Anvil
Launch App

Acronym - Privacy Policy

Last Modified: May 4, 2026

Introduction

We respect your privacy and are committed to protecting it through our compliance with this privacy policy. This policy describes the types of information we may collect about you or that you may provide when you use our Services, and our data collection and handling practices with respect to the Services.

This privacy policy is part of the Terms of Use applicable to the use of our Services. Please review this policy together with the Terms of Use closely, to understand all of your rights and obligations, and how we operate our Services. Any capitalized terms used but not defined in this policy shall have the meanings ascribed to them in the Terms of Use.

If you are located in the United Kingdom (“UK”) or the European Economic Area (“EEA”) when accessing the Services, please see our European Addendum to this policy attached hereto.

YOU ACKNOWLEDGE THAT WE MAY USE SERVICE PROVIDERS AND THIRD-PARTY TECHNOLOGIES, INCLUDING POTENTIALLY COOKIES, PIXELS, WEB BEACONS, ANALYTICS SERVICES, AND OTHER TECHNOLOGIES THAT TRACK YOUR ACTIVITIES AND COLLECT DATA ABOUT YOU AS YOU NAVIGATE OUR SERVICES. IF WE USE THEM, THESE THIRD PARTIES AND SERVICE PROVIDERS MAY INTERCEPT YOUR COMMUNICATIONS, COLLECT DATA ABOUT YOU, MONITOR YOUR INTERACTIONS WITH THE SERVICES, TRACK YOUR ACTIVITIES ON OUR SERVICES AND ACROSS DIFFERENT CHANNELS, AND MAY COLLECT ENOUGH INFORMATION ABOUT YOU AS YOU USE OUR SERVICES TO BE ABLE TO IDENTIFY YOU ON THEIR OWN PLATFORMS (E.G., SOCIAL MEDIA PIXELS). BY USING THE SERVICES, YOU SPECIFICALLY CONSENT TO THIS INTERCEPTION, TRACKING AND DATA COLLECTION.

This privacy policy applies to information we collect:

  • On the Services.
  • In email, text, and other electronic messages between you and the Services, and other activities you engage in on the Services.
  • Through mobile and desktop applications, if any, that you download from the Services, if this policy is posted to them.
  • Through any other means associated with or relating to the Services.

This policy does not apply to information collected by:

  • Us offline or through any other means, including on any other website operated by Company or any third party (including our affiliates and subsidiaries).
  • Any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Services.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Services. By accessing or using the Services, you agree to the terms of this privacy policy and consent to use of your personal information as described herein.

This privacy policy may change from time to time. Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the privacy policy periodically for updates.

Information about Children

Our Services are not intended for children under eighteen (18) years of age. No one under age eighteen (18) may provide any personal information to us or on or through the Services.

We do not knowingly collect personal information from or about children under the age of sixteen (16). If you are under sixteen (16), do not use or provide any information on the Services or on or through any of their features or register on the Services (if such feature is available), connect a digital wallet or otherwise engage in any transactions on the Services or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use.

If we learn we have collected or received personal information from a child under sixteen (16) years of age, we will delete that information, to the extent technologically feasible (note that information recorded on blockchains cannot be removed).

If you believe we might have any information from or about a child under the age of sixteen (16), please contact us at [email protected].

Information We Collect About You and How We Collect It

We and our service providers may collect several types of information from and about users of our Services (some of which is considered “personal information” pursuant to applicable law), including:

