"personal data" means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
"processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
"controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
"processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
"consent" of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
The legal person that determines the purposes and means of the processing of personal data is Delphi Labs Ltd, with principal office in the British Virgin Islands, email [email protected].
We collect, process, and use personal data on our Site in order to offer you better products and services, best adapt our business processes to the users' needs, and steer you to the most suitable product information and online applications.
In particular, data is processed in order to:
provide our services efficiently and effectively;
develop, enhance, market and deliver products and services to you;
understand your needs and your eligibility for products and services;
Moreover, we may directly or indirectly collect and temporarily store personally identifiable information for operational purposes, including for the purpose of identifying blockchain addresses or IP addresses that may indicate use of the Site from prohibited jurisdictions or by sanctioned persons or other prohibited uses.
When using the Site, we usually only collect the personal data that your browser transmits to our server. When you view our Site, we collect the following data:
Browser type (e.g. Google Chrome, Firefox);
Type of device;
Device name (e.g. iPhone 12 Pro Max);
Operating system and version (e.g. Windows 10);
Returning visitor or not;
The origin point of traffic (Direct link or search engine);
To conduct data analysis aiming at improving the user experience of our Site, from time to time, we additionally process the following data:
Number of visits;
Time spent on our website;
Entry and exit pages (e.g. visited home exited via the contact page);
Search engine keywords;
Downloads (if anyone saves an image from our website);
Content Copy (anyone who copies content from our website by dragging their mouse and highlighting text);
Engagement and Transitions (user flow);
Websites that direct to our website (which website directed to us);
Traffic from a social network;
Heatmaps of where a user clicks on our website;
Data on how fast or slow a person scrolls on our website;
Website load times and other performance metrics.
On the basis of publicly available information concerning the users' cryptographic wallet and the connected holdings of digital assets, Delphi may also conduct researches and analyses regarding the use of the smart contracts that the user accesses through the Site and the type and number of crypto-assets hold by the user. The processing aims to subdivide users in different categories for statistical and research purposes.
We will hold your personal data only for as long as it is necessary for us to do so, having regard to the purposes described in this Policy and our own legal and regulatory requirements. We usually do not retain any data concerning users. From time to time, in order to perform analysis concerning the use of our Site and ameliorate its settings we will retain personal data for a maximum period of 90 days. The retained data will be immediately erased at the end of our analysis.
Please be aware that public blockchains provide transparency into transactions and Delphi is not responsible for preventing or managing information broadcasted on a blockchain.
Delphi constantly implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
the pseudonymization and encryption of Personal Data;
the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
The security measures in place will, from time to time, be reviewed in line with legal and technical developments.
We may make available the personal data that you provide to us to our affiliates and related entities, agents, representatives, service providers and contractors for the purposes outlined in this Policy. Any information shared with such service providers is subject to the terms of this Policy. All service providers that we engage with are restricted to only utilizing the information according to our instructions.
We also reserve the right to disclose personal data that Delphi believes, in good faith, is appropriate or necessary to enforce the Terms, take precautions against liability or harm, to investigate and respond to third-party claims or allegations, to respond to a court order or official requests, to protect security or integrity of Delphi and to protect the rights, property or safety of Delphi, our users or others.
The user has the right to obtain confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and all the relevant information. Additionally, users may request deletion of personal data we collect or process. Users have the right to exercise the foregoing rights without receiving discriminatory treatment.
With respect to other categories of rights that might be exercised depending on the place where you are located, please consider Section 13 below.
According to the Site's Terms and conditions users must be at least eighteen years of age, of sound mental capacity and have all technical knowledge necessary or advisable to understand and evaluate the risks of the Site.
Delphi does not knowingly collect or store any personal information about users under 18. If you believe such information has been inadvertently processed, we will take necessary steps to remove such information from our database.
The GDPR requires a "lawful basis" for processing personal data. In principle, our lawful basis is established by Art. 6(1)(b) GDPR as the processing is necessary for accessing the services of the Site. Moreover, pursuant to Art. 6(1)(f), the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, in matters related to crimes and legal compliance and in order to ameliorate the efficiency and the user experience of the Site. Where you have given your specific consent, according to Art. 6(1)(a) GDPR, we may also use your data for specific purposes that will be outlined from time to time.
According to the GDPR, the user has also the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her (Art. 16 GDPR); the right to obtain the erasure of personal data concerning him or her without undue delay in one of the situations outlined in Art. 17 GDPR; the right to obtain from the controller restriction of processing in accordance with Art. 18 GDPR; the right to data portability in accordance with Art. 20 GDPR.
The user has further the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (Art. 21 GDPR).
Please consider that data committed to blockchains cannot be altered or eliminated. If you want to know more about the potential application of GDPR provisions to public blockchains and distributed ledgers please consult the study commissioned by the European Parliament.
In the event that you wish to exercise any of your above rights, please contact [email protected].