Privacy Policy
Introduction
Please read this Privacy Policy carefully as it contains important information on who we are and how and why we collect, store, use and share your Personal Data and which rights and options you have in this regard. Please see the relevant headings below for more information on each of these areas.
This Privacy Policy is issued on behalf of Chirp Token, LLC, Suite 305 Griffith Corporate Centre, Beachmont, Kingstown St. Vincent and the Grenadines (“Chirp”, “we”, “us”, “our”). For the data processing described in this Privacy Policy, Chirp is the controller. Therefore, the protection of personal data and the responsible handling of information that you entrust to us is an important and special concern for us. When deciding to use our website and/or our services, please keep in mind that we are a US company and that your data will be processed in the US. Therefore, we process your personal data only in accordance with the statutory regulations, in particular with Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”).
Contact Us
If you have any questions please contact us at any time via E-Mail to info@chirptoken.io.
We have appointed PLANIT // LEGAL Rechtsanwaltsgesellschaft mbH, Jungfernstieg 1, 20095 Hamburg, Germany as our EU-representative according to Art. 27 GDPR, who you can contact by email to chirp_eu_representative@planit.legal, if you use our service from within the EU and have any privacy-related requests.
We have appointed FlyingLawyers, Weinbergstrasse 22, 8001 Zürich, Switzerland, as our Swiss-Representative under of Art. 14 of the Swiss Data Protection Act (of 25 September 2020), who you can contact by email to datarep@flyinglawyers.ch, if you use our service from within the Swiss and have any privacy-related requests.
We have appointed Formiti Data International Ltd, Grosvenor House, 11 St Pauls Square, Birmingham B3 1RB, United Kingdom, as our UK-Representative under Art. 27 of the UK General Data Protection Regulation, Retained Regulation (EU) 2016/679 (UK GDPR), who you can contact by email to ukrepservice@formiti.com, if you use our service from within the UK and have any privacy-related requests.
1. Purpose of this Privacy Policy
This Privacy Policy aims to give you information on how Chirp collects and processes your personal data through your use of this website, including any data you may provide through this website and when you use our service.
Third-party links This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
2. Data we collect about you
We may collect personal information from you in the course of our business, including through your use of our website, when you contact or request information from us, when you engage our services or as a result of your relationship with one or more of our staff.
a. Data processing during general use of our website
When you access our website, we collect and process internet connection data as well as certain telemedia and usage data stored in the browser of your device.
-
(1) Internet connection data
When you call up our website, we process the internet connection data that your browser automatically transmits to our server. This is your IP address and other usage data (e.g. date and time of the call, name of the page called up, amount of data transferred and the requesting provider). We need this information to enable you to use our website, for example by adapting the website to the technical requirements of your device.
This internet connection data may also be personal data. The legal basis for this data processing is our legitimate interest in ensuring the security and usability of our website, Art. 6(1)(f) GDPR. We store the personal data in question for a period of 35 days.
-
(2) Cookies
We use tracking technologies on our website that enable us or also our contractual partners or service providers to collect data relating to the use of our website. These tracking technologies are usually referred to as cookies, which is why we also use this term in the following. However, the following also applies accordingly to other tracking technologies or file formats, such as local storage, pixels, beacons or tags.
Cookies are text files that are saved to the browser on your end device. User-related pseudonymous data can be stored for these files. This data can then be read out again.
When you visit our website for the first time, we display a so-called cookie consent banner to inform you about the tracking technologies we use and to give you the choice of which optional cookies you would like to agree to. You can change your choice at any time in the Privacy Preference Centre on our website (see (vi) below).
(i) Technically necessary cookies: In certain cases, the storage of information on your device or access to information already stored on your device is absolutely necessary so that we can make our website available to you for use (“Necessary Cookies”). Insofar as this information has a personal reference and is processed by us in our IT systems, the legal basis for this data processing is our justified interest in providing our website and ensuring the availability of our services, Art. 6(1)(f) GDPR.
