If you are under the age of majority where you reside, you may use our Services only with the consent of or under the supervision of your parent or legal guardian. Consistent with the requirements of the Childrens Online Privacy Protection Act (COPPA), if we learn that we have received any Personal Information directly from a child under age 13 without first receiving their parents verified consent, we will use that Personal Information only to respond directly to that child (or their parent or legal guardian) to inform them that they cannot use our Services and we will delete that Personal Information.
Information Instadapp Collects
We collect different kinds of Personal Information and describe each category below.
Information You Provide to Us: We receive and store Personal Information you knowingly provide to us. For example, this includes information you provide when you import your Wallet and use it with our Services, such as information regarding your transactional history on the Ethereum network, or information you provide each time you make a transfer of Virtual Currency. It also includes (i) contact information you elect to provide to us such as your email address, (ii) feedback and correspondence, such as information you provide when you report a problem with our Services or otherwise correspond with us, and (iii) marketing information, such as your preferences for receiving marketing communications like our newsletter and details about how you engage with them.
However, other than the information required to associate your Wallet with our Services, you are not required to provide any other Personal Information to use the core features of our Services. But understand that you may be required to provide additional Personal Information to access certain features or offerings.
You should also understand that, unless you use certain privacy preserving tools, your entire transactional history conducted from your Wallet is publicly available on the Ethereum network by default to us and any other network participants.
Information Collected Automatically: Whenever you interact with certain parts of our Services such as our landing page or blog, we automatically receive and record information on our server logs from your browser or device, which may include your IP address, geolocation data, device identification, “cookie” information, the type of browser and/or device you’re using to access our Services, and the page or feature you requested.
We typically collect this information through a variety of tracking technologies, including cookies, embedded scripts, web beacons, file information and similar technology (collectively, “tracking technologies”). “Cookies” are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in our Site are visited and by how many people. You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features.
We do not automatically collect Personal Information when you conduct transactions on the Ethereum network using our Services, and we do not use any automatic tracking technologies in these parts of our Services unless you explicitly agree.
Do Not Track Policy: Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Do Not Track signals are set on a browser-by-browser basis, so you must set them on every browser you use if you do not wish to be tracked.
Information we will never collect: We will never ask you to share your private keys to your Wallet or other security information that could be used to access your Wallet without your explicit consent and action. Never trust anyone or any site that asks you to enter your private keys or similar security information.
How Instadapp Uses Personal Information
We use Personal Information to provide our Services, communicate with our users, optimize our technology, and improve our users’ experiences.
Namely, we use the Personal Information we collect to:
- Administer our Services, enable you to use its features, and improve your overall user experience;
- Send information including confirmations, technical notices, updates, security alerts, and support and administrative messages;
- Respond to comments and questions and provide customer service;
- Analyze how users use the Services to help us optimize the Services and know if there are problems with the Services;
- Protect investigate, and deter against fraudulent, unauthorized, or illegal activity; and
- With your consent, to link or combine user information with other Personal Information.
Except as prohibited by law, we may use aggregated data that may be in part derived from or that may incorporate Personal Information after you update or delete it, but we will never do so in a way that would identify you personally.
How Instadapp Shares Personal Information
We may share your Personal Information with third parties in certain instances:
- With your Consent: We may share Personal Information with your explicit consent.
- To our Affiliates: In certain situations, businesses or third-party websites we’re affiliated with may sell or provide products or services to you through or in connection with our Services (either alone or jointly with us). You can recognize when an affiliated business is associated with such a transaction or service, and we will share your Personal Information with that affiliated business only to the extent that it is related to such transaction or service.
We have no control over the policies and practices of third-party websites or businesses as to privacy or anything else, so if you choose to take part in any transaction or service relating to an affiliated website or business, please review all of these business’ or websites’ policies.
- To our Agents: We employ other companies and people to perform tasks on our behalf and may need to share your Personal Information with them to provide products or services to you or to us. Unless we tell you differently, our agents do not have any right to use the Personal Information we share with them beyond what is necessary to assist us in providing the Services.
- In certain Business Transfers: We may buy or sell assets and may need to share and/or transfer information that may include Personal Information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired by another business, we go out of business, or experience some other change of control, Personal Information could be one of the assets acquired by a third party.
- Third Party Services: We use Google Analytics in connection with certain of our Services to grow our business, to improve and develop our Services, and to monitor and analyze use of our Services. Google Analytics may collect and retain some Personal Information about you, such as the IP address assigned to you on the date you use the Services, but not your name or other information that would identify you as an individual without additional information. We may combine the information generated through the use of these services with Personal Information we may have, but never in a way that will identify you to any other user or third party.
- Protection of Instadapp and Others: We reserve the right to access, read, preserve, and disclose any information that we believe is necessary to comply with law or court order, enforce or apply our Terms of Service and other agreements with you, or protect the rights, property, or safety of Instadapp, our employees, our users, or others.
When we share Personal Information, we will not share such Personal Information in a manner that can be used to identify you individually unless otherwise explicitly agreed by you or instructed by you.
