Last Modified: 23-05-2018
SHA-256 OU (“Company,” “we,” ” us,” or “our“) takes the private nature of your information very seriously.
What We Collect and How We Use It
In the course of providing the Services, we collect and receive various types of information. Certain categories of information collected by Company are necessary to use our Services. In order to deliver, personalize, and improve our Services, we combine and use the information we have about you (including information we receive on and off our Services) to understand how you use and interact with our Services. We describe these types of information and their uses in more detail below.
We mainly rely on three separate bases to lawfully collect and use your information.
- Second, where you have given us consent to use your information in certain ways, we will rely on your consent (which you may revoke at any time).
- Third, as described in more detail below, in certain cases we may process your information where necessary to further legitimate interests, whether ours or those of visitors, users or partners, where those legitimate interests are not overridden by your rights or interests.
Occasionally, Company may rely on other legal bases to process your information, such as to protect your vital interests or those of others (such as where there is a risk of imminent harm), where necessary in the public interest, or to comply with a legal obligation, a court order, or to exercise and defend legal claims.
Account Information: When you create an account on the Services (an ” Account“), we’ll ask you for information such as your username, password, age, identification information and email address (“Account Information”) in order to provide you with the Services. We may also use Account Information, alone or together with other information, to enhance and improve the Services, such as by personalization. We use your age to verify that you can lawfully use the Services. We use your email address to verify your Account and to communicate with you, as described in more detail below. We also allow users to look for their friends by email address; you can, however, opt out of email lookup through your Account Settings.
Email Communications with Us: As part of the Services, you may occasionally receive email and other communications from us. Administrative communications relating to your Account (e.g., for purposes of Account recovery or password reset) are considered part of the Services and your Account, which you may not be able to opt-out from receiving. We also may send you other kinds of emails, which you can opt-out of either from your Account Settings page or by using the “Opt-Out” link in the emails themselves. Note that we will never email you to ask for your password or other Account Information; if you receive such an email, please forward it to us.
We send two kinds of email: ones about fun stuff happening on Company, and ones with important information about your account. You can opt out of the former, but not the latter.
Information about Your Accounts on Third Party Services: You can link your Account to certain Third Party Services. In order to do so, you can choose to provide us with your username or other user ID for a Third Party Service, and you may then be required to log into that Service. After you complete this login process, we will receive a token that allows us to access your account. We do not receive or store your passwords for your Third Party Service accounts.
Information Obtained from Third Party Services: In some cases, we partner with Third Party Services that may provide information about you. Such information could include, for example, your age and gender, if you have disclosed that information to that third party and made it available for Company to access or receive it. To the extent we obtain such information, we may use it to develop new Services or to improve or enhance the Services.
When you connect other services to your Company account, those services might share information about you with us. What gets shown to us is determined by their privacy policies, which are long and boring, but which you should probably read if you have questions or concerns.
Native Actions: The Services allow you to perform actions that are integral to our products, such as exchange or trade actions. We use information about native actions to improve the Services, develop new Services, and, particularly, to personalize your Company experience.
Information About User Content: In some cases, we may collect information about content you provide to the Services. For example, we may collect information describing your exchange and/or trade volumes. This information allows us to improve the Services and provide additional features and functionality.
Information Related to Use of the Services: We collect information about how people use the Services, including those with an Account. This type of information may be collected in our log files each time you interact with (i.e., make a request to) the Services. We use internal tools and third party applications and services to collect and analyze this information. Some of this information may also be associated with the Internet Protocol Address (“IP Address”) used to access the Services; some may be connected with your Account; and some may only be collected and used in aggregate form (as a statistical measure that wouldn’t identify you or your Account).
We also collect your IP Address when you make trade actions using the Site. We may use this information about how you and others interact with the Services for a number of things generally related to enhancing, improving, protecting, and developing new Services, including but not limited to: providing users with targeted advertising; generally keeping our users and community safe; and for legal and safety reasons as set forth in “Information Disclosed for Our Protection and the Protection of Others.”
