Date of Last Update: June 23, 2023.
As used herein:
“personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
“controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by European Union or Member State law;
“processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;“consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Why do we process your data?
We collect, process, and use personal data on our Website in order to offer you better products and services, adapt our business processes to our users’ needs, and steer you to the most suitable product information and online applications.
In particular, we process data in order to:
- provide our services efficiently and effectively;
- develop, enhance, market and deliver products and services to you;
- find bugs;
- understand your needs and your eligibility for products and services; and
- conduct surveys.
Moreover, we may directly or indirectly collect and temporarily store personally identifiable information for operational purposes, including for the purpose of identifying blockchain addresses or IP addresses that may indicate use of the Website from prohibited jurisdictions or by sanctioned persons or other prohibited uses.
Which personal data do we process?
When using the Website, we usually only collect the personal data that your browser transmits to our server. When you view our Website, we collect the following data:
- IP address;
- Browser type (e.g. Google Chrome, Firefox);
- Device resolution;
- Type of device;
- Device name (e.g. iPhone 12 Pro Max);
- Device brand;
- Operating system and version (e.g. Windows 10);
- Returning visitor or not;
- The origin point of traffic (Direct link or search engine);
- Geographic location.
To conduct data analysis aiming at improving the user experience of our Website, from time to time, we may additionally process the following data:
- Number of visits;
- Time spent on our website;
- Entry and exit pages (e.g. visited home exited via the contact page);
- Search engine keywords;
- Downloads (if anyone saves an image from our website);
- Content Copy (anyone who copies content from our website by dragging their mouse and highlighting text);
- Engagement and Transitions (user flow);
- Websites that direct to our website (which website directed to us);
- Traffic from a social network;
- Heatmaps of where a user clicks on our website;
- Data on how fast or slow a person scrolls on our website;
- Website load times and other performance metrics.
Retention of Personal Data
Security, Protection and Use of Personal Data
Naavik implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
- the pseudonymization and encryption of personal data;
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
- a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
The security measures in place will, from time to time, be reviewed in line with legal and technical developments.
Recipients of Personal Data
Data Subjects’ Rights
The user has the right to obtain confirmation as to whether or not personal data concerning him or her are being collected, processed, used, or disclosed. Where that is the case, the user has the right to access the personal data and all relevant information, as well as to request deletion of the personal data. Furthermore, users have the right not to receive discriminatory treatment for exercising these rights.
Additional information for users located in the European Economic Area and in the United Kingdom
B. Lawful Basis for the Processing of Personal Data
The GDPR requires a “lawful basis” for processing personal data. In principle, our lawful basis is established by Art. 6(1)(b) GDPR as the processing is necessary for accessing the services of the Website. Moreover, pursuant to Art. 6(1)(f), the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, in matters related to crimes and legal compliance and in order to ameliorate the efficiency and the user experience of the Website. Where you have given your specific consent, according to Art. 6(1)(a) GDPR, we may also use your data for specific purposes that will be outlined from time to time.
C. Data Subjects’ Rights
According to the GDPR, the user has also the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her (Art. 16 GDPR); the right to obtain the erasure of personal data concerning him or her without undue delay in one of the situations outlined in Art. 17 GDPR; the right to obtain from the controller restriction of processing in accordance with Art. 18 GDPR; the right to data portability in accordance with Art. 20 GDPR.
The user has further the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (Art. 21 GDPR).
Please consider that data committed to blockchains cannot be altered or eliminated. If you want to know more about the potential application of GDPR provisions to public blockchains and distributed ledgers please consult the study commissioned by the European Parliament.
In the event that you wish to exercise any of your above rights, please contact [email protected].
What are cookies?
Cookies installed on your device by the organization running the website you are visiting (i.e., Naavik) are known as “first party” cookies.
Cookies installed on your device via the website you are visiting by another organization are termed “third party” cookies. An example is a cookie set by a specialist website analytics company that provides the website owner with data on the numbers of people visiting its website (Cookies for range and usage analysis).
So-called “persistent cookies” remain on your device even after you close your internet browser. They are activated each time you visit the website that created that particular cookie. For example, where a “persistent cookie” is used on a website to remember your login details, you will not need to enter those details each time you visit that website.
“Session cookies”, by contrast, are temporary and are typically used to enable the website to operate, e.g. by permitting a user to move from page to page without having to log in again. Once you close your browser, all session cookies are deleted.
Moreover, “performance cookies” allow us to count visits and traffic sources so we can measure and improve the performance of our Website. They help us to know which pages are the most and least popular and see how visitors move around the Website. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
What cookies do we use?
Moreover, for statistical and research purposes, with the goal of improving our services, Naavik may from time to time make use third party performance cookies (including cookies for range and usage analysis) of the following service providers:
- Google Analytics measures advertising ROI as well as tracks user actions across web applications: https://policies.google.com/privacy
- Google Optimize AB testing; Optimize monitors the results of your experiment and tells you which variant is the leader: https://policies.google.com/privacy
How to control cookies
Some cookies allow you to take full advantage of the functionality of our website. In order to offer certain functionalities, certain technically necessary cookies can be used to display these functionalities correctly. Therefore, you cannot reject the use of these cookies.
Be also aware that you can set your web browser to disable cookies. Please note that most browsers offer different ways to protect your privacy. If you do not activate or deactivate certain cookies via the browser settings, it is possible that certain functionalities will not be available to you as expected. For example, you can allow first-party cookies, but block third-party cookies, or receive a notification each time a website wants to install a cookie.
Please note that if you disable cookies in this way, you will not be able to set new cookies. However, it will not prevent previously set cookies from continuing to work on your device until you clear all cookies in your browser settings. Instructions for managing cookies on your browser can usually be found under the browser’s help function or in the operating instructions for your smartphone.
If you feel that the above is not sufficient or if you have any questions regarding the collection, processing or use of your information, please contact us at [email protected].