Last updated: 08 July 2018
- In addition to the definitions contained elsewhere in the text of this Policy, the following terms and expressions shall have the following meaning ascribed to them for use in this Policy:
“Company Parties” means the Company and its respective past, present and future employees, officers, directors, contractors, consultants, attorneys, accountants, financial advisors, equity holders, suppliers, vendors, service providers, parent companies, subsidiaries, affiliates, agents, representatives, predecessors, successors and assigns. “Company Party” means one of the foregoing, as the case may be.
“Consent” has the meaning set out for this term in Article 4.1 hereof.
“EU Persons” means Personal Data subjects who are in the European Union.
“GDPR” means Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
“Personal Data” means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. “Process“, “Processed” and other similar terms shall be construed accordingly.
“User Account” means an account which may be provided to you by the Company (or a Company Party, as the case may be) for the purpose of improving your experience on the Website and use of the Services, as well as obtaining access to specific additional products, utilities and offerings provided by Company Parties.
- Applicability and Acceptance of Policy
- This Policy defines the Personal Data, explains how Personal Data is used and Processed and instances when the Company shares or permits collection of the Personal Data by the Company Parties or state authorities.
- This Policy shall come into effect at the moment you first access the Website or commence use of any of the Services. By accessing, browsing or using the Website and/or any of the Services you irrevocably and unconditionally accept and adhere to provisions of this Policy without any exemptions, limitations and exclusions.
If you access the Website or use any of the Services on behalf of a business (whether registered or operating without registration), that business hereby accepts this Policy.
- In the event you disagree with any provision of this Policy or would not like to provide your consent for Processing of your Personal Data, you shall cease using the Website or any of the Services immediately.
- Legal Grounds for Personal Data Processing
- Processing of Personal Data is permitted only on the following legal grounds:
- Consent to Personal Data Processing, when the data subject has given Consent to the Processing of his or her Personal Data for one or more specific purposes;
- contractual relationships, where the Personal Data Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- controller’s legal obligation, when the Processing is necessary for compliance with a legal obligation to which the controller is subject;
- vital interests protection, when the Processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- public interests compliance, when the Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- controller’s legitimate interests, when the Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of Personal Data, in particular where the data subject is a child.
- We Process your Personal Data on the basis that it is:
- necessary for the performance of a contract, therefore, where we have a contract with you, we will process your Personal Data in order to fulfil that contract (in particular, to provide you with the Services);
- authorized by your Consent, which you give us as it is set out in Article 4 (Consent to Personal Data Processing) hereof;
- necessary for compliance with our legal obligation, in particular, when we are obliged to respond to a court order or a regulator;
- necessary for performance our legitimate interests, as it is more detailed described in Article 3.3 hereof; or
- permitted by applicable legislation, if the respective legal ground for Personal Data Processing is not mentioned in, or contradicts to, the provisions of this Policy.
You are welcome to contact us for further information on the legal grounds that we rely on in relation to any specific Processing of your Personal Data.
- We Process the Personal Data for a number of legitimate interests, including to provide and improve the Services, administer our relationship with you and our business, for marketing and in order to exercise our rights and responsibilities. In particular, we Process the Personal Data to:
- set up and administer your User Account, provide technical and customer support and training, verify your identity, and send important account, subscription and Service information;
- administer our relationship with you, our business and our third-party providers (e.g., to send invoices);
- deliver and suggest tailored content such as news, research, reports and business information. We analyse the way you use our Services to make suggestions to you for features or Services that we believe you will also be interested in, and so that we can make our Services more user-friendly;
- personalize your experience with our Services. We may retain your browsing and usage information to make your searches within our Services more relevant and use those insights to target advertising to you online on our websites and apps;
- share your Personal Data across our Services so that we can make all of the Services we deliver to you more intuitive (e.g., rather than requiring you to enter the same data many times);
- contact you in relation to, and conduct, surveys or polls you choose to take part in and to analyse the data collected for market research purposes;
- display information you choose to post, share, upload or make available in chat rooms, messaging services, and community and event forums (including in community and event profiles) and for related collaboration, peer connection, games and information exchange;
- conduct internal research and development and to improve, test and enhance the features and functions of our Services;
- provide you with marketing as permitted by law;
- meet our internal and external audit requirements, including our information security obligations;
- exercise, protect and/or enforce our rights, privacy, safety, networks, systems and property, or those of other persons;
- prevent, detect or investigate a crime, fraud or other breach of law or requirement;
- prevent or detect any loss incurred by Company Parties or third persons;
- comply with requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, including where they are outside your country of residence;
- defend Company Parties from claims;
- comply with laws and regulations that apply to us or third parties with whom we work.