  • Identifiers, such as name, mailing address, e-mail address, telephone number, digital wallet address, or any other information that the Services collect, which applicable law may consider personally identifiable, personal information, personal data, and other such designations.
  • Your Feedback.
  • Wallet IDs or other identifiers relating to your blockchain accounts.
  • Information about the device you use to access the Services.
  • Your internet protocol (IP) address.
  • Your device characteristics and functionality (including information about your operating system, hardware, mobile network, browser, browser language, etc.).
  • Information about software you may be using when connecting to or using the Services, including the type and version thereof.
  • Information about our Services that you are using (e.g., what version of our command line code).
  • Referring and exit web pages and URLs.
  • Your browsing history, including the areas within our Services that you visit and your activities there, including remembering you and your preferences.
  • Your on-chain activities.
  • Information about your transaction history and associated fees paid or received.
  • Information about your digital assets.
  • Your device location or other geolocation information.
  • Certain other device data, including the time of day you visit our Services.
  • Information about your internet connection and internet provider.
  • Information collected through links you interact with across our Services (including in our communications sent to you).

We and our service providers may collect this information:

  • Directly from you when you provide it to us and when you interact with the Services, such as when you connect your digital wallet.
  • Automatically as you use or navigate through the Services, including through the use of cookies, web beacons, and other tracking technologies (including information about your network or computing device) and analytics services.
  • From third parties, for example, our business partners and service providers.
  • Records and copies of your correspondence (including email addresses), if you contact us through the Services.
  • When you engage in transactions on our Services.
  • When you run searches on our Website.
  • When you contact our customer service agents, if available.

Automatic Data Collection Technologies

As you navigate through and interact with our Services, we may use third-party automatic data collection technologies to collect certain information about you, your equipment, your technology providers, and your activities, including:

  • Details of your activities on and visits to the Services, including traffic data, browsing patterns, location data, logs, and other communication data, and the resources that you access and use on the Services.
  • Information about the software you use (including your own and ours).
  • Information about your device and about your internet connection and service provider, as set forth above.

You acknowledge and understand that our service providers will be collecting this information about you, and may monitor and intercept your communications and actions on our Services as you browse, interact with or use certain functionality, such as chat features. These service providers may use the information they collect for their own benefit, without any restriction. You specifically agree to this arrangement, and consent to your communications and information being intercepted by our third party providers.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking).

The information we collect automatically may be statistical data and may also include personal information, or we may maintain it or associate it with personal information we collect in other ways or receive from third parties. This information enables us to:

  • Allow you to use and access the Services.
  • Prevent fraudulent activity and improve security functionality.
  • Assess the performance of the Services, including as part of our analytic practices or otherwise to improve the content, products or services offered through the Services.
  • Offer you enhanced functionality when accessing the Services, including identifying you when you return or sign into our Services, and keeping track of your specified preferences.
  • Market our, our affiliates’ or third parties’ products or services to you.
  • Deliver content relevant to your interests on our Services and third-party sites based on how you interact with our advertisements and/or content.
  • Estimate our audience size and usage patterns.
  • Speed up your searches.
  • Analyze our services and products and perform market research.

When you visit or leave our Services by clicking a hyperlink or when you view a third-party site that includes our plugins or cookies (or similar technology), we may automatically receive the URL of the site from which you came or the one to which you are directed.

We may also receive location data passed to us from third-party services or GPS-enabled devices that you have set up, which we may use for fraud prevention and security purposes. We may also use this information to provide customized services, content, and other information that may be of interest to you, among other uses. If you no longer wish for us, our affiliates, or our service providers to collect and use location information, you may disable the location features on your device. Consult your device manufacturer settings for instructions on how to do this. Please note that if you disable such features, your ability to access certain features, services, content, or products may be limited or disabled.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. Note that while you can set your browser to not allow cookies, we may not be able to honor that request, and may track your activity and collect information about you and your online activities even when the browser is set to “do not track.”
  • Flash Cookies. Certain features of our Services may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Services. Flash cookies are not managed by the same browser settings as are used for browser cookies and you may not be able to shut down our collection of and use of information through this technology.
  • Web Beacons, Pixels and Tags. Pages of our Services and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single- pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
  • Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Services, such as information about the links you click on.
  • ETag, or entity tag. An ETag, or entity tag, is a feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. It is one of several mechanisms that HTTP provides for web cache validation. These allow websites to be more efficient and not serve content again, when data is already cached and ready to view.
  • Fingerprinting. Fingerprinting refers to the collection and analysis of information from your device, such as your operating system, plug-ins, system fonts and other data, for purposes of identification.
  • Recognition Technologies. Recognition technologies refers to various technology features used by websites, including application of statistical probability to data sets, which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices is the same user).
  • Log Files. These track actions occurring on our Services, and which help us collect your IP address, browser type, Internet service provider, the webpages from which you came or to which you go before and after visiting our Services, and the date and time of your visits.

