The Website is operated by The Staking Foundation, an exempted foundation company registered under the laws of the Cayman Islands and located at Cricket Square, Hutchins Drive, P.O. Box 2681, Grand Cayman KY1-1111, Cayman Islands (“Diva”, “us” or “we”).
This Privacy Notice explains how Diva collects, uses, shares and otherwise processes your Personal Data in accordance with applicable data privacy laws and regulations, which include the EU General Data Protection Regulation 2016/679 (“GDPR”) which is applicable as of 25 May 2018.
The purpose of this Privacy Notice is to inform you about the information we may gather about you, how we may use that information, whether we disclose it to anyone, and the choices you have regarding our use of the information we collect.
When using the term “Personal Data” in our Privacy Notice, we mean information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. From a general perspective, we base the processing of Personal Data that may be done in order for us to perform our contractual obligation(s) as the publisher of this Website (“Contractual Obligation(s)”) and to enable us to be compliant with any legal or statutory obligation(s) (“Legal Obligation(s)”).
We may also process Personal Data when we have assessed that such processing can be based on our legitimate interest(s) (“Legitimate Interest(s)”) and only when we assessed that your interests and fundamental rights do not override ours. For example, it may be of our Legitimate Interest to process certain Personal Data to continue to develop our business activities (quantitatively and qualitatively), and/or to improve our business performance etc.
Finally, please note that we may also need to process Data to respond to and to defend us against any legal claim that may arise.
We may collect and use your Personal Data, meaning any information that identifies or allows us to identify you, to the extent necessary in the framework of our activities.
We may collect various types of Personal Data about you, including:
Purpose of Processing
Responding to questions and requests
If you send a question or a request to us via our Website we process your personal data to respond to the question or request
Evaluate and follow-up the use of our Website
In order to evaluate and follow-up on the use of our Website, we process your personal data, e.g. in connection with collection of visitor statistics on our website.
Handle and defend legal claims
We process your personal data, to the extent it is necessary, to handle and defend legal claims, e.g. in case of a dispute or litigation.
Fulfill legal obligations
We process your personal data in order to fulfill legal obligations, e.g. bookkeeping and accounting requirements and obligations under data protection regulations.
Manage and protect IT systems and services
In order to manage and protect our IT systems and services, e.g. upon logging, troubleshooting, backup, change and problem management in systems and in connection with potential IT incidents, we process, to the extent necessary, your personal data.
Where necessary, we share your personal data with others. The recipient is the data controller for the processing of your personal data, unless we have stated otherwise.
In order to fulfill the purposes of the processing of your personal data, we share your personal data with service providers that we have engaged. These service providers provide services to us such as operation, technical support and maintenance of IT systems. The service providers may only process your personal data for these purposes and in accordance with our instructions and not for their own purposes. We are the data controller for the processing of personal data that the service providers carry out on our behalf, acting as data processors.
In certain cases we share, if necessary, your personal data with other recipients for certain purposes (e.g. to fulfill legal obligations and to handle and defend legal claims).
Public authoritiesWe share necessary personal data with public authorities if we are obligated under law to disclose the information.
External advisorsWe share necessary information with external advisors, e.g. audit firms, and law firms if we are obligated under law to share the information or in order to manage and defend legal claims.
Legal obligation and legitimate interest.
Courts, counterparties etc.In order to manage and defend legal claims we share personal data to other parties.
Law enforcement authorities, e.g. policeWe share personal data with law enforcement authorities, e.g. the police if we are obligated under law to disclose information
We collect your personal data directly from you or from other parties whom you have authorized such collection. We do not process special categories of personal data about you unless you voluntarily provide such data to us.
Personal Data of Children
If you are a resident of the US and you are under the age of 13, please do not submit any personal data through the website. If you have reason to believe that a child under the age of 13 has provided personal data to us through the Website, please contact us, and we will endeavor to delete that information from our databases.
If you are a resident of the European Economic Area and you are under the age of 16, please do not submit any personal data through the Website and the website. We do not collect or process Personal Information pertaining to a child, where a child under the GDPR is defined as an individual below the age of 16 years old.
