Privacy Policy

This privacy policy informs you about how deltaDAO AG (in the following deltaDAO, we, us, our) processes your personal data when you visit our GEN-X Testnet Explorer (in the following explorer) and when you contact us. Moreover, this privacy policy informs you about your rights.

Last updated on June 22, 2022.

1. Contact details of the controller and Data Protection Officer

The controller pursuant to the EU General Data Protection Regulation (“GDPR”) for the processing of your personal data is:

deltaDAO AG
Katharinenstraße 30a
20457 Hamburg
Germany
E-mail: contact@delta-dao.com

If you have any questions about the protection of your personal data at deltaDAO, please contact our Data Protection Officer:

Data Protection Officer
deltaDAO AG
Katharinenstraße 30a
20457 Hamburg
Germany
E-mail: privacy@delta-dao.com

2. What’s personal data?

Personal data is any information that can be (directly or indirectly) related to you. deltaDAO processes a minimal amount of personal data, as we believe your personal data belongs to you. We process the following personal data.

• Usage data including your IP address: Usage data including IP addresses are processed when visiting our explorer.
• E-mail: If you contact deltaDAO via e-mail, we process your e-mail address and any personal data you decide to provide in your message (such as your name).

For detailed information about the processing operations, lawfulness, purposes, and how your personal data serves to reach these purposes, please take a look at the chapter “Processing operations according to Article 13 GDPR”.

3. Recipients and cross-border data transfer

Visiting our explorer
When visiting our explorer, we are processing your IP address with the support of Exoscale, a European cloud service provider that hosts our explorer. Our Exoscale server is located in Frankfurt, Germany.

Contact via e-mail
When you contact us via e-mail, our (mail) service provider Microsoft (located at One Microsoft Way Redmond, WA 98052-6399, USA) supports us in processing your personal data so we can communicate with you. We have restricted storage on the EEA and signed SCC with our provider. You have the right to receive a copy of these SCC. To exercise your right, please contact us at privacy@delta-dao.com.

• Here you can find Microsoft's current DPA including SCC ↗.
• Here you can find Microsoft's privacy policy ↗.

Browsing to the GraphQL API
When browsing to the GraphQL API ↗, usage data including your IP address is processed by Prospect One, a company established in Poland, to operate the cdn.jsdelivr.net service.

• Here you can find Prospect One's privacy policy ↗.

4. Processing operations according to Article 13 GDPR

4.1 Providing the GEN-X Testnet Explorer

The GEN-X Testnet Explorer is a tool for inspecting and analyzing transactions made and stored on the GEN-X Testnet. When you are visiting our explorer, deltaDAO collects and uses your IP address for providing the explorer to you. The explorer is hosted on an Exoscale server located in Frankfurt, Germany.

Purposes: Your IP address is collected and used because it is a technical requirement for establishing and maintaining communication between your device and the explorer.

Legal basis: The legal basis for this processing is our legitimate interest, pursuant to Art. 6(1)(f) GDPR.

Legitimate interests: Our legitimate interest is to provide the explorer to you.

Retention period: We do not maintain your IP address after visiting our explorer.

4.2 Contact via e-mail

If you contact us via e-mail, deltaDAO will collect, use and store your e-mail address, and any other information you provide us in your message, such as your name.

Purposes: We collect, use and store this personal data to respond to your inquiries.

Legal basis: The legal basis for this processing is our legitimate interest, according to Art. 6(1)(f) GDPR.

Legitimate interests: Our legitimate interest is to answer your inquiries.

Retention period: deltaDAO deletes your personal data as soon as we no longer require them for processing your inquiry, except deltaDAO is obliged to comply with legal retention periods or in case of legal disputes.

4.3 Providing the GraphQL API

When you are browsing to the GraphQL API ↗, usage data is transmitted to Prospect One, a company established in Poland, operating the cdn.jsdelivr.net service. The usage data includes your

• IP address
• browser type and browser version
• referrer data (limited to domain)
• the URLs of the Service that you visit (limited to the cdn.jsdelivr.net domain)
• the time and date of your visit
• unique device identifiers
• other diagnostic data Prospect One never associates any gathered data with specific users of the service or tries to track their usage at any point and in any way.

