Privacy Policy

Updated 12th January 2024 at 13:25

This Privacy Policy describes the privacy practices of Moralis Web3 Technology AB (the “Company” or “Moralis”), corp. reg. no. 559307-5988, with its registered address Box 30, 116 74 Stockholm, Sweden, and how we handle and process the User personal data, collected through our services, products, website as well as through social media, marketing activities, webinars, conferences, events and other activities, described in this Privacy policy.

We collect personal data which Users of our website and services can provide to us when visiting our website (the “Site”) and when using our Services. We act as the data controller of personal data obtained accordingly and of its processing in accordance with this Privacy Policy.

We safeguard the User’s personal integrity. It is therefore important for us to protect User personal data and ensure that our processing of User’s personal data is correct and lawful. We ask that Users read this Privacy Policy carefully and inform themselves with its content, since it applies to all use of our website and services.

If the Users have any questions regarding this Privacy Policy, please contact us at the address provided above or at [email protected].

What Data Do We Collect & Process?

How We Collect Your Personal Data

We collect personal data when the User registers for a user account or in any other way they provide us with their personal data. We also collect User’s personal data based on their web activity and activity in emails we send to them, including how they use the Service and from third party sources.

Data That We Process

The categories of personal data we process may include, but are not limited to:

  1. Name and contact details such as User email address, location, and information regarding the company User represent, tax details, credit card information and the services ordered by the User;

  2. Account details, including username/userID;

  3. Wallet addresses;

  4. Browser information, e.g. type and version of browser, any website from which the User has been referred, which time zone the User visit us from; pages visited on our website; the User IP-address and a rough location estimate based on their IP-address; web activity information or User interaction in emails we send; information on User’s use of our services.

  5. Communications that we may exchange with the User, including support tickets, when they reach out to us with questions or feedback, social media including Discord or other forms of contact. 

Third-party sources: we may obtain personal data from third-party sources and data providers like publicly-available sources and on-chain transactions/data.

Why & How We Use Your Data

Providing Services

We process User personal data in order to provide them with our services and for communication when administering their account, purchases, processing their contact information in connection with the User accessing our services, invoicing, financial reporting and providing support, training, professional services and general information regarding our services to User, including by sending announcements, updates and security alerts. Our processing for the purpose of providing our services is based on our legitimate interest to understand User needs and interests and personalize their experience of the Service.

Improving Services

We process User personal data to improve our services and make them easier and better to use, including but not limited to testing and troubleshooting, fixing bugs, research and development. We will produce statistics on and analyze how the User use our services and perform market research, customer satisfaction surveys and obtain feedback. For these purposes, we also use User personal data based on their web activity and activity associated with emails we send to the User, including how they use our Service, User’s interests, and company and similarities with other User’s’ interests and User patterns. If User has created an account for our services, we process their personal data to handle IT-security incidents and matters for the purpose of generally improving the security of our IT systems, by creating and keeping, for a period of 12 months from its creation, a log file on how the User use our website and services. Our processing for the purpose of improving our services is based on our legitimate interest to do so.

Marketing

We also use the User personal data to communicate with them about our services, to inform them about our terms and conditions and to send them marketing messages. The Users may opt-out from further marketing messages at any time by using the un-subscription link provided in every marketing message. Our processing for the purpose of direct marketing is based on our legitimate interest to promote our services or with the User’s prior consent.

Compliance & Protection

We may use the User personal data to: 

  • Comply with applicable laws, legal requests and processes, including responding to subpoenas or government authorities requests,

  • Protect our, User’s, and others’ rights, privacy or property, including by making and defending legal claims,

  • Audit our internal processes for compliance with legal and contractual requirements and internal policies,

  • Enforce the terms and conditions that govern the Service,

  • Prevent, identify, investigate and discourage fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

How We Share Your Personal Data

The personal data that we collect is shared with our affiliated companies and  with our third party suppliers and other third parties such as the IT-infrastructure, operating and hosting services, marketing research and communications, financial and payment services, customer services and IT- services such as IT-support, maintenance and development, for the provision of our services, including for our developing and maintenance of our services.

The User personal data may be transferred or disclosed to a purchaser or prospective purchaser in the event of a sale, assignment, or other transfer of all or a portion of our business or assets, including a corporate divestiture, mergers, consolidation, acquisition or other disposition of all or any portion of the business or assets. 

When we use service providers, we will enter into a data processing agreement with the service provider which requires it to ensure that the User personal data is only processed in accordance with our instructions and this Privacy Policy. Processing and sharing of User’s personal data in accordance with the above is necessary for our legitimate interest to provide our services or to fulfill any contract we have entered into with the User or the User’s company or to comply with mandatory law.