Your Rights With Regard to the Personal Data Processing
In connection with the accessing, browsing of the website and using the Website, you shall be entitled to exercise certain rights laid down by the GDPR and outlined herein below, however exercise of some of those rights may not be possible in relation to the Website taking account of the Website’s nature, manner, form and other applicable circumstances. In some cases we may ask you to provide us additional evidence and information confirming your identity.
Right to Access: you may request all personal data being processed about you by sending the right to access request to us.
Right to Rectification: exercise of the given right directly depends on the data category concerned: if it concerns online identifiers obtained by us automatically, then their rectification isn’t possible, but such categories of personal data as email address may be rectified by sending us the respective request.
Right to Erasure (Right to be Forgotten): you can send us the request to delete the personal data we are currently processing about you.
Restriction of Processing: you shall be entitled to request restriction of processing from us if you contest the personal data accuracy or object to processing of the personal data for direct marketing.
Objection to Processing: under certain circumstances you may exercise this right with respect to the personal data we process about you.
Right to Data Portability: under certain circumstances you may exercise this right respect to the personal data we process about you. Please be aware the Website may not provide for the technical ability for us to to help you exercise this right.
Consent Withdrawal Right: you shall be entitled to withdraw consent to the processing of the personal data to which you provided your consent. In particular, you can change your cookie choices by using our cookie consent tool built in the website. You can exercise your right to withdraw consent by unsubscribing from our email newsletter.
Automated Decision-Making, Profiling: neither is being carried out by us as for now, your consent will be sought before carrying out any such activities.
You shall have the right to lodge a complaint with a competent data protection supervisory authority.
Personal Data Storage Period or Criteria for Such Storage
Your Personal data will be stored till:
they are necessary to grant you access to the Website;
your consent is no longer valid;
your personal data have been deleted following your data deletion request
we have received the court order or a lawful authority’s request mandating to permanently delete all the personal data we have obtained about you; or
In other circumstances prescribed by applicable laws.
In any event, we will not store your personal data for periods longer than it is necessary for the purposes of the processing.
Where we process personal data
You are informed that our Website is maintained through our service provider, Hetzner which uses databases located in Germany and Finland. You may access Hetzner’s private data policy here https://www.hetzner.com/legal/privacy-policy
Personal Data Recipients and Transfer of Personal Data
For the purposes of operating the Website, we may share your personal data with certain categories of recipients and under circumstances mentioned below:
providers, consultants, advisors, vendors and partners acting as data processors (meaning they process your personal data on our behalf and according to your instructions), which may supply hosting services, web analytics services, email marketing and automation services to run and operate the website, maintain, deliver and improve the Website. With all such parties we enter into data processing agreements required to be concluded by the applicable laws between controllers and processors to protect and secure the personal data by using appropriate technical and organizational measures;
only in strict compliance with the applicable provisions, we also may share the personal data with governmental authorities upon their decision, receipt of court orders mandating us to disclose the personal data. In any such case, we will strive to disclose only a portion of the personal data which is definitely required to be disclosed, while continuing to treat the rest of the data in confidence;
with any other third parties, if we have been explicitly requested to do so by you and as long as it doesn’t infringe the applicable laws.
Transfers to third countries, shall be made subject to appropriate safeguards, namely standard contractual clauses adopted by a supervisory authority and approved by the Commission. Copy of the foregoing appropriate safeguards may be obtained by you upon a prior written request sent. We may instruct you on further steps to be taken with a purpose of obtaining such a copy, including your obligation to assume confidentiality commitments in connection with being disclosed Diva’s proprietary and personal information of third parties as well as terms of their relationships with us.
Keep in mind that the use of services based on public blockchains intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of personal data, in particular when blockchain data is combined with other data. Because blockchains are decentralized or third-party networks which are not controlled or operated by us, we are not able to erase, modify, or alter personal data from such networks.
Security of Processing
We take information security very seriously. We work hard to protect the personal data you give us from loss, misuse, or unauthorized access. We utilize a variety of safeguards to protect the personal data submitted to us, both during transmission and once it is received.
Contacts and Requests; Changes to the Privacy Notice
Please send all your requests and queries in connection with your rights and freedoms relating to the personal data protection and processing conducted by us as part of providing the website to: email@example.com