WHO WE ARE
USEFUL TO KNOW
Being a data controller means we decide what personal
data to collect and what it is used for.
|
|
-
Gridlock, Inc. is the data controller
of the personal data collected and used as set out in this privacy
policy.
-
Our registered office is 11309 Coffeen Avenue STE 1200
Sheridan, Wyoming, 82801, USA
|
WHAT WE DO
USEFUL TO KNOW
Unless explicitly chosen, neither Gridlock nor
Guardians have access to the entire private key - only a fraction of the
key.
|
|
- We store different types of cryptocurrency in
our application (known as a wallet or
vault).
- Individuals require a private key to access
their cryptocurrency (regardless of whether it is held personally or in a Gridlock
vault).
- If the private key is forgotten or the owner
gets locked out - there is no other way of accessing the cryptocurrency.
-
Gridlock provides a solution to this problem by allowing its users to nominate guardians
to act as verifiers for a fraction of the private key.
-
If the user ever gets locked out, a subset of guardians can verify them as the owner of
the private key
, so they can regain access.
|
WHAT PERSONAL DATA WE COLLECT
USEFUL TO KNOW
Personal data is any information that can (or could
be used to) identify a living person.
|
USEFUL TO KNOW
We sometimes aggregate the personal data we collect to identify
trends. We always make certain aggregated
information
is anonymized so that it is no longer possible to identify the
individuals to which it relates.
|
|
Purpose
|
Personal data
|
For account set up and authentication
|
- user email address
- user provided name and
nickname
- user phone number (for
two-factor authentication)
- guardian email addresses
(i.e., the friends/family you invite to assist with account
creation)
- guardian response (e.g.,
accept, decline, or no response) guardian provided name and
nickname
- login credentials
|
Account usage information
|
- sending and receiving
cryptocurrency addresses
- user vault
information
- stored currencies and
amounts
|
Information collected automatically (via cookies and
similar technologies)
|
- IP address and other general
session information for all devices
- device location for all
connected devices (obtained from IP address or session data)
- device type, screen size,
and other related device information for all devices (mobile and
computer)
|
|
MARKETING
|
Where you have indicated you would like to receive marketing emails from Gridlock, we use
SendGrid to deliver and monitor those emails. Their digital tools let us see whether a
recipient has clicked any of
the links in our email, which helps us understand what content that individual might find
interesting and personalize the content of future emails.
Pixels (which are a similar technology to cookies) within those
emails enable us to see:
- if the email was opened
- where the device opening the email was
located (based on the device’s IP address)
- the type of email client (e.g., Outlook)
used
- if the email (or its content) was shared on
social media
- if the email was flagged as spam
|
WHO DO WE SHARE YOUR PERSONAL DATA WITH
USEFUL TO KNOW
We only transfer information outside of the US where
we have a recognized legal mechanism in place.
|
USEFUL TO KNOW
If we are asked to comply with a request or legal order to disclose personal
data to a third party, we check to ensure it is a valid request and seek
legal advice to understand our obligations
before responding to the request.
|
|
OUR PERSONNEL
Gridlock employees or other works
bound by contracts containing confidentiality and data protection
obligations.
GUARDIANS
Individuals that a user has nominated as their private key
guardian
OUR SUPPLY CHAIN
Other organisations we engage to help us provide our services,
website, and application
- hosting and server providers:
- website and application support and
maintenance:
- website and application usage analysis:
We ensure these organizations only have access to the information required to provide the
support we use them for and are bound by contracts containing confidentiality and data
protection obligations.
OTHERS
- our professional advisers (such as our
accountants or legal advisors)
- regulatory authorities (such as national tax
authorities)
any actual or potential buyer of our business
|
LAWFUL BASIS
USEFUL TO KNOW
Lawful bases are permitted reasons for which an
organization can use personal data.
|
|
We have identified relevant lawful bases for our use of your personal
data. We primarily rely on:
-
Performance of a contract – where the
use of personal data is necessary for us to administer your account and provide our
services.
-
Legitimate interests
– to promote and improve our services, to record where a guardian has
declined or not responded to a request, to protect our application and website, to
defend legal claims, to gain insight
into how our services are used
-
Legal obligation – in meeting our legal
obligations under financial, data protection and employment laws (among others)
- Consent –
where you subscribe to our mailing lists, to use non-essential cookies
|
HOW LONG DO WE KEEP YOUR PERSONAL DATA
|
USERS AND GUARDIANS
- We retain the personal data held in your
account for as long as the account is active, plus 6 years once deactivated.
-
Where you later change your mind and no longer wish to be a guardian, we
retain your personal data for one year.
-
Where you receive a request to become a guardian but do not respond within
6 months or decline to become a guardian, we retain your personal data for one year
after the date the user made the request.
E-NEWSLETTER SUBSCRIBERS
We retain your personal data until you unsubscribe
WEBSITE VISITORS
We use cookies on our website. The longest duration of our cookies is
one year.
|
YOUR RIGHTS
|
You have specific rights in relation to your personal data:
- The right of access
(obtaining a copy of your data)
- The right to rectification (correcting your data)
- The right to erasure
(deleting your data)
- The right to restrict processing (to stop use of your data
for a time limited period)
- The right to data portability (to move your data to another
organisation)
- The right to object
(to object to our use of your data)
If you wish to make a request in relation to any of these rights, please
contact us as:
dataprotection@gridlock.network.
|
INFORMATION SECURITY
|
We have information security measures in place to reduce the risk of
unauthorized access to, misuse or loss of personal data. These
include:
- Appropriate access controls and user
authentication, including multi factor authentication
- Staff policies and training
- Incident and breach processes
- Appropriate internal IT and network security
- Business continuity processes
- Contracts with our suppliers covering data
protection and information security
- Regular testing and review of our security
measures
|
COOKIES AND SIMILAR TECHNOLOGIES
USEFUL TO KNOW
Cookies and similar technologies (e.g. beacons and pixels) are small text
files that are downloaded to your device when you access a website. They
contain unique references which are used to
distinguish you from other visitors on the site.
|
|
SET BY
|
COOKIE
|
WHAT IT DOES
|
Google LLC
|
|
Identifies trusted web traffic
|
|
|
|
|
Identifies and remembers website visitors, how they
arrived at our website, which pages they
viewed and how long they stayed
on
|
|
QUESTIONS OR COMPLAINTS
|
In the first instance, we hope we can resolve any queries or concerns you have
in an informal way, you can contact us by email at
dataprotection@gridlock.network , or by post to:
Gridlock, Inc.
Data Protection
1309 Coffeen Avenue STE 1200
Sheridan, Wyoming 82801
United States
|