How Instadapp Secures Personal Information
We always aim to ensure the privacy of the Personal Information we may collect using appropriate technical and organizational measures based on the type of Personal Information and how it is used. Where possible, we refrain from collecting Personal Information. For example, we do not collect private key data associated with your Wallet.
We also secure Personal Information you provide in a controlled, secure environment and protect it from unauthorized access. We regularly audit our system and code for security vulnerabilities. We further protect the security of your information during transmission by using Transport Layer Security (TSL/SSL), which encrypts all information that you input.
Unfortunately, we cannot guarantee complete security. The safety and security of your Personal Information also depends on you. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time. Your Wallet is protected by your password, private key, and/or seed phrase, and we urge you to take steps to keep this and other Personal Information safe by not disclosing your security credentials or leaving your Wallet unsecured.
Regardless, measures we take or that you take will not guarantee that your Personal Information will not be accessed, disclosed, altered or destroyed by breach of these security measures. By using our Services, you acknowledge that you understand and agree to assume these risks.
WE DO NOT AND WILL NEVER STORE YOUR WALLET PASSWORD, PRIVATE KEY, OR SEED PHRASE TO YOUR WALLET. IF YOU LOSE ACCESS TO YOUR PRIVATE KEY, PASSWORD AND/OR SEED PHRASE, WE WILL BE UNABLE TO HELP YOU ACCESS YOUR WALLET.
If you are a resident of the European Economic Area (“EEA”) or Switzerland, you may have additional rights under the General Data Protection Regulation (the “GDPR”) and other applicable law with respect to your Personal Data, as outlined below.
When we talk about these additional GDPR rights, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but generally, “Personal Data” means information that can be used to individually identify a person, and “processing” covers actions that can be performed in connection with data such as collection, use, storage and disclosure.
When you use our Services, we are the controller of your Personal Data that is processed as further defined in the GDPR.
Personal Data Instadapp Collects
How We Use and Process Personal Data
We process Personal Data to operate, improve, understand and personalize our Services. You can read more under “How Instadapp Uses Information” for more information on how we use your Personal Data.
We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.
- Contractual Necessity: We process certain Personal Data as a matter of “contractual necessity,” meaning that we need to process the data to perform under our Terms of Service with you, which enables us to provide you with the Services. When we process Personal Data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.
- Legitimate Interest: We may also process your Personal Data where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. In assessing whether there is a legitimate interest, we consider and balance potential impacts on you (both positive and negative) and your rights before we process your Personal Data. We will not process your Personal Data for activities where our interests are overridden by any adverse impact on you (unless we have your consent or are otherwise required or permitted to by law). Examples of these legitimate interests include, operation and improvement of our Services, provision of customer support, protection from fraud or security threats, or completion of corporate transactions.
- Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be indicated to you at the point and time we collect that Personal Data.
- Other Processing Grounds: We may also occasionally need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
How We Share Your Personal Data
Please see “How Instadapp Shares Personal Information” above for more information on how we share Personal Data.
How Long We Retain Personal Data
We retain Personal Data about you for as long as necessary to provide you Services. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or if otherwise permitted or required by applicable law, rule or regulation. Afterwards, we may retain some information in a depersonalized or aggregated form, but not in a way that can identify you personally.
Security Measures for Personal Data
Please see “How Instadapp Secures Personal Information” for more information about the security measures we use to protect your Personal Data.
GDPR Rights for Personal Data
You may have certain rights with respect to your Personal Data as we’ll describe below. For more information about these rights, or to submit a request, please email [email protected].
Please note that in some circumstances, we may not be able to or choose not to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary, to verify your identity and the nature of your request.
Your GDPR rights include:
- Right to Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by visiting your user dashboard in some of our Services.
- Right to Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can correct some of this information directly by editing them on your user dashboard in some of our Services.
- Right to Erasure: You can request that we erase some or all your Personal Data from our systems. But, keep in mind that this will not erase any Personal Data you have submitted to the Ethereum network (or have requested we submit on your behalf), and you are acknowledging and agreeing that we are not responsible for deleting or assisting you in deleting information on the Ethereum network.
- Right to Withdraw Consent: If we are processing your Personal Data based on your consent, you have the right to withdraw your consent at any time. Please note that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
- Right to Data Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller if technically feasible.
- Right of Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes.
- Right to Restrict Processing: You can ask us to restrict further processing of your Personal Data.
- Right to File Complaint: You have the right to lodge a complaint about our privacy practices with respect to your Personal Data with the supervisory authority of your country or European Union Member State.
Transfers of Personal Data
Questions about Personal Data
If you have any questions about this section or our data practices generally, please contact us using the following information:
- Designated Representative Name: Sowmay Jain
- Physical address: 16192 Coastal Hwy, Lewes DE, 19958
- Email address for contact: [email protected]
If you are a California resident, California law may provide you with additional rights regarding our use of your Personal Information. To learn more about your California privacy rights, visit our California Consumer Privacy Act Notice located here.
What if I have questions about this policy?
If you have any questions or concerns regarding our privacy policies, please send us a detailed message to [email protected] and we will try to resolve your concerns.