Last Revised: February 23, 2023
- ACCEPTANCE OF THE POLICY
User’s privacy matters to Company, so User should take the time to get to know Company’s policies and practices. Please understand that Company reserves the right to change any of Company’s policies and practices at any time, but User can always find the latest version of this Policy here on this page. User’s continued use of the Services after Company makes changes is deemed to be acceptance of those changes, so please check this Policy periodically for updates.
This Policy describes the types of information Company collects from User or that User may provide when User visits the Website or utilizes the Services and Company’s practices for collecting, using, maintaining, protecting, and disclosing that information.
Please read this Policy carefully to understand Company’s practices regarding User’s information and how Company will treat it. If User does not agree with Company’s policies and practices, then please do not use the Services. By using the Services, User agrees to the terms of this Policy.
- PERSONAL INFORMATION COMPANY COLLECTS
As used herein, “Personal Information” means information that identifies or is reasonably capable of identifying an individual, directly or indirectly, and information that is capable of being associated with an identified or reasonably identifiable individual.
- Personal Information Company Collects from User. Company (or Company’s Affiliates) may collect and store the following categories of Personal Information directly from User:
- Identification information, such as name, email, phone number, postal address, Wallet address, social media handles and information, and any information that may be legally required, including information required for Know Your Customer (“KYC”) verification purposes such as User’s social security number (collectively, “Identification Information”);
- Commercial activity information, such as public blockchain data, including Wallet addresses;
- Information User provides to Company through correspondence, including Account opening, customer support, messages, text boxes, other user content, or the like; and
- User Generated Content, including any information User publicly discloses, along with User’s chosen username and uploaded photo. Anyone can read, collect, and use any Personal Information that accompanies User’s posts or activity. Company does not have to publish any User Generated Content. If the law requires Company to take down, remove, or edit User-Generated Content, Company will comply to the required extent. See the User Generated Content section in the Terms for more information.
- Content curation, Company may track User’s interests and habits (e.g., articles User reads and podcasts User listens to) to personalize User’s experience using technology like algorithmic recommendations and machine learning. This is how Company highlights Content User might be interested in and de-emphasize Content User has already consumed. Company may also show User prices, promotions, products, or services Company believes the User may find interesting, based on demographic and Usage Data (as defined below).
- Personal Information That May Be Collected Automatically. Company (or Company’s Affiliates) may collect and store the following categories of Personal Information automatically through User’s use of the Services:
- Online identifier information, such as IP address and log information, domain names, and similar identifying names or addresses (collectively, “Online Identifiers”);
- Device information, such as hardware, software, operating system, browser, device name, language preferences (collectively, “Device Information”);
- Usage data, such as system activity, internal and external information related to the Services, clickstream information (collectively, “Usage Data”); and
- Geolocation data, such as information about User’s device location (“Geological Data”).
- Personal Information Company Collects from Third-Parties. Company (or Company’s Affiliates) may collect and/or verify the following categories of Personal Information about User from third-parties:
- Identification Information;
- Payment information, such as credit or debit card numbers, bank account numbers, wire transfer information, and information connected to digital payment processing services such as Stripe and Coinbase. Company does not currently store or process credit or debit card information on Company’s systems. Instead, all credit or debit card information is stored and processed by a trusted third-party PCI-DSS compliant processor; and
- Additional information, at Company’s discretion, to comply with legal obligations.
- Accuracy and Retention of Personal Information. Company takes reasonable and practicable steps to ensure that User’s Personal Information held by Company is (i) accurate with regard to the purposes for which it is to be used, and (ii) not kept longer than is necessary for the fulfillment of the purpose for which it is to be used.
- INTENDED FOR USERS 18+
Company does not knowingly collect data from or market to anyone under 18 years of age. Company does not knowingly solicit data from or market to anyone under 18 years of age. By using the Services, User represents that User is at least 18 years old, or that User is the parent or guardian of such a minor and consents to such minor dependent’s use of the Services. If Company learns that Personal Information, from Users less than 18 years of age has been collected, Company will deactivate the Account, to the extent that is possible, and take reasonable measures to promptly delete such data from Company’s records. If User becomes aware of any data Company may have collected from anyone under age 18, please contact Company at email@example.com.