Where we rely on legitimate interests as a lawful ground for Processing your Personal Data, we balance those interests against your interests, fundamental rights and freedoms. For more information on how this balancing exercise has been carried out, please contact us by sending an email to firstname.lastname@example.org.
- The Company Parties do not knowingly collect personally identifiable information from children under the age of sixteen. If you are under the age of sixteen, you must ask your parent or guardian for permission to use the Website and the Services.
- Consent to Personal Data Processing
§1. EU Persons Consent to Personal Data Processing
- If you are an EU Person and to Process your Personal Data we need to receive your consent, as it is prescribed by GDPR, we will process your Personal Data only in the case we have received from you a freely given, specific, informed and unambiguous indication of your wishes by which you signify agreement to the processing of your Personal Data (“Consent“).
- You may give your Consent by ticking a box when visiting the Website. In the case you tick the respective box, you irrevocably and unconditionally consent and agree that the Company Parties shall be entitled to Process your Personal Data as it is indicated in your Consent.
- Your Consent covers all Processing activities with your Personal Data carried out for the same purpose or purposes. When the Processing has multiple purposes, your Consent should be deemed given for all of them.
- You have the right to withdraw your Consent at any time. You can submit such request by sending us an email to email@example.com. Your withdrawal of Consent shall not affect the lawfulness of your Personal Data Processing based on Consent before its withdrawal.
- Except as required or enabled by law (including, for the avoidance of doubt, the laws of the member states of the European Union), we will not use or disclose your Personal Data for any purpose for which you refuse Consent or later withdraw your Consent. If you withdraw Consent, you agree that in spite of this withdrawal, we may continue to use those Personal Data previously provided to us to the extent that we are contractually or otherwise legally obliged to do so and to the extent necessary to enforce any contractual obligation you may have towards the Company Parties or in any other way permitted by law. You also understand that although you can use the Website for some purposes without providing your Personal Data, we need certain Personal Data, including data linked to payment or involving an ongoing relationship with the Company Parties or our partners. If you refuse to provide us with Personal Data we require or later withdraw your consent, we may no longer be able to provide you with certain Services or access to the Website.
§2. Non-EU Persons Consent to Personal Data Processing
- If you are not an EU Person, by transferring to us your Personal Data via the Website or otherwise, you irrevocably and unconditionally consent and agree that the Company Parties shall be entitled, in accordance with this Policy:
- To Process in any manner, including to collect, store, use, disclose, share and transfer (including cross-border), your Personal Data so provided to us, as well as your Personal Data collected from your use of the Website and the Services (i.e. your Personal Data which we collect automatically and/or from other sources); and
- Collection of Personal Data
§1. General Provisions
- The type of Personal Data we collect depends on how you are interacting with us and which Services you are purchasing or using. In many cases, you can choose whether or not to provide us with Personal Data, but if you choose not to, you may not get full functionality from the Website or its Services.
- When you visit the Website, you may provide us with the following types of Personal Data: (i) Personal Data that you voluntarily disclose that is collected on an individual basis; (ii) Personal Data collected automatically when you use the Website and its Services; and (iii) Personal Data which we collect from sources other than the Website.
- You may always refuse to supply your Personal Data, though this may prevent you from engaging in certain Website-related activities and/or obtaining certain Services.