Do Not Track

Do Not Track (“DNT”) is a concept promoted by certain regulatory authorities and industry groups for development and implementation of a mechanism that would allow internet users to control the tracking of their online activities across websites. Currently, various browsers (including Internet Explorer, Firefox, and Safari) offer a DNT option that allows a user to set a preference in the browser to not have his/her activities on the internet tracked. You can usually access your browser's DNT option in your browser's preferences. When a user’s browser is set to DNT, some cookies and other tracking technologies may become inactive, depending on how the website visited responds to DNT browser settings. If that occurs, the website visited will not recognize you upon return to that website, save your passwords or user names, and some other features of a website may become unavailable or not function properly. Given lack of standards in the industry, and the industry’s move to newer technologies to track user preferences, our Services may not honor DNT settings at this time.

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Services may be served by third- parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Services. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties' technologies or how they may be used. If you have any questions about their use of your information, you should contact the responsible provider directly.

How We Use Your Information

We may use information that we collect about you or that you provide to us, including any personal information:

  • To make the Services available.
  • To provide you with information, products, or services that you request from us.
  • To market our, our affiliates’ or third parties’ products or services to you, including by sending you marketing emails.
  • To fulfill any other purpose for which you provide it.
  • To provide you with notices about your activities, account, and/or the Services.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection, if needed.
  • To notify you about changes to the Services, or any products or services we offer or provide through them.
  • To allow you to participate in interactive features on our Services, if any.
  • To develop and improve our products and services.
  • For any other purpose as needed for our business.
  • To provide customer support, if available.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your consent.
  • To contact you about our own and third-parties' goods and services that we think may be of interest to you.
  • To enable us and our service providers to display advertisements to our advertisers' target audiences.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this privacy policy:

  • To our affiliates.
  • To contractors, service providers, and other third parties we use to support our business and assist us in providing services and offering our products.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Company's assets or stock, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Company about our Services users is among the assets transferred.
  • To fulfill the purpose for which you provide it.
  • To provide customer support, if such features are available.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

We may also disclose your personal information:

  • To comply with any court order, law, or legal process, including responding to any government or regulatory request.
  • To enforce or apply the Terms of Use, including this privacy policy, and any other agreements between us, including for billing and collection purposes.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Data Security

We have implemented measures intended to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. However, the safety and security of your information also depends on you. Because access to your account and digital assets relies on your control of a seed phrase or keys, you are responsible for keeping them confidential. We are not responsible for securing your seed phrase or keys if you lose them, if someone steals them from you, or if someone obtains access to them somehow (whether in transit to you, or from your systems or networks, or because you otherwise misplaced them or disclosed them).

You also acknowledge that, unfortunately, the transmission of information via the internet is not completely secure. Although we try to protect your personal information, we cannot guarantee the security of your personal information transmitted through or collected through the use of our Services. Any transmission of personal information is at your own risk.

Also note that any transactions you engage in on blockchains, whether ours or those operated by third parties, will be available to the public to see.

We are not responsible for circumvention of any privacy settings or security measures contained on the Services.

California Residents

California Civil Code Section § 1798.83, known as the “Shine The Light” law, permits users of our Services who are California residents to request and obtain from us a list of what personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding year, and the names and addresses of those third parties. You may request this information from us no more than once a year, but such request will be handled by us free of charge to you. To make such a request, please send an email to [email protected].