(ii) Cookies requiring consent: We only use cookies that are not technically essential with your consent. We use the following categories of consent-requiring cookies:
-
Performance cookies: These cookies allow us to count visits and traffic sources so that we can measure and improve the performance of our website. They help us answer questions about which pages are most popular, which are least used and how visitors move around the site. All information collected by these cookies is aggregated and therefore anonymous. If you do not allow these cookies, we will not be able to know when you visited our website
-
Functional cookies: These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third parties whose services we use on our sites. If you do not allow these cookies, some or all of these services may not work properly.
-
Cookies for marketing purposes: These cookies may be set through our website by our advertising partners. They may be used by these companies to profile your interests and show you relevant ads on other websites. They do not directly store personal data, but are based on a unique identification of your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
You can find more information about the file names, storage duration, provider and category of the respective cookie in the cookie settings of the cookie consent banner or the data protection preference centre of the website. By clicking on the respective button (e.g. “Accept all cookies” or “Confirm selection”) in the cookie consent banner or the data protection preference centre, you consent both to the storage and reading of information in these optional cookies via our website and to the further processing of any personal data (Art. 6(1)(a) GDPR).
(iii) Google Tag Manager
As a tool of a US provider, we use the Google Tag Manager. The therefore implemented cookie is part of the Google Adwords tool and the associated Google Tag Manager for the purpose of so-called conversion tracking. By clicking on the respective button (e.g. “Accept all cookies” or “Confirm selection”) in the Cookie Consent Banner or the Privacy Preference Center, you consent both to the storage and retrieval of information in this optional cookie and to the further processing of any personal data retrieved (Art. 6(1)(a) GDPR). If you give us your consent, Google processes the IP address and assigns a pseudonymous user ID. This enables Google to evaluate whether you have reached our website through a Google Ad and whether you have registered or not. You can access Google’s Privacy Policy here. The data processed by Google, in particular your IP address, is also stored on Google servers in the USA.
(iv) Google Analytics
As a tool of a US provider, we use the Google Analytics by Google (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, US). By clicking on the respective button (e.g. “Accept all cookies” or “Confirm selection”) in the Cookie Consent Banner or the Privacy Preference Center, you consent both to the storage and retrieval of information in this optional cookie and to the further processing of any personal data retrieved (Art. 6(1)(a) GDPR). If you consent to the setting of the Google Analytics cookie, Google will collect data relating to your use of our website. This enables Google to assign data relating to usage behaviour on our website to this respective pseudonymous user. We have commissioned Google to use this information to evaluate the usage behaviour of the website, to compile reports on website activities and to provide us with further services related to website and internet usage. You can access Google’s Privacy Policy here. The data processed by Google, in particular your IP address, is also stored on Google servers in the USA.
(v) Content Delivery Network (Cloudflare)
We use the service “Cloudflare”. The provider is Cloudflare Inc, 101 Townsend St, San Francisco, CA 94107, USA (hereinafter “Cloudflare”). Cloudflare offers a globally distributed content delivery network with DNS. This technically routes the transfer of information between your browser and our website via Cloudflare’s network. This enables Cloudflare to analyse traffic between your browser and our website and act as a filter between our servers and potentially malicious traffic from the internet. In doing so, Cloudflare may also use cookies or other technologies to recognise internet users, but these are used solely for the purpose described here. The use of Cloudflare is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6(1)(f) GDPR), as well as on your consent pursuant to Art. 6(1)(a) GDPR with regard to the cookies set. Further information on the topic of security and data protection at Cloudflare can be found here: www.cloudflare.com/privacypolicy.
(vi) Withdrawal of your consents: You can withdraw your consents given in the cookie consent banner at any time for the future (Art. 7(3) GDPR). To do so, call up the data protection preference centre on our respective website. You can access the data protection preference centre by clicking on the link “Cookie Settings” in the footer of our website. In the data protection preference centre, you have the option to withdraw any consent you have already given by deselecting the relevant cookies. You can also select additional cookies and give us further consent. Your selection of optional cookies will in turn be saved as a cookie in your browser.
-
3. Data Processing when you use our service
When you register on our website for the use of our service, we process your email address password you set yourself. The legal basis for this data processing is the initiation and fulfilment of the contract concluded with you for the use of our service, Art. 6(1)(b) GDPR.
When you use our service, we process further data from you, to provide you our service. This data is:
- Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address and telephone numbers
- Financial Data includes bank account and payment card details.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Data that you provide to us via the helpdesk and that we process in order to answer your support request.
