Bracket Labs Group, SA. (the “Company,” “we,” “us,” or “our”) has created this privacy policy (this “Privacy Policy”) because we know that you care about how information you provide to us is used and shared. This Privacy Policy describes the information collection and use practices of the Company in connection with the Bracket Products (including our website, our software-as-a-service platform that integrates with digital wallet providers, decentralized applications, and/or centralized and decentralized exchanges known as “Bracket”, and (iii) our stand-alone application known as “BracketX”) and our related Services.
Please note that the Company does not offer the Bracket Products or Services to persons or entities (i) who reside in, are located in, are citizens of, or incorporated in or have a registered office in the United States of America (“US Persons”), Panama, Iran, UK, Canada, North Korea, Cuba, Syria, Myanmar (Burma), Crimea, Donetsk, Luhansk, or any country or territory subject to country-wide or region-wide economic sanctions by the US “Restricted Territories”, and/or (ii) on lists maintained by US Office of Foreign Assets Control (OFAC) or US Dept. of Treasury (collectively, “Restricted Users”).
By accessing and/or using the Bracket Products or Services, you are agreeing to the terms of this Privacy Policy and the accompanying Terms of Service (collectively, the “Agreement”) and you represent and warrant that you are not a Restricted User.
Capitalized terms not defined in this Privacy Policy shall have the meaning set forth in our Terms of Service.
I. The Information We Collect and/or Receive
In the course of operating the Bracket Products, providing our Services and/or interacting with you, we will collect (and/or receive) the following types of information.
1. Contact Information
When you sign up to receive alerts including but not limited to, orders completed and claims made, you will be asked to provide certain information which may include your email address (collectively, the “Contact Information”).
2. Other Information
In addition to the Contact Information, we may collect or receive the following additional information (“Other Information”):
- From Your Activity. In an ongoing effort to improve the Bracket Products and the Services, we automatically collect certain information when you visit the Bracket Products, and/or access and/or use our Services. This information includes but shall not limited to, IP addresses, browser type and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, what sections of the Bracket Products you visit, and similar information concerning your use of the Bracket Products and Services (“Activity Information”).
- From Cookies. We also collect Activity Information by using “cookie” technology. Cookies are small packets of data that a website stores on the hard drive of your computer or mobile device to “remember” information about your visit. We may use session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer/device until you delete them). If you do not want us to place a cookie on your hard drive, you may be able to turn that feature off on your computer or mobile device. Please consult your Internet browser’s documentation for information on how to do this and how to delete persistent cookies. However, if you decide not to accept cookies from us, the Bracket Products and Services may not function properly.
3. Public Information Observed from Blockchain
We may collect information from your activity that is publicly visible and/or accessible on blockchains (“Blockchain Activity Information”). This may include blockchain address and information including but not limited to, the transactions you conduct and we may combine and/or associate this information with the other information we have about you.
4. Information Collected from Third Party Companies
We may receive personal information and other information about you from third party companies that provide wallet scanning services (“Third Party Information”). Such third party companies may provide us with your Wallet address and certain other information you choose to share with them. We will combine this Third Party Information with the other information we collect about you and from you pursuant to this Privacy Policy.
II. How We Use and Share Your Information
You authorize us to use the Contact Information, Blockchain Activity Information, Third Party Information, and Other Information (collectively, the "Information") to provide our Bracket Products and Services to you, solicit your feedback, inform you about our products and services and those of our third-party marketing partners, and to improve our products and services.
Also, we may use and share the Information as described below.
- Agents, Providers and Related Third Parties. We may engage other companies and individuals to perform certain business-related functions on our behalf. Examples may include providing technical assistance, order fulfillment, customer service, and marketing assistance. These other companies will have access to the Information only as necessary to perform their functions and to the extent permitted by law. We may also share your Information with any of our parent companies, subsidiaries, or other companies under common control with us.
- Aggregated Information. In an ongoing effort to better understand users of the Bracket Products and Services analyze the Information in aggregate form in order to operate, maintain, manage, and improve the Bracket Products and Services. This aggregate information does not identify you personally. We may use this aggregate information for marketing purposes. We may share this aggregate information with our affiliates, agents, business and business partners, and other third parties. We may also disclose aggregated user statistics in order to describe the Bracket Products and/or Services to current and prospective business partners and to other third parties for other lawful purposes.
- Business Transfers. As we develop our businesses, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, sale of assets, dissolution, or similar event, the Information may be part of the transferred assets.
- Legal Requirements. To the extent permitted by law, we may also disclose the Information: (i) when required by law, court order, or other government or law enforcement authority or regulatory agency; or (ii) whenever we believe that disclosing such Information is necessary or advisable, for example, to protect the rights, property, or safety of the Company or others.
We will take reasonable measures to require that any party receiving any of your personal information from us undertakes to: (i) retain and use such information only for the purposes set out in this Privacy Policy; (ii) not disclose your personal information except with your consent, as permitted by law, or as permitted by this Privacy Policy; and (iii) generally protect the privacy of your personal information.
