Last updated: January 1, 2025 | Next review: July 1, 2025

15. Contact Information

Data Protection Officer

Email: dpo@phantaqsm.eu

Phone: +31 70 123 4567

Response Time: Within 30 days

Privacy Inquiries

General: privacy@phantaqsm.eu

Security: security@phantaqsm.eu

Compliance: compliance@phantaqsm.eu

Supervisory Authority

If you're not satisfied with our response, you can contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl

This Privacy Policy is governed by the laws of the Netherlands and the European Union.

© 2025 PHANTAQSM Technologies Europe B.V. All rights reserved. | Protecting Digital Democracy with Quantum-Enhanced Cybersecurity