Moralis Web3 Technology AB Privacy Policy

Version 1.0 (2021-04-07)

Introduction

This Privacy Policy describes how Moralis Web3 Technology AB (the “Company”), corp. reg. no. 559307-5988, with its registered address Box 30, 116 74 Stockholm, Sweden, handles and process your personal data.

Users of our website and services (“you, your”) can provide personal data to us when visiting our website (the “Site”) and when using our services. We act as the data controller of personal data obtained accordingly and of its processing in accordance with this Privacy Policy.

We safeguard your personal integrity. It is therefore important for us to protect your personal data and ensure that our processing of your personal data is correct and lawful. We ask that you read this Privacy Policy carefully and inform yourself with its content, since it applies to all use of our website and services.

If you have any questions regarding this Privacy Policy, please contact us at the address provided above or at [email protected].

What data do we collect and process?

How we collect your personal data

We collect your personal data when you sign up for user account or in any other way provide us with your personal data. We also collect your personal data based on your web activity and activity in emails we send to you, including how you use the Site and services and from third party sources.

Data that we process

The categories of personal data we process are the following:

  1. Name and contact details such as your email address, telephone number, location, professional title, and information regarding the company you represent, tax details, credit card information and the services you have ordered;
  2. Account details, including username/userID;
  3. Browser information, e.g. type and version of browser, any website from which you have been referred, which time zone you visit us from; pages you visit on our website; your IP-address and a rough location estimate based on your IP-address; information about your web activity or your interaction in emails we send to you; information on your use of our services.
For the avoidance of doubt, we do not save the IP-addresses of requests to our blockchain nodes nor do we profile or bundle calls to our blockchain nodes based on the user.

Why and how we use your data

Provide our services

We process your personal data in order to provide you with our services and to communicate with you when administering your account, your purchases, processing your contact information in connection with you accessing our services, invoicing, financial reporting and providing support, training, professional services and general information regarding our services to you. Our processing for the purpose of providing our services is based on our legitimate interest to do so or on your prior consent.

Improve our services

We process your personal data to improve our services and make them easier and better to use, including but not limited to testing and troubleshooting, fixing bugs. We will produce statistics on and analyzing how you use our services and performing market research and customer satisfaction surveys and getting your feedback. For these purposes, we also use your personal data based on your web activity and activity associated with emails we send to you, including how you use our website and services, your interests, professional title and company and similarities with other users’ interests and user patterns. If you have created an account for our services, we process your personal data to handle IT-security incidents and matters for the purpose of generally improving the security of our IT systems, by creating and keeping, for a period of 12 months from its creation, a log file on how you use our website and services. Our processing for the purpose of improving our services is based on our legitimate interest to do so.

Marketing

We also use your personal data to communicate with you about our services, to inform you about our terms and conditions and to send you marketing messages. You may opt-out from further marketing messages at any time by using the un-subscription link provided in every marketing message. Our processing for the purpose of direct marketing is based on our legitimate interest to promote our services or on your prior consent.

How we share your personal data

The personal data that we collect is shared with our affiliated companies and  with our third party suppliers and other third parties such as to IT-infrastructure, operating and hosting services, marketing research and communications, financial and payment services, customer services and IT- services such as IT-support, maintenance and development, for the provision of our services, including for our developing and maintenance of our services.

Your personal data may be transferred or disclosed to a purchaser or prospective purchaser in the event of a sale, assignment, or other transfer of all or a portion of our business or assets.

When we use service providers, we will enter into a data processing agreement with the service provider which requires it to ensure that your personal data is only processed in accordance with our instructions and this Privacy Policy. Processing and sharing of your personal data in accordance with the above is necessary for our legitimate interest to provide our services or to fulfil any contract we have entered into with you or your company or to comply with mandatory law.

Transfer of your personal data outside the EU/EEA

When our service providers, partners or any potential purchaser of our business or assets are located in or have business activities in a country outside the EU/EEA, we may transfer your personal data to such countries. In the event of such transfer it will be by ensuring that the country in which the recipient is located ensures an adequate level of data protection, with EU 6 – step supplementary measures if necessary, or by use of standard contractual clauses that the European Commission has issued ensuring suitable measures to safeguard your rights and freedoms.