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users' personal information, we may post a notice on the Website home page. The date this privacy policy was last revised is identified at the top of this page. You are responsible for periodically visiting our Services and this privacy policy to check for any changes.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at:

E-mail: [email protected]

EUROPEAN PRIVACY NOTICE

This Notice was last updated on May 4, 2026.

The General Data Protection Regulation (“GDPR”) imposes certain rules in respect of data protection of individuals, and these rules apply to organizations who process personal data related to the offering of goods and services to individuals in the European Economic Area (“EEA”), including the European Union (“EU”). Switzerland and the United Kingdom (“UK”) have also implemented their own versions of the GDPR.

The Company is committed to complying with the GDPR and the UK and Swiss equivalents thereof, and this European Privacy Notice (the “Notice”) contains important information on who we are, how and why we collect, store, use and share personal information, the rights in relation to personal information and how to contact us and supervisory authorities in the event that our European customers have a complaint.

This Notice applies solely to persons located in the EEA, Switzerland, or the UK, as applicable, at the time of personal data collection by or on behalf of Company.

INTRODUCTION

This Notice will inform you about how we look after your personal data when you use our Services and tell you about your privacy rights and how the law protects you, and about how we process your personal data as part of our business. Please see the Glossary (below) for more information regarding the terms used herein. Some capitalized terms are also defined in the main body of this Privacy Policy.

1. IMPORTANT INFORMATION AND WHO WE ARE

PURPOSE OF THIS NOTICE

This Notice aims to give you information on how Company collects and processes your personal data as part of our business, including any data you may provide or we might collect through the Services.

The Services are not intended for children and we do not knowingly collect data relating to children.

It is important that you read this Notice together with any other privacy notice (including the main body of the Privacy Policy) or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Notice supplements the other notices and is not intended to override them.

CONTROLLER

Acronym Foundation is the controller and responsible for your personal data collected on or through the Services.

HOW TO COMPLAIN

We hope that we can resolve any query or concern you raise about our use of your information. The GDPR and its UK and Swiss equivalents also give you the right to lodge a complaint with a supervisory authority in the country where you work, normally live or where any alleged infringement of data protection laws occurred.

2. THE DATA WE COLLECT ABOUT YOU

Personal data, or personal information, as used in this Notice, means any information about a European individual from which that person can be identified. It does not include data where the individual’s identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes social media username or similar identifier (if provided), digital wallet ID.
  • Contact Data includes email address, social media username or similar identifier (if provided).
  • Financial Data includes digital assets held, traded, deposited, pledged as collateral, borrowed, or lent, applicable transaction or network fees and amounts paid, received, or recorded in connection with digital asset transactions.
  • Transaction Data includes the same information as Financial Data in the context of individual transactions, including who you transacted with on the Services, the Protocol, or other third-party technology (e.g., blockchains), fees paid for your transactions, amounts paid or obtained from transacting digital assets, frequency of transactions.
  • Technical Data includes information about the device you use to access the Services, internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Services.
  • Profile Data includes your digital wallet ID and user names on social media channels you connect with us on.
  • Usage Data includes information about when and how you use our Services, including how our Services are performing when you use them, timing of transactions you engage in, and frequency of transactions.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties, your communication preferences, and communications with us.

We may also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data by law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature of the Services. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Notice.