- The Website contains links to other third party websites that may collect Personal Data about you, including through cookies or other technologies. If you use our links to visit another websites, you will leave the Website and this Policy will not apply to your use of, and activity on those other websites. You should consult these other websites’ privacy policies as we have no control over them, and are not responsible for any information that is submitted to or collected by these third parties.
§2. Personal Data You Provide to Us
- In order to perform the Services and the functionality of the Website, we are entitled to ask you to provide Company Parties with your Personal Data, including (but not limited):
- full name or the name of an entity you represent;
- username password;
- email address;
- phone number;
- date of birth;
- cryptocurrency wallet address;
- mailing address and country of residence;
- personal identification document details;
- payment information, such as, payment card number (credit or debit card), and the security code associated with your payment instrument, if you make a payment; and
- other Personal Data you choose to provide, such as your public Facebook account, LinkedIn account, your public Twitter account, other social network accounts, your professional background, your thoughts on how you can contribute to our ecosystem.
- Personal Data set out in Article 5.5 hereof is collected only when voluntarily offered, and solely for purposes that are clearly identified on the Website or in this Policy.
- impose limitations and restrictions on your use of the Website and/or the Services; and/or
- suspend or terminate your access to the Website, your User Account or the Services.
§3. Personal Data We Collect Automatically
- Company Parties may collect the Personal Data from you in a variety of ways and circumstances, including, but not limited to, registration on the Website, placement of an order or a request (if applicable), subscription to a newsletter, response to a survey, filling out a form, use of a live chat (if applicable), providing us with feedback on our products or Services. Company Parties shall be entitled to combine Personal Data collected in the course of your interaction with different sections of the Website or the Services with any other relevant available information.
- Personal Data collected by or transmitted to Company Parties in the course of accessing, interacting and operating of the Website and provision of the Services may include, without limitation, the following Personal Data:
- device information, which may include (but is not limited to) information about the computer or mobile device you use to access the Website, including the hardware model, operating system and version, the web browser you use, and other device identifiers;
- usage information and browsing history, such as, information about how you navigate within the Website, your browsing history and which elements of the Website or which Services you use the most;
- location data, for Services with location-enhanced features. If we need your consent to collect geo-location data, we will collect this separately;
- demographic information, such as, your country, and preferred language;
- server log information, which may include (but is not limited to) your login details, the date and time of visits, the pages viewed, your IP address, time spent at the Website and the websites you visit just before and just after the Website;
- telemetry information. If you use any of our open source software, we may collect bandwidth upload and download speeds, the amount of free and used storage space on your device and other statistics about your device;
- usage information. If you use the Website, we will collect metadata about the files you upload for storage and we will record instances in which you have used your private key to authenticate communications;
- information collected by cookies and other tracking technologies. We and our service providers use various technologies to collect information when you interact with the Website, including cookies and web beacons. Cookies are small data files that are stored on your device when you visit a website, which enable us to collect information about your device identifiers, IP address, web browsers used to access the Website, pages or features viewed, time spent on pages, mobile app performance and links clicked. Web beacons are graphic images that are placed on a website or in an email that is used to monitor the behavior of the user visiting the website or sending the email. They are often used in combination with cookies.
- Personal Data collected hereunder in the course of operation of the Website and provision of the Services may differ depending on whether you access the Website and the Services logged in to your User Account or without logging in.
§4. Data We Collect from Other Sources
- We may also receive information about you from other sources, such as when you log into your User Account by using your account credentials for a separate third-party service. We will receive information from that service as indicated in the relevant third party’s authorization screen.
- We use Personal Data to provide and improve the Website and its Services and for other purposes that are in our legitimate interests, as well as for compliance purposes.
