Privacy Policy

Last Updated: 25 September 2024

Flayer Protocol, a British Virgin Islands company (including all affiliates and subsidiaries, collectively referred to as, “Flayer” “we,” “us,” or “our”), currently provides a means to use the “Migration Application” – an online, decentralized and autonomous tool that displays information and autonomous smart contract mechanisms of digital tokens and assets and provides the user-interface that facilitates your access to the Migration Application through the website located at https://www.flayer.io/ (opens in a new tab), https://www.migration.flayer.io/ (opens in a new tab), and each additional website published by Flayer from time to time (the “Website”).

This privacy policy (“Privacy Policy”) applies to all Personal Data (defined below) collected through the Website as well as marketing campaigns, product feedback forms, surveys, events, and sales. We collect and use your Personal Data in accordance with this Privacy Policy and in compliance with applicable data protection legislation, including but not limited to the British Virgin Islands Data Protection Act, 2021, EU General Data Protection Regulation ((EU) 2016/679) (“GDPR“), EU Privacy and Electronic Communications Directive (2002/58/EC), and the California Consumer Privacy Act (Cal. Civ. Code § 1798.100 et seq.).

Personal Data

“Personal Data” or “Personal Information” refers to any personally identifiable information that can be used to identify or contact you, which may include, but is not limited to:

• Name
• Date of birth
• Email
• Phone number
• Mailing address
• IP address
• Wallet ID and associated metadata
• Usage data

Information Obtained

When you visit the Website, we and Flayer’s service providers may obtain or request information about you, your computer or mobile device, and your interaction over time with the Website, as described below.

Personal information that is automatically collected

When you visit the Website, we and Flayer’s service providers may automatically log information about you, your computer or mobile device, and your interaction over time with the Website, our communications and other online services, such as:

• Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 5G), and general location information such as city, state or geographic area when you access the Website.
• Online activity data, such as pages or screens you viewed on the Website, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them.

Personal information that we obtain from third parties

When you visit the Website, we may obtain information from the following sources:

• Cryptocurrency wallets. Where the use of a cryptocurrency wallet is used to access the Website, we may obtain information from the wallet related to your wallet address and transactions.
• Other sources. We may obtain your personal information from other third parties, such as marketing partners, publicly available sources and data providers.

Blockchain transaction data

The nature of a public blockchain means that certain information is publicly available, including but not limited to: your wallet address; the address of a sender initiating a transaction; the address of a recipient; the maximum amount of gas fees that the sender is willing to allocate for executing the transaction; the price the sender is willing to pay per unit of gas; the nonce (a sequential number issued by the sender’s address); the cryptographic signature generated using the sender’s private key; the IP address from the requester (visible only to remote procedure call nodes); and any additional data needed for the transaction, such as invoking functions in a smart contract or providing arguments for those functions. When you authorize (i.e., use a crypto wallet to “sign”) a blockchain transaction through any of the Website, you are authorizing us to collect and use all information associated with that transaction which we will do in accordance with this Privacy Policy. Note that we are not able to control whether or how third parties use information that is stored on the blockchain, and we expressly disclaim responsibility for any such activities by third parties.

Automatic Data Collection

We use a variety of techniques to automatically collect information through the Website, including:

• Local storage technologies, like HTML5, provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.

Use of Personal Information

To operate the Website. We use your Personal Information to: provide, operate, maintain, secure and improve the Website. We use this information to perform our obligations to you or when it is in our legitimate business interests to do so.

For research and development. It is in our legitimate business interests to use your Personal Information to analyze and improve the Website and to develop new products and services, including by studying use of the Website.

For compliance, fraud prevention, and safety. We use your Personal Information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities. We use your Personal Information to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Website; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. In these circumstances, we will process your Personal Information to either comply with a legal obligation or when it is in our legitimate business interests. Furthermore, the IP addresses may be evaluated, together with other data, in case of attacks on the network infrastructure or other unauthorized use or misuse of the Website, for the purpose of intelligence and protection, and if appropriate, used in criminal proceedings for identification and civil and criminal proceedings against the relevant users. This is our legitimate interest in the processing of data in the sense of Art. 6 Par. 1 lit. f GDPR.