The legal basis for this data processing is the initiation and fulfilment of the contract concluded with you, Art. 6(1)(b) GDPR.
4. Data Processing for marketing purposes
We process your email address for advertising purposes (e.g. in the form of a newsletter) if either the requirements of Art. 6(1)(f) GDPR – perhaps in conjunction with local laws about unfair competition, e.g. for Germany section 7(3) Unfair Competition Act (Gesetz gegen den unlauteren Wettbewerb, “UWG”) – are fulfilled or you have consented to receiving our e-mail advertising in accordance with Art. 6(1)(a), Art. 7 GDPR. If you would like to receive our e-mail advertising and register for it, we first collect your e-mail address and send you a confirmation e-mail with a confirmation link that you must click to subscribe to our advertising or to register for participation in the customer surveys. For sending our newsletter, we have implemented the service “Mailchimp” of The Rocket Science Group LLC d/b/a Mailchimp. We have entered into a Data Processing Agreement that meets the requirements of Art. 28 GDPR.
You can withdraw your consent at any time with effect for the future. If you receive e-mail advertising from us as an existing customer, you can object to this advertising at any time without incurring any costs other than the transmission costs according to the basic rates. You are also free to object to the processing of your personal data for direct marketing purposes at any time and without giving reasons for the future (Art. 21(2) GDPR). In the event of your withdrawal or objection, we will erase your data processed by us up to that point. This does not apply to data that we need to prove that you have given us consent in the past and that we have made lawful use of this consent. The processing of such data is then limited to this documentation and verification purpose. The storage is based on Art. 6(1)(c) and Art. 5(1)(c), as well as Art. 5(1) (a), Art. 5(2), Art. 7(1) GDPR and Art. 6(1)(f) GDPR and for the duration of the respective statutory limitation periods under local criminal and civil law or separate, legally mandated retention periods.
5. Disclosures of your personal data
We use technical service providers (for example for hosting, customer data management software and telecommunication providers) as well as service providers for the processing of product orders who process your data according to our instructions on the basis of Data Processing Agreements pursuant to Art. 28 GDPR. We only disclose your data to other third parties if we are legally obliged to do so or if there is another legal basis for doing so.
6. International transfers
We are a company based on St. Vincent & Grenadines. We may also transfer your personal data to recipients in other countries outside the European Union (“EU”) and the European Economic Area. If the level of data protection there does not correspond to the level of data protection within the EU and no adequacy decision of the EU Commission is in place (Art. 45 GDPR), we provide suitable guarantees within the meaning of Art. 46 et seq. GDPR. This may include the agreement of standard contractual clauses of the EU Commission (Art. 46 GDPR) and any additional measures required to ensure an adequate level of data protection.
7. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8. Data retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Bylaw we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers.
In some circumstances we will anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
9. Your Rights
As a Data Subject of Chirp’s data processing, you have the following rights under the respective legal requirements:
- The right to confirmation as to whether we are processing personal data relating to you (Art.15 GDPR).
- The right to information about your personal data processed by us and to a copy of the data (Art. 15 GDPR).
- The right to rectification in the event that your personal data is inaccurate (Art. 16 GDPR).
- The right to have your personal data deleted (Art. 17 GDPR).
- The right to restriction (blocking) of your personal data (Art. 18 GDPR).
- The right to data portability (Art. 20 GDPR).
In the event that your personal data is processed on the basis of Art. 6(1)(e) or (f) GDPR, you may also object to the processing in question under the conditions of Art. 21(1) GDPR.
You may object to the processing of your personal data for direct marketing purposes at any time and without giving reasons with effect for the future (Art. 21(2) GDPR).
If the processing is based on your consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, you may withdraw your consent at any time with effect for the future (Art. 7(3) GDPR).
You also have the right to contact the competent data protection supervisory authority (Art. 77 GDPR).
10. Automated individual decision-making, including profiling
We not make decisions based solely on automated processing, including profiling, which produces legal effects concerning the data subjects.
11. Changes on our Privacy Policy
New legal requirements, corporate decisions or technical developments may require changes to our privacy policy. The privacy policy will then be adapted accordingly. You will always find the latest version on our website.