We use information about how you interact with Company in order to personalize it for you, to keep both you and our community safe from harm, and to improve Company for everyone who uses it.
Information Related to Your Web Browser: We automatically receive and record information from your web browser when you interact with the Services, such as your browser type and version, what sort of device you are using, your operating system and version, your language preference, the website or service that referred you to the Services, the date and time of each request you make to the Services, your screen display information, and information from any cookies we have placed on your web browser (as described below).
We also sometimes detect whether you are using certain web browser extensions and store that information in a manner associated with your Account. We use web browser-related information to provide, secure, enhance and improve the Services.
Location Information: In some cases, we collect and store information about where you are located, such as by converting your IP Address into a rough geolocation. We may also ask you to provide information about your location, for example permission to use your geolocation information from your mobile device. We may use location information to improve and personalize the Services for you.
Information Related to Your Mobile Device: We may collect and store information related to your mobile device. In some cases, we may receive, generate, or assign your mobile device a unique identifier for the purposes described above in “Information Related to Use of the Services.” We may also ask you to provide your phone number to enable new products and improve the Services, such as by enabling multi-factor authentication for Account login. We will always ask you whether it’s OK for us to collect and store your phone number.
We may also store unique or near-unique identifiers that we associate with your Account in our cookies. This information, in turn, is sometimes used as described above in “Information Related to Use of the Services.” Most web browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your web browser) allowing you to decide on acceptance of each new cookie in a variety of ways.
If you disable cookies, you won’t be able to log into your Account, and so won’t be able to use the vast majority of our Services; as such, we don’t recommend disabling your cookies when using the Services.
Being able to log into your account is one of Company’s many great features. Cookies make this possible. Cookies and web tags also let us learn how people use Company, which in turn helps us make a better product for you to use.
Derived Information: As described above in “Native Actions” and “Information Related to Use of the Services,” we analyze your actions on the Services in order to derive or infer characteristics that may be descriptive of your Account (for example, what kinds of actions you make). We use this information for the purposes described in “Information Related to Use of the Services,” above.
Additionally, we may also use the Personal Information we collect through the Services or other sources for a range of reasons, including:
To bill and collect money owed to us by you.
This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and those third parties collect billing information to process your orders and credit card payments.
To send you system alert messages.
To communicate with you about your account and provide customer support.
For example, if you use our mobile apps, we may ask you if you want to receive push notifications about activity in your account. If you have opted in to these push notifications and no longer want to receive them, you may turn them off through your operating system.
To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
To prosecute and defend a court, arbitration, or similar legal proceeding.
To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
To provide, support and improve the Services. For example, this may include sharing your personal information with third parties in order to provide and support our Services or to make certain features of the Services available to you.
For our data analytics projects.
To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.
With Whom Your Information Is Shared
We never share information we receive from you unless:
(a) we have your permission to share that information, such as to provide the Services that you have requested (including when you connect with Third Party Services);
(c) that information is aggregate information or other information that does not identify you.
You confirm that you have all appropriate consents and authorizations to upload and share third parties’ personal information and where relevant to contact (and for Company to contact on your behalf) such third parties.
Information Shared with and Received from our Affiliates: Because we are a wholly-owned subsidiary, our affiliated companies may receive any information we do, and may share information they have with us. Our family of companies may use the information they receive from us to help us provide, understand, and improve the Services (including by providing us analytics) and in connection with their products and services (including by providing you with a more personalized experience on their services and Our Services).
Information Shared Between the Services: We may, if possible, aggregate information about your use of multiple Services and use that consolidated information to enhance and improve the Services, and to develop new Services.
Information Shared with Our Agents in Order to Operate and Improve the Services: In some cases, we share information that we store (such as IP Addresses) with third parties, such as service providers, attorneys, consultants, and other agents (“Agents“), for the purposes of operating, enhancing, and improving the Services, and developing new products and services.
