Privacy Policy

Last Updated: June 30, 2024

This Privacy Policy ("Policy") for deBridge Foundation, a Cayman Islands foundation company, and its subsidiaries ("Foundation", "we", "our", or "us") describes the basis on which we will process personal data we collect from users of the website at debridge.foundation (the "Website"), and any tools, services, features, and functionalities available through the Website (collectively, the "Services"), in accordance with applicable law. For purposes of applicable data protection laws, the Foundation is the controller. For the purposes of this Policy, "you" and "your" refers to you as the user of the Services.

Please read this Policy carefully so that you understand your rights in relation to your personal data and how we will collect, use, and process your personal data. If you do not agree to this Policy, please do not use, access, connect to, interact with, or download any of the Services or otherwise provide your information to us.

The Foundation may review and update this Policy from time to time. Updates to our Policy will apply only to information collected after the date of the change. If we make material changes to the Policy, we will note on our Website that the Policy has been updated and update the "Last Updated" date at the top of this Policy.

1. PERSONAL DATA WE COLLECT ABOUT YOU, WHY WE PROCESS IT, AND THE LEGAL BASIS FOR PROCESSING​

When you access, use, connect to, or interact with the Services, we may collect certain categories of information about you, including personal data, from a variety of sources.

Information you provide to us:

Personal data may include (i) names; (ii) addresses; (iii) telephone numbers; (iv) email addresses; (v) government-issued identification numbers; (vi) user passwords or PINs; (vii) user identification and account access credentials, passwords, PINs, and security question answers; (viii) financial account numbers; (ix) any internet-protocol address ("IP Address") and/or any digital-asset, smart-contract, or protocol address ("Wallet") information, associations, and/or identifiers; and (x) geolocation data.

In addition, personal data may include your social media handle and related information, transaction data or history (such as your blockchain transaction history and other information associated with a linked address or Wallet), certain information needed to transfer or allocate tokens, profile data (such as your profile name and avatar), marketing data (such as preferences for receiving marketing communications and related details), token holdings, and any other information collected through Services. When you contact us, including by email provided in this Policy or elsewhere on the Website, or through emails that you may have received through other means, we will collect the content of the communications we have with you and any personal data contained within.

We process this information to perform our contract with you, such as to provide you with our Services and content. We obtain your consent to process your personal data to sign you up for alerts and if you opt into marketing, to communicate with you about our products, features, services, marketing, events, and other news and information we think will be of interest to you. In order to be responsive to you, to provide effective services to you, and to maintain our business relationship, we may also use this information to send you announcements in relation to security, privacy, or administrative related communications (which are not marketing oriented, and so we do not rely on consent, so you may not opt-out) and to communicate with you and provide responses to your requests and other communications.

Information we collect automatically:

When you visit our Website or access, use, connect to, or interact with the Services, our servers temporarily save each access in a log file. The following data may be collected: (i) the IP Address of the requesting computer or device; (ii) the name of your internet access provider (usually your internet access provider); (iii) the date and time of access; (iv) the name and URL of the retrieved file; (v) the page and address of the website from which you were redirected to the website and, if applicable, the search term used; (vi) the country from which the website is accessed; (vii) the operating system of your computer and the browser you are using (provider, version, and language); and (viii) the transmission protocol used (e.g., HTTP/1.1).

The processing of this data is carried out for the purpose of enabling your access to, use of, connection to, and interaction with the Services, including (i) to facilitate your connection to the Website, (ii) to identify your compliance with the deBridge Foundation Terms of Use, including identifying any Prohibited Person; and/or (iii) to determine eligibility for certain Services, in each case in order for us to perform our contract with you and in our legitimate interests to provide effective Services to you.

We also process this data in our legitimate interests to provide effective Services to you by processing the data to assist system security and stability for provision of the Services, to conduct troubleshooting, data analytics, testing, and research, and to enable optimization and internal statistical analysis with respect to the Services, as well as to maintain the safety and security of our users, the Website, our Services and business and to improve and develop our Services and Website.

The Foundation may use cookies, web beacons/clear gifs, geolocation and tracking technologies, and other applications when you visit the Website, including technologies collecting certain information about your access to, use of, connection to, or interaction with the Services ("Usage Data") that may be integrated with third-party service providers.

We may also use your information to provide the Services and perform our contract with you. In our legitimate interests to provide effective services to you, we may also use this data to create aggregated, anonymized, or de-identified data.

In addition to the foregoing, we may use any of your information to comply with any applicable legal obligations, to enforce any applicable terms of service, and to protect or defend the Services, our rights, and the rights of our users or others.

Information we may collect from third-party wallet extensions or connections:

Certain transactions conducted via our Services will require you to connect a compatible third-party digital Wallet to the Services. By using such Wallet to conduct such transactions via the Services, you agree that your access to, use of, connection to, and/or interactions with such third-party Wallets are governed by the privacy policy for the applicable Wallet, and you agree that you are using the Wallet in accordance with the terms and conditions of the applicable third-party provider of such Wallet.