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

3. HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Identity Data, Contact Data, Financial Data, Transaction Data, Technical Data, Profile Data, and Usage Data by connecting your digital wallet, engaging in transactions on the Services, corresponding with us, including through social media platforms, or otherwise by interacting with the Services. We also collect Marketing and Communications Data when we communicate with you about our Services. This includes personal data you provide when you:
  • Engage in, or inquire about, or seek to engage in, transactions through the Services;
  • Seek support;
  • Communicate with our personnel;
  • Connect your digital wallet on our Services or log in using social media;
  • Engage in transactions;
  • Participate in our forums or blogs;
  • Subscribe to receive communications from us or our service providers;
  • Request marketing to be sent to you, or receive it; or
  • give us some feedback.
  • Automated technologies or interactions. As you interact with our Services, we may automatically collect Identity Data, Contact Data, Financial Data, Transaction Data, Technical Data, Profile Data, and Usage Data, including about your equipment, browsing actions and patterns. We may collect this personal data through our service providers, and by using cookies, and other similar technologies.
  • Third parties or publicly available sources. We may receive Identity Data, Contact Data, and Profile Data when you connect and interact with us on social media, and Identity Data, Contact Data, Financial Data, Transaction Data, Technical Data, Profile Data, and Usage Data from our service providers.

4. HOW WE USE YOUR PERSONAL DATA

We will use your personal data as disclosed in the main body of our Privacy Policy. Specifically as related to European laws, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you (clause 6(1)(b) GDPR or UK/Swiss equivalent).
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (clause 6(1)(f) GDPR or UK/Swiss equivalent).
  • Where we need to comply with a legal obligation (clause 6(1)(c) GDPR or UK/Swiss equivalent).
  • With your consent (clause 6(1)(a) GDPR or UK/Swiss equivalent).

Generally, we do not rely on consent as a legal basis for processing your personal data but when we do, you have the right to withdraw consent at any time by contacting us as set forth in Contact Details.

PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us as set forth in Contact Details if you need details about the specific legal grounds we are relying on to process your personal data.

Purpose/ActivityType of dataLawful basis for processing including basis of legitimate interest
To enable you to access and use our Services
  • (a) Identity
  • (b) Contact
  • (c) Financial
  • (d) Transaction
  • (e) Technical
  • (f) Profile
  • (g) Usage
  • (a) Performance of a contract
  • (b) Necessary for our legitimate interests (for carrying out the contract with you)
To manage our relationship with you, which will include: (a) Notifying you about changes to our Terms of Use or this Notice; (b) Enabling you to connect your digital wallet to the Services; (c) Enabling you to contact our support staff; (d) Enabling you to participate in our forums and blogs
  • (a) Identity
  • (b) Contact
  • (c) Financial
  • (d) Transaction
  • (e) Technical
  • (f) Profile
  • (g) Usage
  • (h) Marketing and Communications
  • (a) Performance of a contract
  • (b) Necessary to comply with a legal obligation
  • (c) Necessary for our legitimate interests (for carrying out the contract with you, to be able to inform you of any changes relevant to you, and to keep our records updated and to study how customers use our products/services; to provide support; to understand our Services usage and user patterns, to improve our Services)
To administer and protect our business and our Services (including for information security purposes, troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
  • (a) Identity
  • (b) Contact
  • (c) Technical
  • (d) Usage
  • (a) Necessary for our legitimate interests (for running our business, administration and IT services, network security, fraud prevention, and business reorganisation or group restructuring)
  • Necessary to comply with a legal obligation
To make suggestions and recommendations to you about similar goods or services that may be of interest to you
  • Identity
  • Contact
  • Profile
  • Marketing and Communications
  • Necessary for our legitimate interests (to develop our products/services and grow our business)
To comply with reporting requirements
  • Identity
  • Contact
  • Financial
  • Transaction
  • Technical
  • Profile
  • Usage
  • Marketing and Communications
  • Necessary to comply with a legal obligation
  • Necessary for our legitimate interests (to adequately handle reporting requests and comply with legal obligations)
To use data analytics to improve our Services, marketing, customer relationships, and experiences
  • Identity
  • Contact
  • Financial
  • Transaction
  • Technical
  • Profile
  • Usage
  • Necessary for our legitimate interests (to develop our products/services and grow our business)
When we are, or intend to, sell, transfer, or merge parts of our business or assets, or when we seek to acquire or merge with other businesses
  • Identity
  • Contact
  • Financial
  • Transaction
  • Technical
  • Profile
  • Usage
  • Marketing and Communications
  • Necessary for our legitimate interests (to develop and grow our business) and the interests of data subjects and third parties (to engage in transactions with them)

MARKETING

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established, and you may utilize, the opt-in or opt-out procedures and preferences set forth in our Notice.

