This policy governs the use of the Freeport website at https://freeport.app and the associated tools and services.
Collectively, the website and the associated tools and services are referred to as the “Services” in these terms. The operator may offer other products and services.
Freeport Technologies LLC, a Delaware company, operates the Services. It and its affiliates are referred to in this document as the “operator,” “we,” or “us.”
1. Data overview
1.1 Data you give to us
- Information and content you provide. We collect the content, communications and other information you provide when you use our Services, including when you create an account, initiate the use of the Services, create or share content, and message or communicate with others. This information may include, but is not limited to:
- Personal information (including name and address)
- Financial information (including credit card and bank account information)
- Ethereum wallet address
- Information used to verify your identity. If required to help us verify your identity, you may provide us a copy of your government issued ID. If required to help us verify your residence, you may provide us with a proof of residence. You may also provide us other verification documents, to meet anti-money laundering laws or other legal requirements. If you seek to invest through an entity or corporation, you may provide us with documentation relating to the entity's jurisdiction, status and ownership. By providing the verification information and documents mentioned above, you also provide us information within those records, which may include characteristics of protected classifications like your sex, age, national origin, and citizenship.
- Financial information. In order to transfer funds, you may need to provide us and our third-party financial providers or partners with account and other payment information. You may agree to your personal and financial information being transferred, stored, and processed by such third parties in accordance with their respective privacy policies.
- Your usage. We collect information about how you use our Services, such as the types of content you view or engage with; the features you use; the actions you take; the people or accounts you interact with; and the time, frequency, and duration of your activities.
- Information about transactions made on our Services. If you use our Services for transactions of any kind, we collect information about them.
- Things others do and information they provide about you. We also receive and analyze content, communications, and information that other people provide when they use our Services.
1.2 Data we obtain automatically
As described below, we collect information from and about the actions you take in the Services and the computers, phones, and other web-connected devices you use that interact with our Services, and we combine this information across different devices you use.
Information we obtain from these devices includes:
- Usage information: information about your use and interaction with the Services
- Device attributes: information such as the operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins.
- Device operations: information about operations and behaviors performed on the device, such as whether a window is foregrounded or backgrounded, or mouse movements (which can help distinguish humans from bots).
- Identifiers: unique identifiers, device IDs, and other identifiers.
- Network and connections: information such as the name of your mobile operator or ISP, language, time zone, mobile phone number, IP address, connection speed and, in some cases, information about other devices that are nearby or on your network.
- Information necessary to enable push notifications: if you enable push notifications in our services, we will collect information from your device as may be necessary to enable such notifications
1.3 Information from partners
- See the “Third-Party Data Collection” section for additional information on third-party collection of data.
1.4 The Blockchain
Blockchain technology is at the core of our business. By design, a blockchain’s records cannot be changed or deleted and the blockchain is said to be ‘immutable’. This may affect your ability to exercise your rights such as your right to erasure (‘right to be forgotten’), or your rights to object or restrict processing, of your personal data. Data on the blockchain can’t be erased or changed. Although smart contracts may be used to revoke certain access rights, and some content may be made invisible to others, it is not deleted.
In certain circumstances, in order to comply with our contractual obligations to you (such as delivery of tokens) it will be necessary to write certain personal data, such as your wallet address, onto the blockchain; this requires you to execute such transactions using your wallet’s private key.
In most cases ultimate decisions to (i) transact on the blockchain using your wallet address, as well as (ii) share the public key relating to your wallet address with anyone (including us) rests with you.
If you want to ensure your privacy rights are not affected in any way, you should not transact on blockchains as certain rights may not be fully available or exercisable by you or us due to the technological infrastructure of the blockchain. The blockchain is available to the public and any personal data shared on the blockchain will become publicly available.
1.5 Individuals under the Age of 18
As per our Terms of Service, individuals under the age of 18 are not permitted to use the Services. As such, we do not knowingly collect, solicit or maintain personal data from anyone under the age of 18 or knowingly allow such persons to register for the Services.