Wallets are not maintained or supported by, or associated or affiliated with, the Foundation. We expressly disclaim any and all liability for actions arising from your use of third-party Wallets, including but without limitation, to actions relating to the use and/or disclosure of personal information by such third-party Wallets.

2. YOUR RIGHTS​

Under applicable data protection laws, you may have certain rights in relation to your personal data. These rights may include the following:

2.1. Access to your personal data that the Foundation holds, information on how we use it, and who we share it with;

2.2. Correction of your personal data that the Foundation holds, subject to the Foundation’s investigation and verification of any disputed information;

2.3. Deletion or removal of your personal data, in certain circumstances;

2.4. Restriction of processing of your personal data, to stop us from processing the personal data we hold about you other than for storage purposes, in certain circumstances;

2.5. Portability of your personal data; the Foundation will endeavor to provide you, or a third party, with a copy of the personal data that we hold about you and transfer it to a third party in a structured, commonly used, machine-readable format;

2.6. Objection to marketing communications; you may opt out of marketing communications at any time by using any unsubscribe or opt-out functionalities displayed in our communications to you;

2.7. Withdrawal of consent, where the Foundation is relying on consent to process personal data; this will not affect the processing of personal data carried out before consent is withdrawn or on legal bases other than consent.

If you: (a) have queries about our data protection processes and practices; (b) wish to request access to and/or make corrections to your personal data in our possession or under our control; or (c) wish to withdraw your consent to our collection, use or disclosure of your personal data, please submit a written request (with supporting documents, (if any) to us at: [email protected]. To the extent required under applicable data protection laws, the Foundation will be responsive to your request without undue delay and where required under applicable data protection laws, at least within one month (though this may be extended by a further two months in certain circumstances). The Foundation shall use reasonable means to verify your identity before making any determination with respect to your request. Please note that if you withdraw your consent to any or all use or disclosure of your personal data, depending on the nature of your request, we may not be in a position to continue to provide our services or products to you or administer any contractual relationship in place. Such withdrawal may also result in the termination of any agreement you may have with us. Our legal rights and remedies are expressly reserved in such event.

We may charge you a fee for processing your request for access. Such a fee depends on the nature and complexity of your access request. Information on the processing fee will be made available to you.

3. Personal data and the Blockchain

Blockchain technology, also known as distributed ledger technology (DLT), is at the core of our business. Blockchains are decentralised and made up of digitally recorded data in a chain of packages called "blocks". The manner in which these blocks are linked is chronological, meaning that the data is very difficult to alter once recorded. Since the ledger may be distributed all over the world (across several "nodes" which usually replicate the ledger) this means there is no single person making decisions or otherwise administering the system (such as an operator of a cloud computing system), and that there is no centralised place where it is located either.

Accordingly, by design, a blockchain’s data cannot be changed or deleted and is said to be "immutable". This may affect your ability to exercise your rights such as your right to erasure ("right to be forgotten"), or your rights to object or restrict processing of your personal data. Data on the blockchain cannot be erased and cannot be changed. Although smart contracts may be used to revoke certain access rights, and some content may be made invisible to others, it is not deleted.

In certain circumstances, in order to comply with our contractual obligations to you (such as delivery of tokens or provision of other services) it will be necessary to collect certain personal data, such as your wallet address, onto the blockchain; this is done through a smart contract and requires you to execute such transactions using your wallet’s private key.

The ultimate decisions to (a) transact on the blockchain using your wallet address, as well as (b) share the public key relating to your wallet address with anyone (including us) rests with you. IF YOU WANT TO ENSURE YOUR PRIVACY RIGHTS ARE NOT AFFECTED IN ANY WAY, YOU SHOULD NOT TRANSACT ON BLOCKCHAINS AS CERTAIN RIGHTS MAY NOT BE FULLY AVAILABLE OR EXERCISABLE BY YOU OR US DUE TO THE TECHNOLOGICAL INFRASTRUCTURE OF THE BLOCKCHAIN. IN PARTICULAR THE BLOCKCHAIN IS AVAILABLE TO THE PUBLIC AND ANY PERSONAL DATA SHARED ON THE BLOCKCHAIN WILL BECOME PUBLICLY AVAILABLE.

Specifically, information regarding your digital wallet addresses (including transactions performed by said digital wallet addresses), public cryptographic key relating to digital wallet addresses on distributed ledger networks and/or similar information which you utilise to access the Website will be linked to your user account. By accessing our services, you provide your consent to our services reading and/or accessing information from such digital wallet addresses in order to verify ownership of any digital assets or tokens associated with such address (whether fungible or non-fungible). Users will have the ability to "add" their digital wallet address to access our services, as well as the ability to "remove" such stored wallets. All data obtained by us in connection with your digital wallet addresses shall be treated as personal data and dealt with in accordance with the provisions of this Policy.