To create anonymous data. It is in our legitimate business interests to create anonymous data from Personal Information collected by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Website and promote our business.

Sharing of Personal Information

With the exception of the provider(s) of the Website, we do not make your Personal Data available to third parties unless you have expressly consented to it, if we are legally obligated to, or if this is necessary to enforce our rights concerning a contractual relationship. This is our legitimate interest in the processing of data in the sense of Art. 6 Par. 1 lit. f GDPR.

• Service providers. We may share your Personal Information with third party companies and individuals that provide services on our behalf or help us operate the Website (such as customer support, hosting, data processors, analytics, email delivery, marketing, identity verification, and database management services).
• Web3 projects and collaborators. We may share your Personal Information with web3 projects and collaborators as necessary to provide the Website.
• Professional advisors. We may disclose your Personal Information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
• For compliance, fraud prevention and safety. We may share your Personal information for compliance, fraud prevention, and safety purposes described above.
• Business transfers. We may sell, transfer or otherwise share some or all our business or assets, including your Personal Information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

Your Rights and Choices

Data protection rights. Depending on where you live, you may have the following rights, as provided under applicable law and subject to any limitations in such law:

• To access the Personal information we hold about you (including, if applicable, to receive it in a structured and commonly used machine-readable format);
• To request we correct any inaccurate Personal Data we hold about you;
• To request we delete any Personal Information we hold about you;
• To restrict the processing of Personal Data we hold about you;
• To object to the processing of Personal Information we hold about you; and/or
• To withdraw your consent to the processing of Personal Data we hold about you, when we have relied on consent as the legal basis to process your Personal Information.

Please note that, prior to any response to the exercise of such rights, we may require you to verify your identity. In addition, we may have valid legal reasons to refuse your request and will inform you if that is the case. For more information on your rights, please contact us using the details in the “How to contact us” section below.

Please note that part of the Website incorporates blockchain technology. A blockchain is a shared and synchronized digital database that is stored on multiple nodes (computers that store a local version of the database). As, by design, data on a blockchain cannot be changed or deleted, your ability to exercise your data protection rights such as your right to erasure, or your rights to object or restrict processing with respect to on-chain Personal Data may be affected.

International Data Transfers

By using the Website, you understand and acknowledge that we may transfer your Personal Information to service providers or other third parties who are located in countries which may not provide the same protections as the data protection laws where you are based. This includes service providers of the Website and e-commerce providers such as payment solution providers to assist us in the processing of your online payments. When we transfer your Personal Data to third parties abroad for the purposes of the data processing described in this Privacy Policy, unless we can rely on a derogation provided under data protection law, we will ensure that relevant safeguards are in place to afford adequate protection for your Personal Information and we will comply with applicable data protection laws, in particular if you reside in (i) the Cayman Islands, UK or the EEA by relying on a UK government adequacy regulation or adequacy decision by the European Commission, (ii) the United States, by relying the the California Consumer Privacy Act, or (iii) other jurisdictions, by relying on contractual protections for the transfer of your Personal Information. For more information about how we transfer Personal Data internationally, please contact us as set out in the “How to contact us” section below.

The California Consumer Privacy Act or “CCPA” (Cal. Civ. Code § 1798.100 et seq.) affords consumers residing in California certain rights with respect to their personal information. If you are a California resident, this section applies to you.

Notice to California Residents

California Civil Code Section 1798.83 permits individual California residents to request certain information regarding our disclosure of certain categories of personal information to third parties for those third parties’ direct marketing purposes. To make such a request, please contact us using the information in the “How to Contact Us” section below. This request may be made no more than once per calendar year.