III. Accessing and Modifying Personal Information and Communication Preferences
You may access, review, and make changes to your personal information by following the instructions found on our website, the Services or by contacting us at contact@bracket.fi. In addition, you may manage your receipt of marketing and non-transactional communications by clicking on the "unsubscribe" link located on the bottom of any of our marketing email. You cannot opt out of receiving transactional e-mails related to their account. We will use commercially reasonable efforts to process such requests in a timely manner. You should be aware, however, that it is not always possible to completely remove or modify information in our subscription databases.
IV. Security of Your Information
We take commercially reasonable security measures to ensure that your information is treated securely and is protected from loss, misuse, and unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in processing and the nature of such data, and in compliance with applicable laws and regulations. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us. In particular, e-mail sent to or from the Bracket Products and/or Services may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail or other electronic means. We do not accept liability for unintentional disclosure of your information.
V. Links to Third-Party Sites
The Bracket Products and Services may, from time to time, contain links to external websites. We encourage you to review the privacy and security policies of any externally linked websites that may be accessed through the Bracket Products or Services. We assume no responsibility or liability for the information collection and disclosure practices of any external websites that a user can access through the Bracket Products or Services. Please check the privacy policies of these external websites before you submit any personal information to them.
VI. Children’s Privacy
We do not knowingly collect, receive, maintain, or use personal information from children under 13 years of age, and no part of any of the Bracket Products and/or Services is directed to children under the age of 13. If you are under the age of 13, please do not provide any personal information through the Bracket Products and/or Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Privacy Policy by instructing their children to never provide any personal information on the Bracket Products, Services, or any other web site without their permission. If you learn that your child has provided us with personal information without your consent, you may alert us at contact@bracket.fi and we will endeavor to delete that information from our databases. If we learn that we have collected any personal information from children under 13, we will promptly take steps to delete such information and terminate the child’s account.
VII. DO NOT TRACK
We do not respond to or honor “do not track” (a/k/a/ DNT) signals or similar mechanisms transmitted by web browsers.
VIII. Important Notice to All Users
Bracket Products and Services are not offered to Restricted Users. Please be aware that your information, including your personal information, may be transferred to, processed, maintained, and used on computers, servers, and systems located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are not a Restricted User and choose to use the Bracket Products or the Services, you do so at your own risk.
IX. Notice to Individuals located in the European Economic Area, the United Kingdom, or Switzerland
If you are an individual located in the European Economic Area, the United Kingdom or Switzerland, further information regarding the transfer, storage and processing of your personal data under the General Data Protection Regulation (2016/679) is set forth in our GDPR Privacy Notice below.
X. Changes to Our Privacy Policy and Practices.
This Privacy Policy is effective as of the date stated at the top of this Privacy Policy. We may revise this Privacy Policy from time to time, so review it periodically. We will post any changes to the Privacy Policy on the Bracket Products and/or Services, and the revised Privacy Policy will be effective when it is posted. By accessing and/or using Bracket Products and/or Services after we make any such changes to this Privacy Policy, you are deemed to have accepted such changes. Please refer back to this Privacy Policy on a regular basis.
XI. Contact Us
If you have any questions about this Privacy Policy or to report a privacy issue, please contact us:
contact@bracket.fi
If you are located in the European Union (EU), United Kingdom, Lichtenstein, Norway, or Iceland (“European Individuals”), you may have additional rights with respect to your Personal Data under the General Data Protection Regulation (“EU GDPR”), and/or the EU GDPR as saved into United Kingdom law by the United Kingdom's European Union (Withdrawal) Act 2018 (“UK GDPR”) (collectively with the EU GDPR, the “GDPR”), as set forth in this GDPR Notice (the “GDPR Notice”).
In this GDPR Notice, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to identify a person, and “processing” generally refers to actions that can be performed on data such as its collection, use, storage or disclosure. Company will usually be the controller of your Personal Data processed in connection with the Bracket Products and Services.
Where applicable, this GDPR Notice is intended to supplement, and not replace, our Privacy Policy. If there are any conflicts between the GDPR Notice and the other parts of the Privacy Policy, and you are located in the EU, United Kingdom, Lichtenstein, Norway, or Iceland, the provision that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this GDPR Notice or whether any of the following rights apply to you, please contact us at contact@bracket.fi with the subject line “GDPR Request.”
1. Types of Personal Data we Collect
We currently collect and otherwise process the categories of Personal Data listed in Section I of the Privacy Policy.
2. How we Obtain the Personal Data and Why we Have it
We collect and/or receive the Personal Data in the ways and for the purposes listed in Section I and Section II of the Privacy Policy. We will only process your Personal Data if we have a lawful basis for doing so. Under the GDPR, the lawful bases we rely on for processing this information are:
a) Your Consent
In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection. You can remove your consent at any time. You can do this by contacting us via email at contact@bracket.fi with the subject line “GDPR Request.”
b) We Have a Contractual Obligation
We process certain categories of Personal Data as a matter of “contractual necessity,” meaning that we need to process the data to perform under our Terms of Use with you, which enables us to provide you with the Bracket Products and Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Bracket Products and Services that require such data. These categories of Personal Data are:
- Contact Information;
- Other Information;
- Blockchain Activity Information; and
- Third Party Information.
c) We Have a Legitimate Interest
We process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties:
- Contact Information;
- Other Information;
- Blockchain Activity Information; and
- Third Party Information.