Agents with whom we share such information for these reasons are generally bound by confidentiality obligations and, unless we tell you differently, our Agents do not have any right to use information we share with them beyond the scope and duration of what is necessary to assist us.
Information Disclosed Pursuant to Business Transfers: In some cases, we may choose to buy or sell business assets. In these transactions, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. Such transfers may occur and may be in the legitimate interests of the parties involved. After such transfers, the acquirer of us or our assets may continue to use your Information as set forth in this policy.
Should we happen to get acquired or go out of business, the transfer of assets from us to our buyer may very well include user information.
Information We Share with Your Consent or at Your Request: Without prejudice to your rights mentioned below where you are an EU user, if you ask us to release information that we have about your Account, we will do so if reasonable and not unduly burdensome.
Information Shared with Other Third Parties: We may share or disclose public, aggregate or depersonalized information with people and entities that we do business with.
Security and Retention of Your Information
Protecting our systems and our users’ information is paramount to ensuring Company users enjoy a secure user experience and maintaining our users’ trust.
Your Account Information is protected by a password for your privacy and security. We may enable additional security features in the future, like multi-factor authentication. You need to prevent unauthorized access to your Account and information by creating a unique, secure, and protected password and limiting access to your computer and browser by signing off after you have finished accessing your Account on the Services.
Company may use your information to provide, improve and customize our Services and the ads and content which we serve to you. This may include the sharing of your information for such purposes and we do so as it is necessary to pursue our legitimate interests and your legitimate interests in receiving personalized content and services.
We may also use your information for safety and security purposes, including the sharing of your information for such purposes and we do so as it is necessary to pursue our and your legitimate interests of ensuring the security of our Services, including enhancing users’ protection against harassment, IP infringement, spam and crime and security risks of all types.
You have the right to object to any of this processing and if you want to object please contact Company help.
What Information You Can Access
If you are a registered user, you can access most information associated with your Account by logging into the Services and checking your Account Settings page. Registered and unregistered users can access and delete cookies through their web browser settings.
If you want to delete your Account, you can do so from your Account Settings page or by emailing us and providing proof of authority over the Account. What constitutes “proof of authority” will vary depending on the circumstances, but generally will require sufficient identifying information so that we can be confident you are the Account owner.
You’re free to delete your account at any time and for any reason. The deletion will be effective immediately, for the most part, but it might take a little while to scrub everything from our archives and backups.
EU Controls and Privacy Rights
If you are usually resident in the EU, Company is the data controller of your information. In accordance with EU law, you have a number of rights and choices regarding the use of your information.
Access and Porting. As described in the section ‘What Information You Can Access’, you can access much of your information by logging into your Company account. If you require additional access or if you do not have a Company account, contact us to request a copy of your information.
Where legally required, we can provide your information in an easily accessible format and assist in transferring some of this information to third parties.
Rectify, Restrict, Limit, Delete. You can also rectify, restrict, limit or delete much of your information by logging into your Company account. If you cannot do this, or you do not have a Company account, please contact us. For more information on deleting your account or leaving Company, please refer to the section ‘How to Delete Your Account’.
Object. In certain circumstances, such as those described in the ‘Legitimate Interests’ section above, you also have the right to object to the processing of your information by us. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. Where we use your data for direct marketing purposes, you can always object using the unsubscribe link in such communications, changing your account settings, or by contacting us.
Revoke consent. You have the right to withdraw your consent to our processing of your information and your use of our Services at any time. Similar to the way in which you can give consent by interacting with our Services, you can also withdraw your consent through our Services. You can choose to delete your account as described above.
Complain. Without prejudice to any other rights you may have, you also have the right to file a complaint against us with your local supervisory authority. Click here to find your local supervisory authority.
To the extent that Company is deemed to transfer your information outside the EEA, Company relies on the fact that such a transfer is necessary in order to deliver our Services to you, in accordance with the contract between us.
If we make changes that are material, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification.
Where to Direct Questions or Concerns
If you have any questions or concerns regarding privacy using the Services, please contact us at [email protected].