I Data controller
II Types of Data collected
Controller respects the privacy of the User and will not collect and process any other data (such as name, address, phone number, e-mail address, IP address, device type etc.) unless they are
- provided voluntarily by the User;
- gathered as a result of specific verifications performed by third parties included in Section X.C below based on the Personal Data provided by the User;
III Mode of Processing
Use of Personal Data
Data transmitted by the User to Controller may be used as follows:
- to create a user account;
- to respond to your inquiries and your correspondence;
- for marketing analysis purposes, in particular to better understand the needs of Users and improve the Services of Controller, and to provide Users with relevant information relating to any of our networks operated;
- to ensure our Website functions correctly, in particular to ensure that content from our Website is presented in the most effective manner for you and for your computer;
- to maintain or improve our services offered through the Website.
Legal basis of processing
The Controller may process Personal Data of Users if one of the following applies:
- Users have given their consent for one or more specific purposes. Note: Under some legislations, the Controller may be allowed to process Personal Data until the User objects to such processing ("opt-out"), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law (GDPR);
- provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- processing is necessary for the establishment, exercise or defence of legal claims or proceedings;
- processing is necessary for compliance with a legal and regulatory obligation to which the Controller is subject;
- processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Controller;
- processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party.
Methods of processing, access to data and disclosure to third parties
Your Personal Data will not be disclosed to third parties for other purposes than the ones mentioned above or the following additional reasons:
- you have given your express consent to it;
- the disclosure is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data;
- in the event that a legal obligation exists for the disclosure; or
- this is legally permissible and necessary for the execution of our contractual relationship with you.
Place of processing and export of data
IV Retention of data
The Controller will retain Personal Data for as long as it is required to deliver the Services described in Sections III.A above and X.B below, and/or, upon termination, as long as required by law or regulations (e.g. mandatory retention periods), whichever is longer.
- Personal Data collected for purposes related to the performance of a contract between the Controller and the User shall be retained until such contract has been fully performed;
- Personal Data collected for the purposes of the Controller’s legitimate interests shall be retained as long as needed to fulfil such purposes.
V Security measures
VI The rights of Users
Users may exercise certain rights regarding their Personal Data processed by the Controller.
In particular, Users have the right to do the following:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data. Please note that even after you have chosen to withdraw your consent, we may be able to continue to process your Personal Data to the extent required or permitted by law.
- Object to processing of their data. Users have the right to object to the processing of their data if the processing is carried out on a legal basis other than consent (e.g. for a public interest, in the exercise of an official authority vested in the Controller or for the purpose of legitimate interests pursued by the Controller). Users may object to such processing by providing a ground related to their particular situation to justify the objection. In particular, under and to the extent of a scope of application of the GDPR, in those cases where we base processing on our legitimate interests, you have the right to object to the processing. Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification.
- Access their data. Users have the right to learn if the Controller is processing data, obtain disclosure regrading certain aspects of the processing and obtain a copy of the data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their data and ask for it to be updated or corrected. Please note that you must advise us of any changes to your personal information so that we can ensure that your personal information is accurate and up to date.
- Restrict the processing of their data. Users have the right, under certain circumstances, to restrict the processing of their data if the accuracy of the data is disputed. In this case, the Controller will not process their data for any purpose other than storing it.
- Restrict the use of Personal Data whilst complaints are resolved.
- Have their Personal Data deleted or otherwise removed.
Users have the right, under certain circumstances, to obtain the erasure of their data from the Controller, unless the processing is justified by our legitimate interests, necessary to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims. We will take reasonable steps to inform other controllers that are processing the data that you have requested the erasure of any links to, copies or replication of it.
- Receive their data and have it transferred to another controller. Users have the right to receive their data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority (depending on your country of residence and the applicable data protection laws – note that in certain countries you may only notify a data protection authority which may then decide to initiate legal steps based on its own discretion).
IX Definitions and legal references
Any information that directly, indirectly, or in connection with other information – including a personal identification number – allows for the identification or identifiability of a natural person.