In the event that we learn that we have collected personal data from an individual under age 18, we will use commercially reasonable efforts to delete that information from our database. Please contact us if you have any concerns. If you are a parent or guardian and you are aware that your child has provided personal data to the Services, please contact us so that we may remove such data. Note that we cannot delete information stored on public cryptographic blockchains.
2. How do we use the data we collect?
We use the information we have (subject to choices you make) as described below and to provide and support the Services. Here's how:
- To provide and maintain the Services
- We use the information we have to deliver our Services. We, and our partners and affiliates, also use the information to perform KYC/AML checks, facilitate payments, verify eligibility to invest, and to improve our products. This may include:
- Product research and development: We use the information we have to develop, test and improve our Services, including by conducting surveys and research, and testing and troubleshooting new products and features.
- Ads and other sponsored content: We use the information we have about you – including information about your interests, actions and connections – to select and personalize ads, offers and other sponsored content that we show you.
- To manage business operations (bill you, improve our security, detect fraud, and meet our legal obligations)
- To improve the Services (develop and improve features)
- To manage your support requests and other inquiries
- To personalize the Services for you
- To manage your account: The personal data you provide can give you access to different functionalities of the Services that are available to you as a registered user.
- To contact you about your account (account authentication, notifications, invoices, and other transactional mail)
- To deliver promotional communications you unless you have opted out (new features, offers, promotions, etc.)
- To deliver targeted advertising to you: We may use your information to develop and display content and advertising (and work with third-party vendors who do so) tailored to your interests and/or location and to measure its effectiveness.
- For other purposes: We may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.
- To promote safety, integrity, and security: We use the information we have to verify accounts and activity, combat harmful conduct, detect and prevent spam and other bad experiences, maintain the integrity of our Services, and promote safety and security.
- To Provide measurement, analytics, and other business services: We use the information we have (including your activity on our Services) to help advertisers and other partners measure the effectiveness and distribution of their ads and services, and understand the types of people who use their services and how people interact with their websites, apps, and services.
3. How do we share the data we collect?
3.1 The Services only share information about you with others as follows:
- We employ other companies to perform functions on our behalf, such as service providers that assist in the administration of the Services and our advertising and marketing efforts, that protect you, our other customers, and us from spam and incidents of fraud, identity verification services, data analytics companies that help us target our offerings, marketing partners, and payment providers. We may need to share your information with these companies. These partners may access this information so long as you have an account on the Services.
- We may also transfer your personal data to a third party as a result of a business combination, merger, asset sale, reorganization or similar transaction or to governmental authorities when we reasonably believe it is required by law or appropriate to respond to legal process.
- To operate the Services, we share information about you as needed with our service providers. We only share information to the extent it is required to fulfill our obligations to you and to regulators, and to operate the Services.
- We may share information about you with US, state or international regulators, SEC, or FINRA where we believe doing so is required or appropriate to comply with any laws, regulations or other legal processes or law enforcement requests, such as court orders, search warrants, or subpoenas.
- We display your Ethereum address (or related ENS) on your gallery when you create your own gallery.
- We do not sell personal data to third parties.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
To the extent the operator may collect, store, or use banking information or other financial information from users, such information will be stored and processed with the highest level of safeguards and will only be disclosed to authorized persons or institutions.
4. Who is data shared with?
- Third Parties to whom information may be shared include:
|Meta||Personalization of content (including ads), measure ads, produce analytics, and provide a safer experience.||90 days|
The Services may keep the information we gather about you for 90 days, or as long as is required for operational, regulatory, and/or legal purposes.