- HOW COMPANY USES USER’S PERSONAL INFORMATION
Company collects Personal Information about User in an attempt to provide User with the best experience possible, protect User from risks related to improper use and fraud, and help Company maintains and improves the Services. Company may use User’s Personal Information to:
- Provide User with the Services. Company uses User’s Personal Information to provide User with the Services pursuant to the Terms.
- Comply with Legal and Regulatory Requirements. Company processes User’s Personal Information as required by applicable laws and regulations.
- Detect and Prevent Fraud. Company processes User’s Personal Information to detect and prevent fraud.
- Protect the Security and Integrity of the Services. Company uses User’s Personal Information, including information about User’s device and User’s activity on Company to maintain the security of User’s Account and the Services itself.
- Provide User with Customer Support. Company processes User’s Personal Information when User contacts Company’s support team with questions about or issues with User’s Account.
- Market Company’s Products. Company may contact User with information about the Services. Company will only do so with User’s permission, which can be revoked at any time.
- Other Business Purposes. Company may use User’s Personal Information for additional purposes if disclosed to User before Company collects User’s Personal Information or if Company obtains User’s consent.
- HOW COMPANY SHARES USER’S PERSONAL INFORMATION
Company will never sell, share, rent, or trade User’s Personal Information with third-parties for their commercial purposes. Further, Company will not share User’s Personal Information with third-parties, except as described below:
- Third-Party Service Providers. Company may share User’s Personal Information with third-party service providers for business or commercial purposes, including fraud detection and prevention, security threat detection, payment processing, customer support, data analytics, information technology, advertising and marketing, network infrastructure, storage, transaction monitoring. Company shares User’s Personal Information with these service providers only so that they can provide Company with their services, and Company prohibits its service providers from using or disclosing User’s Personal Information for any other purpose.
- Law Enforcement. Company may be compelled to share User’s Personal Information with law enforcement, government officials, and/or regulators.
- Corporate Transactions. Company may disclose Personal Information in the event of a proposed or consummated merger, acquisition, reorganization, asset sale, or similar corporate transaction, or in the event of a bankruptcy or dissolution.
- Professional Advisors. Company may share User’s Personal Information with Company’s professional advisors, including legal, accounting, or other consulting services for purposes of audits or to comply with Company’s legal obligations.
- Consent. Company may share User’s Personal Information with User’s consent.
If Company decides to modify the purpose for which User’s Personal Information is collected and used, Company will amend this Policy.
User can also learn more about Cookies by visiting http://www.allaboutcookies.org, which includes additional useful information on Cookies and how to block Cookies on different types of browsers and mobile devices. Please note that if User rejects Cookies, User will not be able to use some or all of the Services. If User does not consent to the placing of Cookies on User’s device, please do not visit, access, or use the Services.
- DIRECT MARKETING
Subject to applicable laws and regulations, Company may from time to time send direct marketing materials promoting services, products, facilities, or activities to User using information collected from or about User. User may also opt-out of such communications by following the directions provided in any marketing communication. It is Company’s policy to not provide User’s Personal Information for those third-parties’ direct marketing purposes without User’s consent.
- INFORMATION SECURITY
No security is foolproof, and the Internet is an insecure medium. Company cannot guarantee absolute security, but Company works hard to protect Company and User from unauthorized access to or unauthorized alteration, disclosure, or destruction of Personal Information Company collects and stores. Measures Company takes include encryption of Company website communications with SSL; optional two-factor authentication; periodic review of Company’s Personal Information collection, storage, and processing practices; and restricted access to User’s Personal Information on a need-to-know basis for Company’s employees, contractors and agents who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
- INFORMATION FOR PERSONS SUBJECT TO EU DATA PROTECTION LAW
While customers who are located in the European Union (“EU”), European Economic Area (“EEA”) or the Channel Islands, or other locations subject to EU data protection law (collectively, “Europe”) are customers of Company’s State of Virginia entity, Company recognizes and, to the extent applicable to Company, adheres to relevant EU data protection laws. For purposes of this section, “personal data” has the meaning provided in the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
- Lawful Bases for Processing. Company processes personal data subject to GDPR on one or more of the following legal bases:
- Legal Obligations: to conduct anti-fraud and to fulfill Company’s retention and other legal obligations;
- Contractual Obligations: to satisfy Company’s obligations to User under the Terms, including to provide User with the Services and customer support services, and to optimize and enhance the Services;
- Legitimate Interest: to monitor the usage of the Services, conduct automated and manual security checks of the Services and the Services, to protect Company’s rights; and
- Consent: to market Company, the Services, and the Services. User may withdraw User’s consent at any time without affecting the lawfulness of processing based on consent before consent is withdrawn.