As all transactions on blockchain are a public record, the transaction records associated during the use of Service will be publicly available on the blockchain.

Transfer of Your Personal Data Outside the EU/EEA

When our service providers, partners or any potential purchaser of our business or assets are located in or have business activities in a country outside the EU/EEA, we may transfer the User’s personal data to such countries. In the event of such transfer it will be by ensuring that the country in which the recipient is located ensures an adequate level of data protection, with EU’s 6 – step supplementary measures if necessary, or by use of standard contractual clauses that the European Commission has issued ensuring suitable measures to safeguard your rights and freedoms.

How Long Do We Store Your Personal Data?

We will only store the User personal data for as long as necessary for the purposes they were collected and to fulfill our legal duties to store data otherwise, but no longer than permitted by applicable law.

We have routines in place to remove personal data that is no longer necessary or allowed to store, including removing personal data related to deleted accounts at least once a year.

Security Measures

Security measures are made by us to ensure that the personal data we keep is secure by employing several technical and organizational safeguards. We maintain appropriate safeguards and security standards to protect the User personal data against unauthorized access, disclosure or misuse. We also monitor our systems to discover vulnerabilities in order to protect the User personal data.

Cookies

What are cookies?

Cookies are text files placed on the User’s computer to collect standard Internet information and visitor behavior information. When the User visits our website and services, we may collect information from them automatically through cookies or similar technology.

How do we use cookies?

For our collection and use of personal data through cookies, we refer to our Cookie Policy .

User Rights

Right of Access & Rectification

The User has the right to information regarding which of their personal data we process and to access and rectify such personal data. The User may access and amend some of the information we keep on them through their account settings.

Right to Erasure

The User may request that we erase their personal data without undue delay in the following circumstances:

  • the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;

  • The User withdraws their consent on which the processing is based (if applicable) and there is no other legal ground for the processing;

  • The User objects to our processing of personal data and we do not have any overriding legitimate grounds for the processing;

  • the processed personal data is unlawfully processed; or

  • the processed personal data has to be erased for compliance with legal obligations.

We may deny the User’s request if we are prevented from erasing the personal data by requirements set out in applicable laws and regulations or if they are needed for the establishment, exercise or defense of legal claims. If we cannot meet the User request, we will instead restrict the personal data so they cannot be used for another purpose than the purpose of preventing the erasure.

Right to Restriction

The User has the right to restrict the processing of their personal data in the following circumstances:

  • the User contests the accuracy of the personal data during a period enabling us to verify the accuracy of such data;

  • the processing is unlawful and the User opposes erasure of the personal data and request restriction instead;

  • the personal data is no longer needed for the purposes of the processing, but are necessary for the User for the establishment, exercise or defense of legal claims;

  • The User has objected to the processing of the personal data pending the verification whether our legitimate grounds for our processing override the User interests, rights and freedoms.

If User personal data has been restricted in accordance with this section they may, with exception of storage, only be processed for the establishment, exercise or defense of legal claims, or for the protection of the rights of a third party or for reasons of important public interest according to EU or EU member state legislation.

Right to Object

The User has the general right to object to our processing of their personal data when it is based on our legitimate interest. If the User objects and we believe that we may still process their personal data, we must demonstrate compelling legitimate grounds for the processing which overrides the User’s interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.

The User personal data will not be processed for purposes related to direct marketing if they oppose such processing.

Right to Data Portability

If the User personal data has been provided by them personally and our processing of their personal data is based on their consent or on the performance of a contract with the User, they have the right to receive the personal data concerning them in a structured, commonly used and machine-readable format in order to transmit these to another service provider where it would be technically feasible and can be carried out by automated means.

Right to Withdraw Consent

When our processing of the User personal data is based on their consent, they have the right to withdraw their consent at any time. The User may withdraw their consent through their account settings by deleting their account. Please note that the lawfulness of processing based on consent before its withdrawal is not affected.

Right to File a Complaint

The User may at any time lodge a complaint with the supervisory authority if they believe that our processing is performed in breach of applicable data protection law.

Changes to Our Privacy Policy

We may make updates or changes to this Privacy Policy. If we do so, we will inform the User in an appropriate manner on the Site and ask them to then carefully read through the updated Privacy Policy.

Contact Details

If the User has any questions about our Privacy Policy, the data that we hold on them or if they have any complaints or otherwise would like to exercise one of their data protection rights on how their data is processed, please contact us

via email: [email protected]

or via post:

Moralis Web3 Technology AB Box 30, 116 74 Stockholm, Sweden