WHO WE ARE
USEFUL TO KNOW Being a data controller means we decide what personal data to collect and what it is used for. |
|
- Gridlock, Inc. is the data controller of the personal data collected and used as set out in this privacy policy.
- Our registered office is 11309 Coffeen Avenue STE 1200 Sheridan, Wyoming, 82801, USA
|
WHAT WE DO
USEFUL TO KNOW Unless explicitly chosen, neither Gridlock nor Guardians have access to the entire private key - only a fraction of the key. |
|
- We store different types of cryptocurrency in our application (known as a wallet orvault).
- Individuals require a private key to access their cryptocurrency (regardless of whether it is held personally or in a Gridlock vault).
- If the private key is forgotten or the owner gets locked out - there is no other way of accessing the cryptocurrency.
- Gridlock provides a solution to this problem by allowing its users to nominate guardians to act as verifiers for a fraction of the private key.
- If the user ever gets locked out, a subset of guardians can verify them as the owner of the private key, so they can regain access.
|
WHAT PERSONAL DATA WE COLLECT
USEFUL TO KNOW Personal data is any information that can (or could be used to) identify a living person. |
USEFUL TO KNOW We sometimes aggregate the personal data we collect to identify trends. We always make certain aggregated information is anonymized so that it is no longer possible to identify the individuals to which it relates. |
|
Purpose | Personal data | For account set up and authentication | - user email address
- user provided name and nickname
- user phone number (for two-factor authentication)
- guardian email addresses (i.e., the friends/family you invite to assist with account creation)
- guardian response (e.g., accept, decline, or no response) guardian provided name and nickname
- login credentials
| Account usage information | - sending and receiving cryptocurrency addresses
- user vault information
- stored currencies and amounts
| Information collected automatically (via cookies and similar technologies) | - IP address and other general session information for all devices
- device location for all connected devices (obtained from IP address or session data)
- device type, screen size, and other related device information for all devices (mobile and computer)
|
|
MARKETING
| Where you have indicated you would like to receive marketing emails from Gridlock, we use SendGrid to deliver and monitor those emails. Their digital tools let us see whether a recipient has clicked any of the links in our email, which helps us understand what content that individual might find interesting and personalize the content of future emails.
Pixels (which are a similar technology to cookies) within those emails enable us to see: - if the email was opened
- where the device opening the email was located (based on the device’s IP address)
- the type of email client (e.g., Outlook) used
- if the email (or its content) was shared on social media
- if the email was flagged as spam
|
WHO DO WE SHARE YOUR PERSONAL DATA WITH
USEFUL TO KNOW We only transfer information outside of the US where we have a recognized legal mechanism in place. |
USEFUL TO KNOW If we are asked to comply with a request or legal order to disclose personal data to a third party, we check to ensure it is a valid request and seek legal advice to understand our obligations before responding to the request. |
|
OUR PERSONNEL Gridlock employees or other worksbound by contracts containing confidentiality and data protection obligations.
GUARDIANS Individuals that a user has nominated as their private key guardian
OUR SUPPLY CHAIN Other organisations we engage to help us provide our services, website, and application - hosting and server providers:
- website and application support and maintenance:
- website and application usage analysis:
We ensure these organizations only have access to the information required to provide the support we use them for and are bound by contracts containing confidentiality and data protection obligations.
OTHERS - our professional advisers (such as our accountants or legal advisors)
- regulatory authorities (such as national tax authorities)
any actual or potential buyer of our business |
LAWFUL BASIS
USEFUL TO KNOW Lawful bases are permitted reasons for which an organization can use personal data. |
|
We have identified relevant lawful bases for our use of your personal data. We primarily rely on:
- Performance of a contract – where the use of personal data is necessary for us to administer your account and provide our services.
- Legitimate interests – to promote and improve our services, to record where a guardian has declined or not responded to a request, to protect our application and website, to defend legal claims, to gain insight into how our services are used
- Legal obligation – in meeting our legal obligations under financial, data protection and employment laws (among others)
- Consent – where you subscribe to our mailing lists, to use non-essential cookies
|
HOW LONG DO WE KEEP YOUR PERSONAL DATA
|
USERS AND GUARDIANS - We retain the personal data held in your account for as long as the account is active, plus 6 years once deactivated.
- Where you later change your mind and no longer wish to be a guardian, we retain your personal data for one year.
- Where you receive a request to become a guardian but do not respond within 6 months or decline to become a guardian, we retain your personal data for one year after the date the user made the request.
E-NEWSLETTER SUBSCRIBERS We retain your personal data until you unsubscribe
WEBSITE VISITORS We use cookies on our website. The longest duration of our cookies is one year.
|
YOUR RIGHTS
|
You have specific rights in relation to your personal data:
- The right of access(obtaining a copy of your data)
- The right to rectification (correcting your data)
- The right to erasure(deleting your data)
- The right to restrict processing (to stop use of your data for a time limited period)
- The right to data portability (to move your data to another organisation)
- The right to object(to object to our use of your data)
If you wish to make a request in relation to any of these rights, please contact us as: dataprotection@gridlock.network.
|
INFORMATION SECURITY
|
We have information security measures in place to reduce the risk of unauthorized access to, misuse or loss of personal data. These include:
- Appropriate access controls and user authentication, including multi factor authentication
- Staff policies and training
- Incident and breach processes
- Appropriate internal IT and network security
- Business continuity processes
- Contracts with our suppliers covering data protection and information security
- Regular testing and review of our security measures
|
COOKIES AND SIMILAR TECHNOLOGIES
USEFUL TO KNOW Cookies and similar technologies (e.g. beacons and pixels) are small text files that are downloaded to your device when you access a website. They contain unique references which are used to distinguish you from other visitors on the site. |
|
SET BY | COOKIE | WHAT IT DOES | Google LLC | Identifies trusted web traffic | Identifies and remembers website visitors, how they arrived at our website, which pages they viewed and how long they stayed on |
|
QUESTIONS OR COMPLAINTS
|
In the first instance, we hope we can resolve any queries or concerns you have in an informal way, you can contact us by email at dataprotection@gridlock.network , or by post to:
Gridlock, Inc. Data Protection 1309 Coffeen Avenue STE 1200 Sheridan, Wyoming 82801 United States
|