If you are a California resident, you have certain additional rights with respect to your personal information pursuant to the CCPA. We are required to inform you of:

• What categories of information we may collect about you, including during the preceding 12 months: See the section above “Information Obtained”.
• The purposes for which we may use your personal information, including during the preceding 12 months: See the section above “Use of Personal Information”.
• The purposes for which we may share your personal information, including during the preceding 12 months: See the section above “Sharing of Personal Information”. In addition, we may share the following categories of information with the following parties:
  • Identity information: Service providers such as KYC service providers.
  • Contact information: Marketing partners and event partners.
  • Financial information: Service providers such as payment service providers and logistics providers.
• In the preceding 12 months, we have not sold any personal information of consumers.

You have the right to request to know: (i) the categories of personal information we have collected about you in the last 12 months; (ii) the specific pieces of personal information we have about you; (iii) the categories of sources from which that personal information was collected; (iv) the categories of your personal information that we sold or disclosed in the last 12 months; (v) the categories of third parties to whom your personal information was sold or disclosed in the last 12 months; and (vi) the purpose for collecting and selling your personal information. These rights are subject to limitations as described in the CCPA. We may deny your request if we need to do so to comply with our legal rights or obligations.

We will not discriminate against any consumer for exercising their CCPA rights.

You may exercise these rights yourself or you may designate an authorized agent to make these requests on your behalf. To protect your information, we may need to verify your identity before processing your request, including by collecting additional information to verify your identity, such as government issued identification documents. We will not fulfill your request unless you have provided sufficient information for us to reasonably verify you are the individual about whom we collected personal information. We will only use the personal information provided in the verification process to verify your identity or authority to make a request and to track and document request responses, unless you initially provided the information for another purpose. When we verify your agent’s request, we may verify your identity and request a signed document from your agent that authorizes your agent to make the request on your behalf. To protect your personal information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorized by you to act on their behalf.

If you would like to exercise any of these rights, please contact us at the email in the “How to Contact Us” section below.

Other Sites, Applications and Services

The Website may contain links to other websites, mobile applications, blockchain protocols, blockchain applications, blockchain exchanges and other online and blockchain services (collectively, “Third Party Resources”) operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included in Third Party Resources that are not associated with us. We do not control Third Party Resources, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your Personal Information. We encourage you to read the privacy policies of the Third-Party Resources you use.

Security Practices

We take precautions to protect your stored Personal Data against manipulation, partial or complete loss, and unauthorized access by third parties of Personal Information we maintain. Unfortunately, data transmission over the internet (including via blockchain) cannot be guaranteed as completely secure. Please note that any data transmission on the internet (including through blockchains) is generally not secure or may be accessed by third parties, and we accept no liability for data transmitted to us via the internet or through a blockchain.

Children

The Website is not intended for use by children under 13 years of age. If we learn that we have collected Personal Information through the Website from a child under 13 without the consent of the child’s parent or guardian as required by law, we will delete it.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Website. We may also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Website.

Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on the Website (or as otherwise indicated at the time of posting).

Complaints

If you have a concern about our privacy practices, including the way we handle your Personal Information, please contact us at: [email protected]. We will endeavor to respond to your complaint as soon as possible. You can also report it to your local data protection authority that is authorized to hear those concerns. Contact details for certain data protection authorities can be found using the links below:

• For individuals in the EEA: https://edpb.europa.eu/about-edpb/board/members_en (opens in a new tab)
• For individuals in the British Virgin Islands: https://bvi.gov.vg/content/confidentiality-and-data-protection (opens in a new tab)
• For individuals in the UK: https://ico.org.uk/global/contact-us/ (opens in a new tab)
• For individuals in Switzerland: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html (opens in a new tab)
• For individuals in California: https://cppa.ca.gov/about_us/contact.html (opens in a new tab)

How to Contact Us

Flayer is the entity responsible for the processing of your Personal Information in connection with the Website and is the data controller in respect of such processing. If you have any questions or comments about this Privacy Policy, our privacy practices, or if you would like to exercise your rights with respect to your Personal Information, please contact us by email at: [email protected].