- We will use the Personal Data for purposes of:
- providing, maintaining, delivering or improving the Website, the Services or other products or services provided through the Website;
- verifying that you are a unique individual or entity;
- analysing and tracking Personal Data to determine the usefulness or popularity of certain content, and to better understand the online activity of the Website users;
- fulfilling our legal or regulatory requirements;
- providing you with the information, products or services that you have requested;
- answering your inquiry or responding to a communication from you;
- developing new products or services;
- sending you technical notices, support or administrative notifications;
- communicating with you about news, products, Services, events and other information we think will be of interest to you;
- monitoring and analysing trends, usage and activities in connection with the Website;
- detecting, investigating and preventing fraudulent transactions or unauthorized or illegal activities;
- protecting the rights and property of the Company Parties and others;
- linking, connecting or combining information we collect from or about you with other information; and
- carrying out any other purpose or reason for which Personal Data was collected.
- Disclosure of Personal Data
- The Company Parties treat Personal Data as confidential and may not pass on or use any such data without valid legal grounds.
- We will only disclose your Personal Data in the following ways:
- with your Consent or at your instruction;
- with our current or future Company Parties and with other companies under common control or ownership with us or our offices internationally;
- with third parties or service providers that perform work for us;
- certain information you may choose to share may be displayed publicly, such as your username and any content you post when you use interactive areas of the Website like our online forums;
- in connection with a merger or sale of our company assets, or if we do a financing or are involved in an acquisition, or any other situation where Personal Data may be disclosed or transferred as one of our business assets;
- in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation or legal process;
- if we believe your actions are inconsistent with our user agreements, policies or legislation, or to protect the rights, property and safety of any assets of the Company Parties or third parties;
- with third parties where aggregate Personal Data is disclosed which cannot be reasonably be used to identify you.
- Company Parties may without limitations share aggregated or de-identified information, which cannot reasonably be used to identify you.
- Transmission of Personal Data
- The transmission of Personal Data or any other information (including communications by e-mail) over the Internet or other publicly accessible networks is not one hundred percent secure. Company Parties are not liable for the security of any Personal Data or any other information you are transmitting over the Internet, or third-party content.
- Any transactions on the blockchain network are public and Company Parties can not exclude transaction data from the blockchain.
- Transmission of Personal Data of EU Persons to recipients, both internally or externally, is subject to the authorisation requirements and pursuant to defined purposes. Personal Data of EU Persons transmitted to a recipient outside the European Economic Area must be subject to protection at least equivalent to that sought by the GDPR. Intragroup transfers of Personal Data of EU Persons to third countries are subject to the safeguards provided by the by-laws of the Company Parties.
- Protection of Personal Data. Security Measures
- We take appropriate security, administrative and technical measures to protect any Personal Data you provide regarding the collection, storage and Processing of Personal Data, as well as security measures to protect your User Account against unauthorized access, modification, disclosure or destruction of your Personal Data.
- Personal Data is safeguarded from unauthorised access and unlawful Processing or disclosure, as well as accidental loss, modification or destruction, through state-of-the-art technical and organisational measures. These are adjusted and updated continuously in tandem with technical developments and organizational changes. Additionally, Personal Data protection audits and other controls are carried out on a regular basis.
- We take reasonable steps to protect the security of the Personal Data communicated through the Website. However, no computer security system is entirely fool proof and the Internet is not a secure method of transmitting information. As a result, we do not assume any responsibility for the Personal Data you submit to or receive from us through the Internet, or for any unauthorized access or use of that information, and we cannot and do not guarantee that information communicated by you to us or sent to you by us will be received, or that it will not be altered before or after its transmission to us. You agree to not hold any Company Party liable for any loss or damage of any sort incurred as a result of any misappropriation, interception, modification, deletion, destruction or use of information provided through the Website.
- Most web browsers are set to accept cookies as a default. You may wish to opt out by turning off cookies (please refer to the help menu on your browser); however, switching off cookies may restrict your use of the Website. You may also opt out of receiving promotional communications from us at any time by following the instructions in those communications. If you opt out, we may still send you non-promotional communications, such as technical notices, support or administrative notifications or information about your User Account (if you have one).