- European Privacy Rights. European residents have the following rights under GDPR, subject to certain exceptions provided under the law, with respect to their personal data:
- Rights to Access and Rectification: User may submit a request that Company disclose the personal data that Company processes about User and correct any inaccurate personal data.
- Right to Erasure: User may submit a request that Company delete the personal data that Company has about User.
- Right to Restriction of Processing: User has the right to restrict or object to Company’s processing of User’s personal data under certain circumstances.
- Right to Data Portability: User has the right to receive the personal data User has provided to Company in an electronic format and to transmit that personal data to another data controller.
To submit a request to exercise these rights, please contact Company using the methods described at the end of this Policy. When handling requests to exercise European privacy rights, Company checks the identity of the requesting party to ensure that he or she is the person legally entitled to make such request. While Company maintains a policy to respond to these requests free of charge, should User’s request be repetitive or unduly onerous, Company reserves the right to charge User a reasonable fee for compliance with User’s request.
- COLLECTION AND TRANSFER OF DATA OUTSIDE THE EEA
The Services operates with many of Company’s systems based in the United States. As a result, Company may transfer personal data from Europe to third countries outside of Europe, including the United States, under the following conditions:
- Contractual Obligation. Where transfers are necessary to satisfy Company’s obligation to User under the Terms, including to provide User with the Services and customer support services, and to optimize and enhance the Services; and
- Consent. Where User has consented to the transfer of User’s personal data to another country.
Where transfers to a third country are based on User’s consent, User may withdraw User’s consent at any time. Please understand, however, that the Services may not be available if Company is unable to transfer personal data to other countries.
When Company transfers personal data to third countries, Company endeavors to ensure adequate safeguards are implemented, for example through the use of standard contractual clauses or Privacy Shield certification.
Pursuant to the California Consumer Privacy Act (the “CCPA”), and in addition to the disclosures elsewhere in this Policy, this section describes the types of Personal Information that Company may have collected, disclosed for business purposes, or sold to third-parties in the last 12 months.
- Personal Information Collected. Biographical information or identifiers, characteristics of protected classifications under California or federal law (i.e., gender, age), commercial information, financial and payment card information, internet or other electronic network activity information, geolocation information, audio or visual information, and inferences drawn from the foregoing. To learn more about the information Company collects, please see “Personal Information Company Collects,” above. The sources of the information are Users of the Services and Company’s Affiliates.
- Disclosure of Personal Information. In the last 12 months, Company may have disclosed the following categories of Personal Information to Company’s Affiliates or to third-party service providers for business purposes: biographical information or identifiers, characteristics of protected classifications under California or federal law (i.e., gender, age), commercial information, financial and payment card information, internet or other electronic network activity information, geolocation information, audio or visual information, and inferences drawn from the foregoing. To learn more, please see “How Company Shares User’s Personal Information” above.
- “Sale” of Personal Information. In the last 12 months, Company may have “sold” (as defined in the CCPA) the following categories of Personal Information: biographical information or identifiers, commercial information, internet or other electronic network activity information, and inferences drawn from the foregoing. Company does not have actual knowledge that Company sells Personal Information of consumers under 21 years of age. To learn more, please see “How Company Shares User’s Personal Information” above.
- Explanation of “Sales” under CCPA. Company is not in the business of collecting and selling data, but, in some cases, Company may share information with Company’s Affiliates or third-party service providers in a transaction that constitutes a “sale” of Personal Information under California law.
- CONTACT US
If User has questions or concerns regarding this policy or Company’s use of User’s Personal Information, please feel free to email Company at firstname.lastname@example.org; or write to Company at:
Attn: Data Protection Officer
440 Monticello Ave Ste 1802 PMB 63569
Norfolk, Virginia 23510-2670 US