Privacy Policy For End Users

Important information and who we are

Welcome to Prosopo Limited’s Privacy and Data Protection Policy for End Users ("Privacy Policy"). At Prosopo Limited ("we", "us", or "our") we are committed to protecting and respecting your privacy and personal data in compliance with the law and guidelines of the EU General Data Protection Regulation ("GDPR"), and the UK General Data Protection Regulation ("UK GDPR").

Prosopo helps online platforms secure themselves against unwanted or automated interactions. The system is built to respect privacy and does not leverage personal information for other uses, such as marketing.

We place high value on individual privacy. At Prosopo, we operate with several core values in mind:

• We carefully consider what data is gathered as part of service functionality.
• Information is retained only as long as there is a valid operational reason.
• Users are empowered to maintain autonomy over their own data.
• We aim to clearly explain how data is collected, processed, and shared.

This document outlines how Prosopo handles information related to individuals who encounter our technology through third-party websites.

There are two key groups involved:

• Service Users: Entities who embed Prosopo within their digital properties.
• End Users: Individuals interacting with those properties where Prosopo is in use.

In this relationship, Prosopo serves as a technical processor, enabling protection from spam and abuse. The Service User remains the primary entity responsible for complying with data protection rules for their users.

Each Service User is responsible for presenting their users with a privacy policy that outlines how they use Prosopo on their site.

Notice for Individuals Using Sites with Prosopo Integration

Prosopo is designed as a protective solution that emphasizes privacy, with a focus on making automated misuse more difficult. It functions by evaluating access attempts to determine their legitimacy.

When a website uses Prosopo, it includes specific code in areas requiring extra protection (e.g., input fields or submission forms). When a visitor reaches one of these areas, their device initiates a connection to Prosopo's infrastructure.

The system presents the visitor's device with a JavaScript challenge. The difficulty of the challenge adapts based on certain contextual indicators. The visitor may be required to complete a simple task, such as moving a slider, tapping a button, or selecting images. Alternatively, the visitor may only be required to complete a computational task, such as a Proof-of-Work. This process is designed to be user-friendly and unobtrusive.

During this process, the visitor's system transmits various categories of data-including device characteristics, environment context, and interaction signals-to assist Prosopo in estimating whether the user is likely human or not. Based on this assessment, the website can tailor access to its features accordingly.

To better understand how your data is handled while interacting with a site using this technology, refer to the specific website's privacy documentation.

Important Notes on Data Handling

✅ The only purpose for data analysis is to prevent automated abuse and ensure operational reliability of digital services.

✅ There is no attempt to match the information to a specific individual, nor is it used for promotional targeting.

✅ Aside from IP address (required for core functionality), Prosopo avoids retaining personal identifiers.

✅ No browser cookies are created, and nothing is stored in the browser's storage.

This policy is effective as of April 12, 2025.