For how long do we store your personal data?

We will only store your personal data for as long as necessary for the purposes they were collected and to fulfill our legal duties to store data otherwise, but no longer than permitted by applicable law.

We have routines in place to remove personal data that is no longer necessary or allowed to store, including removing personal data related to deleted accounts at least once a year.

Security measures

Security measures are made by us to ensure that the personal data we keep is secure. We maintain appropriate safeguards and security standards to protect your personal data against unauthorized access, disclosure or misuse. We also monitor our systems to discover vulnerabilities in order to protect your personal data.

Cookies

What are cookies?

Cookies are text files placed on your computer to collect standard Internet information and visitor behavior information. When you visit our website and services, we may collect information from you automatically through cookies or similar technology.

How do we use cookies?

For our collection and use of personal data through cookies, we refer to our Cookie Policy.

Your rights

Right of access and rectification

You have the right to information regarding which of your personal data we process and to access and rectify such personal data. You may access and amend some of the information we keep on you through your account settings.

For a SAR request, simply contact us via email with your contact information and the details of the specific information you wish to obtain or any specific questions you have regarding your data. Contact info is at the bottom of this page. We will acknowledge your request promptly and may need to verify your identity to protect your data. We aim to respond within one month. Complex requests may take up to three months, but we’ll keep you informed.

Right to erasure

You may request that we erase your personal data without undue delay in the following circumstances:

  • the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • you withdraw your consent on which the processing is based (if applicable) and there is no other legal ground for the processing;
  • you object to our processing of personal data and we do not have any overriding legitimate grounds for the processing;
  • the processed personal data is unlawfully processed; or
  • the processed personal data has to be erased for compliance with legal obligations.

We may deny your request if we are prevented from erasing your personal data by requirements set out in applicable laws and regulations or if they are needed for the establishment, exercise or defence of legal claims. If we cannot meet your request, we will instead restrict the personal data so they cannot be used for another purpose than the purpose preventing the erasure.

Right to restriction

You have the right to restrict the processing of your personal data in the following circumstances:

  • you contest the accuracy of the personal data during a period enabling us to verify the accuracy of such data;
  • the processing is unlawful and you oppose erasure of the personal data and request restriction instead;
  • the personal data is no longer needed for the purposes of the processing, but are necessary for you for the establishment, exercise or   defence of legal claims;
  • you have objected to the processing of the personal data pending the verification whether our legitimate grounds for our processing override     your interests, rights and freedoms.

If your personal data has been restricted in accordance with this section they may, with exception of storage, only be processed for the establishment, exercise or defence of legal claims, or for the protection of the rights of a third party or for reasons of important public interest according to EU or EU member state legislation.

Right to object

You have the general right to object to our processing of your personal data when it is based on our legitimate interest. If you object and we believe that we may still process your personal data, we must demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.

Your personal data will not be processed for purposes related to direct marketing if you oppose such processing.

Right to data portability

If your personal data has been provided by you and our processing of your personal data is based on your consent or on the performance of a contract with you, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format in order to transmit these to another service provider where it would be technically feasible and can be carried out by automated means.

Right to withdraw consent

When our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. You may withdraw your consent through your account settings by deleting your account. Please note that the lawfulness of processing based on consent before its withdrawal is not affected.

Right to file a complaint

You may at any time lodge a complaint with the supervisory authority if you believe that our processing is performed in breach of applicable data protection law.

Changes to our Privacy Policy

We may make updates or changes to this Privacy Policy. If we do so, we will inform you in an appropriate manner on the Site and we ask you to then carefully read through the updated Privacy Policy.

Contact details

If you have any questions about our Privacy Policy, the data that we hold on you or if you have any complaints or otherwise would like to exercise one of your data protection rights on how your data is processed, please contact us

via email: [email protected]

or

via regular mail:

Moralis Web3 Technology AB
Box 30, 116 74 Stockholm,
Sweden