7. Who Else Collects Data?
Third parties may collect or receive certain information about you and/or your use of the Services to provide content, ads (including personalized ads), or functionality, or to measure and analyze ad performance, in or through the Services. These third parties include:
You may choose whether to receive certain personalized (also known as targeted) advertising from participating ad networks, audience segment providers, ad serving vendors, other service providers or entities by visiting websites operated by the Network Advertising Initiative and Digital Advertising Alliance or if you are a user in the European Economic Area, Your Online Choices. We adhere to the Self-Regulatory Principles for Online Behavioral Advertising.
To request that information collected about you be deleted, please contact us at the email provided in this policy. A valid request must include sufficient information to identify your personal data. Note that we cannot delete information stored on public cryptographic blockchains.
8. Your Choices & Updates
If you wish to stop receiving marketing or promotional communications or to opt out of use of your information for the purposes described in this policy, please follow the opt-out instructions, such as clicking “Unsubscribe” (or similar opt-out language), in those communications. You can also contact us at email@example.com to opt out. Despite your indicated email preferences, we may send you service-related communications, including notices of any updates to our terms of service or this policy. Please understand that you will not be allowed to opt–out of certain communications required to comply with applicable laws, rules and regulations or other legal and related notices concerning your relationship to the Services.
If you have comments or questions about the privacy policies of the Services, contact firstname.lastname@example.org.
9. CCPA Addendum – Compliance
You agree to do your respective parts to comply with the California Consumer Privacy Act and its regulations, consistent with the operator’s role as a “service provider”, and not as a “third party”, under that law.
Whenever it is feasible and legal to do so, both the operator and You will give the other prompt notice of user rights requests, regulatory inquiries, and other communications under the California Consumer Privacy Act. Both sides agree to cooperate in good faith to respond to and honor such communications, and to meet other obligations under the California Consumer Privacy Act.
The operator may not:
- sell personal information collected from consumers covered by the California Consumer Privacy Act that You disclose to the operator
- retain, use, or disclose such information for any purpose other than for the specific purpose of performing the services in the Terms of Service, including retaining, using, or disclosing such information for a commercial purpose other than providing the services Terms of Service
- retain, use, or disclose such information outside of a direct business relationship between the operator and You
The operator understands the restrictions in Prohibitions and will comply with them.
Both You and the operator agree to limit use of personal information covered by the California Consumer Privacy Act to that reasonably necessary and proportionate to achieve the purpose of the Terms of Service, consistent with the meaning of “business purpose” under that law.
The operator agrees to ensure that each subcontractor that processes Your information covered by the California Consumer Privacy Act will also qualify as a “service provider”, and not as a “third party”, under that law.
9.6 Personal Information
The operator has collected and used the following categories of personal information for a business purpose within the last 12 months:
- identifiers (such as contact information, government IDs, cookies, etc.),
- information protected against security breaches (such as your name and financial account, driver’s license, social security number, user name and password, health/medical information),
- protected classification information (like race, gender, ethnicity, etc.),
- other information, including commercial information, Internet/electronic activity, geolocation, audio/video data, professional or employment related information, education information, biometrics, and inferences from the foregoing;
The operator has not sold or disclosed any such data within the last 12 months, as of the date of this agreement.
9.7 Previously Submitted Information
To request access or changes to information previously submitted, please contact the operator at the address provided above (under the “Contact” heading).
10. GDPR / EU Addendum
10.1 Transferring Your data outside of the EU
The data mentioned in this document will be stored in the United States. We use Amazon Web Server, which is based in the US. Amazon is certified under the EU-US Privacy Shield.
But, when interacting with the blockchain, as explained above in this Policy, the blockchain is a global decentralized public network and accordingly any personal data written onto the blockchain may be transferred and stored across the globe.
10.2 Your Rights as a Data Subject
You have certain rights under applicable legislation, and in particular under Regulation EU 2016/679 (General Data Protection Regulation or ‘GDPR’). We explain these below. You can find out more about the GDPR and your rights by accessing the European Commission’s website.
10.2.1 Right Information and access
You have a right to be informed about the processing of your personal data (and if you did not give it to us, information as to the source). This document provides that information, and you may contact us for additional information.
