The CloudNFT takes steps to protect your privacy. We, in our capacity as Data Controller, have created this Privacy Notice to inform you about why we collect and how we process your Personal Data. By continuing to use our website, you acknowledge that you have read, understood, and accepted the information described in this Privacy Notice.
By using this Privacy Notice, we wish to comply and act in accordance with our obligation to inform the Users from whom we use data, as is required under the General Data Protection Regulation (“GDPR”).
We will only use your Personal Data as set out in this Privacy Notice. By using our website and filling out and approving the registration form on the said website for the purpose of participating in the Company's (pre)sale of CloudNFT tokens (“the Token Sale”), you agree to us using your Personal Data in accordance with this Privacy Notice.
If you have any questions about CloudNFT processing of your Personal Data or you wish to exercise your rights, you are always welcome to contact us:
If you are dissatisfied, you have the right to lodge a complaint with the supervisory authority for data protection issues - Estonian Data Protection Inspectorate (“AKI”), Tatari 39, Tallinn, 10134, Estonia, (e-mail: [email protected]/phone: 627 4135) or a claim to court. We would, however, appreciate the chance to deal with your concerns before you approach the AKI so please contact us in the first instance.
1. PERSONAL DATA WE COLLECT: TYPES, LEGAL BASIS, AND PURPOSES OF COLLECTING
1.1. Personal Data means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Article 4 of the GDPR).
1.2. An outline of the Personal Data that we require, accept, collect and process, when we collect it, how we use it and why we use it, is listed underneath:
|Non-personal data||Individually identifiable data|
This information is un-identified and non-identifiable data pertaining to a Users, which may be made available or gathered via your use of the website, even if you do not participate or register to the Token Sale:
This information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual. Such information includes:
|Purpose||We collect non-personal data in order to enhance the functionality of our website.||We collect identifiable data, which is provided voluntarily by you to us, for the purpose of providing our services and in order to comply with KYC and AML regulations in relation to the Token Sale.|
1.3. The Company will process your abovementioned Personal data exclusively on the legal basis listed below, as such in accordance with Article 6 of the GDPR:
1.3.1. given consent to the processing (Article 6 (1)(a) of the GDPR);
1.3.2. for the performance of a contract (Article 6 (1)(b) of the GDPR);
1.3.3. for compliance with a legal obligation to which the Company may be or is subject(ed) (Article 6 (1)(c) of the GDPR); and
1.3.4. for the purposes of the legitimate interests pursued by the Company except where such interests are overridden by the interests or fundamental rights and freedoms of the User which require protection of Personal Data (Article 6 (1)(f) of the GDPR).
1.4. Please, pay attention that your Personal data shall be collected and processed by a third party – Sum And Substance Ltd (UK), with its registered office at Suite 1, 5 Percy Street, Fitzrovia, London, England, W1T 1DG (“SumSub”), who is a trusted partner of the Company for collecting and processing Users data on behalf of the Company. SumSub is an experienced identity verification company that will process Personal data for the purposes of the necessary KYC/AML procedures. SumSub will obtain and process individually identifiable Personal data and run KYC/AML procedures and ensure compliance with the relevant AML legislation.
1.5. Nevertheless, for Users' data, which is outlined in clause 1.2 of this Privacy Notice, the Company will be the Controller in accordance with GDPR.
2. DATA SUBJECT RIGHTS
2.1. You may request to:
2.1.1. receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal data, together with supplementary information;
2.1.2. receive a copy of Personal Data you directly volunteer to us in a structured, commonly used, and machine-readable format;
2.1.3. request rectification of your Personal Data that is in our control;
2.1.4. request erasure of your Personal Data;
2.1.5. object to the processing of Personal Data by us;
2.1.6. request to restrict processing of your Personal Data by us;
2.1.7. lodge a complaint with a supervisory authority.
2.2. However, please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements. If you wish to exercise any of the aforementioned rights or receive more information, please contact us at [email protected].
3. SHARING YOUR PERSONAL DATA WITH THIRD PARTIES
3.1. The Company only shares your Personal Data with third parties insofar as necessary for the provision of services with due observance of the aforementioned legal basis. Nevertheless, the Company may provide your Personal Data to a third party, such as service providers, a supervisor, or any other public authority, to the extent that there is a legal obligation to do so.
3.2. If a third party is contracted by the Company to process your Personal Data on behalf of the Company, a processing agreement is concluded under which the designated third party is also obliged to comply with the GDPR. Third parties contracted by the Company who offer services as a Controller, are also responsible for compliance with the GDPR for the processing of your Personal data.
4. THIRD-PARTY WEBSITES AND SOCIAL MEDIA
4.1. On the Website “buttons” and/or hyperlinks are included to promote or share web pages on social (media) networks or third-party websites such as Twitter, Instagram, Telegram, or YouTube. The Company does not supervise these networks and websites and is therefore not responsible for the processing of your Personal Data by and through the parties behind those networks and websites. The use of these media is therefore at your own risk. Before you make use of these third-party services, the Company recommends you to read the privacy statements of those third parties.
5. STORAGE AND RETENTION OF PERSONAL DATA
5.1. We will take all the necessary steps to ensure that your data is treated securely and in accordance with this Privacy Notice. All the (personal) data you provide to us is stored on secured servers. Where we have given you a password that enables you to access certain parts of our website and/or your personal account, you are responsible for keeping your own password confidential.
5.2. The Personal Data that we collect from you will be transferred to and stored at a secure server administered by the Company or a service provider designated by the Company. Your Personal Data will be processed by staff who work for us and/or by staff who work for one of our suppliers.
5.3. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to and through our website and or your personal account (if applicable). Therefore, any transmission is done by you at your own risk. Once we have received your Personal Data, we will use strict procedures and security features to prevent any unauthorized access.
5.4. We will keep your Personal Data no longer than is necessary in accordance with the legal basis and purposes stated above and/or to meet legal and regulatory requirements.
6.1. We reserve the right to modify or amend this Privacy Notice at our discretion. Any changes can be viewed in the “Last Updated” field above, so please check the section regularly.
6.2. If we make any material changes, we will post the new Privacy Notice on the Website, with a new effective date.
6.3. If the User does not accept a new edition of the Privacy Notice, he/she must stop using our Website.