Information collected automatically through this Website (or third-party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Website) and the details about the path followed within the Website with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
The individual using this Website who, unless otherwise specified, coincides with the Data Subject.
The natural person to whom the Personal Data refers.
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the owner of this Website.
The Website of Controller available under https://web3.foundation.
The Services (and blockchain offerings) provided by Controller.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Small sets of data stored in the User’s device.
This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).
X Special provisions
Web 3.0 Foundation Website
Current Third Party Processors
The following third party processors are currently assigned with processing activities on our behalf:
- Parity Technologies Deutschland GmbH
Information is disclosed to Parity Technologies GmbH for the purposes of assisting and/or following up with you, and coordinating that assistance/follow-up where you have shown interest in the Polkadot network or any of our networks operated.
The following third party processors are currently assigned with processing activities on our behalf:
Parity Technologies Ltd. UK
Information is disclosed to Parity Technologies Ltd. UK for the purposes of assisting and/or following up with you, and coordinating that assistance/follow-up where you have shown interest in the Polkadot network. In particular, Parity Technologies is assigned with forwarding technical updates to the Polkadot network to users.
How "Do Not Track" requests are handled: The Website www.kusama.network does not support “Do Not Track” requests.
To determine whether any of the third-party service providers it uses honor the “Do Not Track” requests, please read their respective privacy policies.
Thousand Validators Programme
Additional data collected in the Thousand Validators Programme: In addition to the types of data collected as set out in Section II above, the Thousand Validators Programme under the Website collects the following information:
- information gathered as a result of the Thousand Validators Programme (such as sentry node network ID, node name on telemetry, emergency phone number, e-mail, stash account and/or riot handle(s)).
Additional use of Data collected on the Thousand Validators: In addition to the use of collected data as set out in Section III.A above, Controller may use Personal Data collected as follows:
- to provide mining rewards to minders through the Thousand Validators Programme such as nominations and their implementation in rankings (and the adjustment of rankings in accordance with our rules and requirements).
Current Third Party Processors: The following third party processors are currently assigned with processing activities on our behalf:
Notes/Explanation: Parity Technologies, a company based in UK, is Controller’s service provider that builds software. Parity Technologies will have administrative access to the Thousand Validators Programme and all data provided by the User. Parity Technologies will only access such data for the purpose of and to the extent required to resolve technical issues with the Polkadot Network and users thereof participating in the Thousand Validators Programme. Parity Technologies will not retain any further data.
All privacy and data protection requests in relation to Parity Technologies should be directed to: firstname.lastname@example.org.
- The updated list of these parties may be requested from the Controller at any time.
Web analysis services: For the evaluation of the use of the Thousand Validators Programme Controller uses the following web analysis services of third parties listed below, to whom data may also be disclosed to the extent required for the use of these services. Secondly, Controller may use the following special plugins and link icons from different providers on the website as listed below.
We also use social plugins of the LinkedIn network. The provider is called LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. For every access to our website that contains social plugins, a connection to LinkedIn servers is established. Linkedin is informed that you have visited our website with your IP address. If you click on the "Recommend" button from LinkedIn and are logged into your LinkedIn account, LinkedIn can link your visit to our website with you and your user account. We would like to point out that we, as the operator of this Website, have no detailed knowledge of the content of the data transmitted to LinkedIn and its internal processing. LinkedIn is responsible to you for processing your personal data as a "controller". Further information on the processing of your data by LinkedIn can be found in LinkedIn’s data protection regulations at: https://www.linkedin.com/legal/privacy-policy.
- Within and to the extent under the scope of application of the GDPR, the data processed by web analysis services for the aforementioned purposes is justified in order to protect our legitimate interests and those of third parties pursuant to Art. 6 para. 1 sentence 1 letter of GDPR.
Gleam.io Polkadot Decoded
Additional data collected
In addition to the types of data collected as set out in Section II above, under the Website (http://gleam.io) we collect any of the following information:
- Full Name
- Email Address
- Country of Residence
- Login Location
- Date of Login
- Twitter username
- Discord username
- Reddit username
- YouTube username