10.2.2 Right to rectification
10.2.3 Right to erasure (right to be ‘forgotten’)
You have the general right to request the erasure of your personal information in the following circumstances:
- the personal information is no longer necessary for the purpose for which it was collected;
- you withdraw your consent to consent based processing and no other legal justification for processing applies;
- you object to processing for direct marketing purposes;
- we unlawfully processed your personal information; and
- erasure is required to comply with a legal obligation that applies to us.
But, when interacting with the blockchain we may not be able to ensure that your personal data is deleted. This is because the blockchain is a public decentralized network and blockchain technology does not generally allow for data to be deleted and your right to erasure may not be able to be fully enforced. In these circumstances we will only be able to ensure that all personal data that is held by us is permanently deleted.
We will proceed to comply with an erasure request without delay unless continued retention is necessary for:
- Exercising the right of freedom of expression and information;
- Complying with a legal obligation under EU or other applicable law;
- The performance of a task carried out in the public interest;
- Archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, under certain circumstances; and/or
- The establishment, exercise, or defense of legal claims.
10.2.4 Right to restrict processing and right to object to processing
You have a right to restrict processing of your personal information, such as where:
- you contest the accuracy of the personal information;
- where processing is unlawful you may request, instead of requesting erasure, that we restrict the use of the unlawfully processed personal information;
- we no longer need to process your personal information but need to retain your information for the establishment, exercise, or defense of legal claims.
You also have the right to object to processing of your personal information under certain circumstances, such as where the processing is based on your consent and you withdraw that consent. This may impact the services we can provide and we will explain this to you if you decide to exercise this right.
But, when interacting with the blockchain, as it is a public decentralized network, we will likely not be able to prevent external parties from processing any personal data which has been written onto the blockchain. In these circumstances we will use our reasonable endeavors to ensure that all processing of personal data held by us is restricted, notwithstanding this, your right to restrict to processing may not be able to be fully enforced.
10.2.5 Right to data portability
Where the legal basis for our processing is your consent or the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, you have a right to receive the personal information you provided to us in a structured, commonly used and machine-readable format, or ask us to send it to another person.
10.2.6 Right to freedom from automated decision-making
We do not use automated decision-making, but where any automated decision-making takes place, you have the right in this case to express your point of view and to contest the decision, as well as request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers.
10.2.7 Right to object to direct marketing (‘opting out’)
You have a choice about whether or not you wish to receive information from us. We will not contact you for marketing purposes unless:
- you have a business relationship with us, and we rely on our legitimate interests as the lawful basis for processing (as described above)
- you have otherwise given your prior consent (such as when you download one of our guides)
You can change your marketing preferences at any time by contacting us on the above details. On each and every marketing communication, we will always provide the option for you to exercise your right to object to the processing of your personal data for marketing purposes (known as ‘opting-out’) by clicking on the ‘unsubscribe’ button on our marketing emails or choosing a similar opt-out option on any forms we use to collect your data. You may also opt-out at any time by contacting us on the below details.
10.2.8 Right to request access
You also have a right to access information we hold about you. We are happy to provide you with details of your Personal Information that we hold or process. To protect your personal information, we follow set storage and disclosure procedures, which mean that we will require proof of identity from you prior to disclosing such information. You can exercise this right at any time by contacting us on the above details.
10.2.9 Right to withdraw consent
Where the legal basis for processing your personal information is your consent, you have the right to withdraw that consent at any time by contacting us on the above details.
10.2.10 Raising a complaint about how we have handled your personal data
If you wish to raise a complaint on how we have handled your personal data, you can contact us as set out above and we will then investigate the matter.
The identity and contact details of the organization, its representative, and its Data Protection Officer are as follows:
Data Protection Officer
10.4 How to contact the appropriate authority
Should you wish to report a complaint or if you feel that we have not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office in your jurisdiction.