Our legitimate interests are:
Information Security: We process Contact Information, the information collected through cookies, and the Other Information when you use the Bracket Products or Services in order to maintain an audit log of activities performed. We use this information pursuant to our legitimate interests in tracking usage, combating DDOS or other attacks, and removing or defending against malicious individuals or programs.
Operation and Improvement of Bracket Products and Services: We process Other Information and information collected through cookies pursuant to our legitimate interest in operating and improving Bracket Products and Services.
General Business Development and Management: We process Contact Information, Other Information, Blockchain Activity Information and Third Party Information pursuant to our legitimate interest in creating and managing our business relationships with European Individuals, including without limitation:
- To respond to inquiries from European Individuals;
- To provide European Individuals with information about our products and services; and
- To assist European Individuals with any issues while using the Bracket Products and Services.
Direct Marketing: Generally, we send email marketing to European Individuals pursuant to their consent. When you use the Bracket Products or Services, email marketing may be sent to you pursuant to our legitimate interest in sending marketing communications to you in the context of such engagement.
Protection of Rights: We may disclose any categories of Personal Data to respond to claims of violation of third party rights or to enforce and protect our rights.
d) We Have a Legal Obligation
We may be required to disclose Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose Personal Data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
3. How we Share Your Personal Data.
Section II of the Privacy Policy explains how we share your Personal Data with third parties.
4. How we Store and Protect Your Personal Data
We use commercially reasonable administrative, technical, and physical safeguards to protect your Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, for which we take into account the nature of the Personal Data, its processing, and the threats posed to it. Unfortunately, no data transmission or storage system can be guaranteed to be secure at all times. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us via email at contact@bracket.fi with the subject line “GDPR Request.”We retain your Personal Data for as long as needed to fulfill the purposes for which we obtained it, as further described in this Privacy Policy. We will only keep your Personal Data for as long as allowed or required by law.
5. Your Data Protection Rights
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email us at contact@bracket.fi with the subject line “GDPR Request.” You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
- Right of access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.
- Right to rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
- Right to erasure: You can request that we erase some or all of your Personal Data from our systems.
- Right to restriction of processing: You have the right to ask us to restrict the processing of your Personal Data.
- Right to object to processing: You have the right to object to the processing of your Personal Data in certain circumstances.
- Right to data portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
- Right to withdraw consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of the Bracket Products and Services.
- Objecting to Legitimate Interest/Direct Marketing: You may object to Personal Data processed pursuant to our legitimate interest. In such case, we will no longer process your Personal Data unless we can demonstrate appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims. You may also object at any time to processing of your Personal Data for direct marketing purposes by clicking “Unsubscribe” within an automated marketing email or by submitting your request to contact@bracket.fi with the subject line “GDPR Request.” In such case, your Personal Data will no longer be used for that purpose.
We will respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolve disputes and enforce our agreements. Please note that all of these rights are subject to applicable exemptions and restrictions, and are not absolute rights. If we need to rely on these exemptions or restrictions, we will provide this information to you in our response.
6. How to Complain
If you have any concerns about our use of your Personal Data, you can make a complaint to us at contact@bracket.fi with the subject line “GDPR Request.”You also have the right to lodge a complaint about the processing of your personal data with a supervisory authority of the European state where you work or live or where any alleged infringement of data protection laws occurred. A list of most of the supervisory authorities can be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
7. Corporate Restructuring
In the event of a merger, reorganization, dissolution, or similar corporate event, or the sale of all or substantially all of our assets, the information that we have collected, including Personal Data, may be transferred to the surviving or acquiring entity. All such transfers shall be subject to our commitments with respect to the privacy and confidentiality of such Personal Data as set forth in this GDPR Notice.
8. Transfers of Personal Data
Bracket Products and Services are not offered to Restricted Users. The laws in these jurisdictions may differ from the data protection laws where you reside. By using the Bracket Products and/or Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Company. When we transfer personal data outside of the European Union, United Kingdom, Lichtenstein, Norway, or Iceland, we ensure an adequate level of protection for the rights of data subjects based on the adequacy of the receiving country’s data protection laws and contractual obligations placed on the recipient of the data. To request more information, please contact us as provided in the Our Contact Information section below.
9. Updates to this GDPR Notice
If, in the future, we intend to process your Personal Data for a purpose other than that which it was collected, we will provide you with information on that purpose and any other relevant information at a reasonable time prior to such processing. After such time, the relevant information relating to such processing activity will be revised or added appropriately within this GDPR Notice, and the “Last Updated” at the top of this page will be updated accordingly.
10. Our Contact Information
Please reach out to contact@bracket.fi for any questions, complaints, or requests regarding this GDPR Notice, and include in the subject line “GDPR Request.”