- Personal Data provided to us is stored in accordance with applicable laws of the jurisdiction of the respective Company Party. The period for which the Personal Data will be stored is determined by the applicable laws of the jurisdiction of the respective Company Party. The Company Parties have ensured that appropriate security standards are in place regarding the safeguarding, confidentiality and security of Personal Data.
- Retainment of Information
- In accordance with applicable laws and as needed to provide the Services to our users, Company Parties may hold your Personal Data. This requirement is conditioned by a need to comply with legal obligations and resolve possible disputes.
- Company Parties may retain your Personal Data so long as your User Account is active. Moreover, your Personal Data may be held beyond the above mentioned period until it is indispensable for Company Parties to have relevant information to respond to any issues that may arise later.
- The Company Parties value protection of all Website and Services users’ rights relating to their Personal Data, hence, the Company Parties are committed to making sure you can exercise your respective rights effectively and free of charge. The Company will ensure each your request related to your Personal Data be reviewed in a timely fashion.
- EU Persons shall acknowledge, that their rights relating to Personal Data are provided in the GDPR and other applicable laws of the member states of the European Union. In particular, EU Persons have the following rights relating to their Personal Data:
- right to access. You can request access to you Personal Data and obtain a copy of such Personal Data in a format acceptable to you (e.g. PDF, DOC, DOCX, etc.). You can submit such request by sending an email to firstname.lastname@example.org. After your request is received, our privacy team reviews the form and conducts requestor’s identity verification without undue delay. Upon successful verification, you are provided with a copy of your Personal Data;
- right to data portability. You have the right to receive your Personal Data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another service provider (controller) without hindrance from us;
- right to erasure (“Right to be forgotten”) and right to rectification. You are entitled to request erasure or rectification of your Personal Data by sending us a respective request to email@example.com. We will handle requests for Personal Data to be rectified or deleted, unless there is a legal requirement that prohibits such request to be fulfilled. When request is fulfilled, you will be informed that your Personal Data is changed or erased and is not-longer collected, however, to fulfil our legal requirements the Company Parties will store information about each requestor for the purposes of providing an evidence that a request has been fulfilled;
- right to object. At all times, you are entitled to object to Processing of your Personal Data. Right to object can be exercised by sending an email to firstname.lastname@example.org. Upon receipt of the request, the Company Parties cease the Processing, unless there is a legal or statutory ground for such Processing;
- right to be informed. If you are inquiring about Processing activities conducted with respect to your Personal Data, the Company Parties, without undue delay, will provide information about: (i) purposes of Processing; (ii) categories and types of Personal Data; (iii) retention period; (iv) source of the relevant Personal Data; (v) privacy rights and information on Data portability. However, all information about the categories of Personal Data and Processing operational conducted by Company Parties is available in this Policy; and
- the right to lodge a complaint with a supervisory authority. Supervisory authority means an independent public authority which is established by an EU member state pursuant to Article 51 GDPR.
- We have the right, at our discretion, to update this Policy at any time. We recommend that you frequently check this Policy to find any changes and stay informed about how we help protect the Personal Data.
- By using the Website, you acknowledge and agree that it is your responsibility to periodically review this Policy and be aware of the changes.
- The subsequent use of the Website or the Services after changes to this Policy will also be considered as your acceptance of these changes.
- This Policy may from time to time be translated into other languages. To the extent that any discrepancy may exist between the English version of this Policy and its version in another language, the English version prevails.
- The Company may appoint an expert on data privacy who works independently to ensure that the Company is adhering to the policies and procedures set forth in the GDPR (data protection officer). Data protection officer assists the Company to monitor internal compliance, inform and advise on data protection obligations, provide advice regarding data protection impact assessments (DPIAs) and act as a contact point for data subjects and the supervisory authorities.
- In the case the Company appoints such data protection officer, it will publish its contact details on the Website.
- We welcome your questions and suggestions with respect to the implementation or amendment of this Policy. Please use this feedback for communicating with us: email@example.com.