Purpose: Your personal data is transmitted to Prospect One as it is a technical requirement to provide the GraphQL API to you. Prospect One uses this data to operate the cdn.jsdelivr.net service.

Legal basis: The legal basis for this processing is our legitimate interest, pursuant to Art. 6(1)(f) GDPR.

Legitimate interests: Our legitimate interest is to provide the GraphQL API to you.

Retention period: deltaDAO does not maintain your personal data after visiting the GraphQL API. Prospect One will retain your personal data only for as long as is necessary for the purpose set out above. Prospect One will also retain non-aggragated usage data for internal analysis purposes. Non-aggragated usage data is retained for a shorter period of time, until it is analyzed and deleted, except when this data is used to strengthen the security or to improve the functionality of the service, or if they are legally obligated to retain this data for longer time periods. For more information please refer to Prospect One's privacy policy ↗.

5. Cookies and web storage

A cookie is a small file that stores Internet settings. Your web browser downloads it on the first visit to a website. The next time you open this website with the same device, the cookie and the information stored in it are either sent back to the website that created it (first-party cookie) or sent to another website it belongs to (third-party cookie). This enables the website to detect that you have opened it previously with this browser and, in some cases, to vary the displayed content.

We use local storage and session storage on our explorer, which have similar functionality to cookies. We use your web storage (local storage and session storage) to remember your page preferences, enable functionalities and to enhance your user experience.Our explorer does not use cookies for analytics or marketing purposes. Your browser will remove the session storage once you close your browser. You have the option of disabling cookies and deleting cookies and web storage from your computer’s hard disk at any time in your browser settings.

6. External links

Our explorer contains links to external websites that are beyond the control and responsibility of deltaDAO.

7. Your rights

If you want to make use of your rights described below, do not hesitate to contact us.

7.1 Right of access (Art. 15 GDPR)

You have the right to obtain confirmation as to whether deltaDAO processes personal data about you. If we are processing personal data about you, you have the right to access these personal data and to gain the information defined in Art. 15 GDPR.

7.2 Right to rectification (Art. 16 GDPR)

You have the right to obtain without undue delay the rectification of inaccurate personal data about you. Additionally, you have the right that incomplete personal data about you are completed.

7.3 Right to erasure (Art. 17 GDPR)

You have the right to obtain without undue delay the erasure of personal data about you, where the defined legal grounds in Art. 17 GDPR apply.

7.4 Right to restriction (Art. 18 GDPR)

Moreover, you have the right to obtain the restriction of processing your personal data where the defined legal grounds in Art. 18 GDPR apply.

7.5 Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. Additionally, you have the right to transmit those data to another controller without hindrance, where the defined legal grounds in Art. 20 GDPR apply. You can make use of your right to data portability by contacting us.

7.6 Right to object (Art. 21 GDPR)

On grounds relating to your particular situation, you have the right to object to the processing of your personal data where we based the processing on legitimate interests (Art. 6(1)(f) GDPR). If you object, deltaDAO will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing, overriding your rights, freedoms, and interests, or if the processing is required to establish, exercise, or defend legal claims.

7.7 Right to lodge a complaint (Art. 77 GDPR)

You have the right to lodge a complaint with a supervisory authority if you consider the processing of your personal data by deltaDAO to infringe the GDPR. You can lodge a complaint in particular

• in the Member State of your habitual residence,
• in the Member State of your place of work, and
• in the place of the alleged infringement.

8. Questions

For any requests regarding our privacy policy, please send us an e-mail to privacy@delta-dao.com.

9. Changes to the Privacy Policy

We adjust this policy from time to time, by publishing a new version on our explorer. You can find the date of the current version at the beginning of this policy. The latest version of this policy applies to the processing of your personal data.