4. SHARING OF PERSONAL DATA​

In certain circumstances, we will share your information with third parties with your consent, as necessary, or as otherwise required or permitted by law. Specifically, we share your personal data:

4.1. With service providers and vendors: The Foundation may share your personal data with third parties to process on the Foundation’s behalf. Such third parties include blockchain analysis service providers, know-your-customer and screening service providers, developers, content delivery service providers, and data analytics service providers. These service providers assist us with many different functions and tasks, including determining your eligibility with respect to participation in certain of the Services.

4.2. With professional advisors, in our legitimate interests or as required by law: As necessary, we will share your personal data with professional advisors such as auditors, law firms, cybersecurity specialists, data analysis organizations, and/or consulting or accounting firms.

4.3. With our affiliates, in our legitimate interests: We may share your personal data with companies within our corporate family.

4.4. In connection with an asset sale or purchase, merger, bankruptcy, or other business transaction or re-organization, in our legitimate interests: We will share your personal data with relevant third parties as necessary while negotiating or in relation to a change of corporate control such as a restructuring, merger, or sale of our assets.

Your personal information may be transferred to and stored or processed in countries outside the jurisdiction in which you live and reside, including outside the European Economic Area ("EEA") and United Kingdom ("UK"), and including to the U.S., in order to provide the Services. Your personal information is also processed by staff operating outside the UK/EEA who work for us or for third-party service providers or partners. We will take steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this Policy. When we transfer your personal information to third parties located outside the EEA/UK, we seek to put in place appropriate safeguards to ensure that this transfer occurs in accordance with applicable laws. These measures include seeking entry into the standard contractual clauses ("SCCs") approved by the European Commission (for transfers outside the EEA) and/or an international data transfer agreement/addendum to the SCCs approved by the UK Information Commissioner’s Office ("ICO") (for transfers outside the UK), unless the data transfer is to a country that has been determined by the European Commission or the relevant UK authorities, as applicable, to provide an adequate level of protection for individuals’ rights and freedoms for their personal data.

5. RETENTION​

We will retain your personal data (including Data on your use of our Website and our Services as well as technical usage information) for 12 months, save that Account data shall be retained for as long as you keep your account open or as needed to provide you with our Services.

In addition to the above, we will retain and use your personal data to the extent necessary to comply with our legal obligations, resolve disputes, investigate matters, and comply with and enforce our terms and conditions, other applicable terms of services, and our policies. If you stop using our Services or if you delete your account with us, we will store your information in an aggregated and anonymized format; we may use this information indefinitely without further notice to you.

6. CHILDRENS’ PRIVACY AND DATA PROTECTION​

Children under the age of eighteen (18) are not permitted to use the Services, and we do not seek to or knowingly collect any personal data about children under thirteen (13) years of age (or sixteen (16) years of age for individuals in the EEA/UK). If we become aware that we have unknowingly collected information about any child under eighteen (18) years of age, we will make commercially reasonable efforts to delete such personal data and other information from our database. If you are the parent or guardian of a child under eighteen (18) years of age who has provided us with their personal data or other information, you may contact us using the below information to request that it be deleted.

7. SECURITY MEASURES TAKEN TO PROTECT PERSONAL DATA​

Please be aware that despite our efforts to protect your personal data and other information, we cannot guarantee "perfect security" of your information transmitted through the Website.

In addition, please note that any information you send to us electronically, while using the Services or otherwise interacting with us, may not be secure while in transit. Any transmission is at your own risk. You should carefully read any risk factors specified in any terms of services associated with your access to, use of, connection to, or interaction with the Services.

8. COOKIES, SCRIPTS, AND RELATED TECHNOLOGIES​

When you access, use, connect to, or interact with the Services, including the Website, the Foundation and its third-party service providers receive and record personal data that you may have provided and your digital signature, such as your IP Address or information associated with or relating to your Wallet.

What type of tracking technologies are used?​

The technologies we use to track your activities with respect to our Services, including our Website, include cookies, tracking scripts and pixels, and tagging technologies ("Tracking Technologies"). These Tracking Technologies may be stored on your device or browser and may gain access to information stored on your device; they may also be used to collect your personal data. Tracking Technologies can remain on your device for different periods of time. Some exist only while your browser is open and are deleted automatically once you close your browser. Others are "permanent", meaning that they survive after your browser is closed. They can be used to recognize your device when you open your browser and browse the internet again.

SOCIAL MEDIA AND OTHER THIRD-PARTY WEBSITES AND LINKS​

On the Website, the Foundation may provide links to websites or online platforms operated by third parties, including social media or content platforms operated by third parties, such as X (formerly Twitter) or Medium. We do not guarantee and are not responsible for the privacy, security, or content of these sites, including the accuracy, completeness, or reliability of information and services found on these sites.