PROMOTIONAL OFFERS FROM US

We may use your Identity, Contact, Financial, Transaction, Profile, Technical and Usage Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You may receive marketing communications from us if you requested marketing communications or purchased goods or services from us and we think you may be interested in similar goods or services, in each case, provided that you have not opted out of receiving that marketing.

THIRD-PARTY MARKETING

We will get your express opt-in consent before we share your personal data with any third-party for their own marketing purposes.

OPTING OUT

You can ask us to stop sending you marketing messages at any time. To opt-out of our marketing communications, please click on the link in any marketing communication or contact us via our Contact Details. To opt-out of third parties’ marketing communications, please consult such parties’ respective terms and privacy notices.

Where you opt out of receiving marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase or other transactions.

CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us via our Contact Details.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

5. DISCLOSURES OF YOUR PERSONAL DATA

We may have to share your personal data with the parties set out below for the purposes set out in the table in paragraph 4 above.

  • Internal Third Parties as set out in the Glossary.
  • External Third Parties as set out in the Glossary.
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Notice.

To the extent within our control, we request that all third parties who process your personal data on our behalf respect the security of your personal data and treat it in accordance with the law, and only process your personal data for specified purposes and in accordance with our instructions.

6. INTERNATIONAL TRANSFERS

Your personal data will be transferred outside the EU, UK or Switzerland. You specifically consent to this transfer, including to jurisdictions, such as the United States of America, which do not offer the same level of protection as you are granted in Europe.

More information on the retention terms applicable to your personal data, can be obtained by contacting us and requesting access to your personal data. Please see Request access below for further information. In some circumstances you can ask us to delete your data. Please see Request erasure below for further information.

In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

7. YOUR LEGAL RIGHTS

Under certain circumstances, you have rights under data protection laws in relation to your personal data. If you wish to exercise any of the rights set out above, please contact us as set forth in Contact Details.

You have the following rights (please see your legal rights in the glossary for further details on your rights).

  1. The right to access your personal data.
  2. The right to rectify your personal data that is inaccurate.
  3. The right to have your personal data erased (but note that blockchain technologies may prevent such erasure, as such technologies are indelible by design).
  4. You may request the restriction of processing of your personal data.
  5. You may object to the processing of your personal data.
  6. You have the right to data portability.
  7. The right to revoke your consent.

NO FEE USUALLY REQUIRED

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

WHAT WE MAY NEED FROM YOU

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request, in an effort to speed up our response.

TIME LIMIT TO RESPOND

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

8. GLOSSARY

We may rely on one of the following lawful basis for processing your personal data:

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us as set forth in Contact Details.

Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract, including providing you products or services you have requested.

Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

Third Parties:

INTERNAL THIRD PARTIES: our affiliates

EXTERNAL THIRD PARTIES:

  • Service providers acting as processors who provide information technology (e.g., transactional, hosting, maintenance, email, etc.), anti-fraud, analytics, and marketing services. In this context, personal data may be transferred outside of Europe, specifically, to the United States.
  • Professional advisers and consultants acting as processors or joint controllers including administrators, lawyers, bankers, auditors, tax and financial advisers, and insurers based in United States, EU, UK, and Switzerland who provide consultancy, banking, legal, insurance and accounting services. In this context, personal data may be transferred outside of the EEA, UK, or Switzerland, specifically, to the United States.
  • Regulators and other authorities acting as processors or (joint) controllers based in United States, EU, UK, and Switzerland, among others, who require reporting of processing activities in certain circumstances.

Your legal rights:

You have the right to:

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request rectification of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer (data portability) of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.