Gridlock privacy policy  

This document sets out what personal data  we collect and use when you visit our website, when you use our crypto storage service, when a Gridlock user sends you a crypto key guardian request and when you act as a guardian. As a company based in the US, we are subject United States data protection laws, but our users may be based around the world. We strive to protect user's privacy and also comply with GDPR and United Kingdom data protection laws.

WHO WE ARE

USEFUL TO KNOW

Being a data controller means we decide what personal data to collect and what it is used for.

  • Gridlock, Inc. is the data controller  of the personal data collected and used as set out in this privacy policy.

  • Our registered office is 11309 Coffeen Avenue STE 1200 Sheridan, Wyoming, 82801, USA

WHAT WE DO

Key outline

USEFUL TO KNOW

Unless explicitly chosen, neither Gridlock nor Guardians have access to the entire private key - only a fraction of the key.

  • We store different types of cryptocurrency in our application (known as a wallet or vault).

  • Individuals require a private key to access their cryptocurrency (regardless of whether it is held personally or in a Gridlock vault).

  • If the private key is forgotten or the owner gets locked out - there is no other way of accessing the cryptocurrency.

  • Gridlock provides a solution to this problem by allowing its users to nominate guardians to act as verifiers for a fraction of the private key.

  • If the user ever gets locked out, a subset of guardians can verify them as the owner of the private key , so they can regain access.

WHAT PERSONAL DATA WE COLLECT

Business Growth outline

USEFUL TO KNOW

Personal data is any information that can (or could be used to) identify a living person.

USEFUL TO KNOW

We sometimes aggregate the personal data we collect to identify trends. We always make certain aggregated information is anonymized so that it is no longer possible to identify the individuals to which it relates.

Purpose

Personal data

For account set up and authentication

  • user email address
  • user provided name and nickname
  • user phone number (for two-factor authentication)
  • guardian email addresses (i.e., the friends/family you invite to assist with account creation)
  • guardian response (e.g., accept, decline, or no response) guardian provided name and nickname  
  • login credentials

Account usage information

  • user transaction data
  • sending and receiving cryptocurrency addresses
  • user vault information
  • stored currencies and amounts

Information collected automatically (via cookies and similar technologies)

  • IP address and other general session information for all devices
  • device location for all connected devices (obtained from IP address or session data)
  • device type, screen size, and other related device information for all devices (mobile and computer)

MARKETING

Email outline

Where you have indicated you would like to receive marketing emails from Gridlock, we use SendGrid to deliver and monitor those emails. Their digital tools let us see whether a recipient has clicked any of the links in our email, which helps us understand what content that individual might find interesting and personalize the content of future emails.

Pixels (which are a similar technology to cookies) within those emails enable us to see:

  • if the email was opened
  • where the device opening the email was located (based on the device’s IP address)
  • the type of email client (e.g., Outlook) used
  • if the email (or its content) was shared on social media
  • if the email was flagged as spam

WHO DO WE SHARE YOUR PERSONAL DATA WITH

Share outline

USEFUL TO KNOW

We only transfer information outside of the US where we have a recognized legal mechanism in place.

USEFUL TO KNOW

If we are asked to comply with a request or legal order to disclose personal data to a third party, we check to ensure it is a valid request and seek legal advice to understand our obligations before responding to the request.

OUR PERSONNEL

Gridlock employees or other works bound by contracts containing confidentiality and data protection obligations.

GUARDIANS

Individuals that a user has nominated as their private key guardian

OUR SUPPLY CHAIN 

Other organisations we engage to help us provide our services, website, and application

  • hosting and server providers:
  •  AWS, Google Cloud
  • email delivery support:
  • Twilio, SendGrid
  • website and application support and maintenance:
  • Namecheap
  • website and application usage analysis:
  • Google Analytics

We ensure these organizations only have access to the information required to provide the support we use them for and are bound by contracts containing confidentiality and data protection obligations.

OTHERS

  • our professional advisers (such as our accountants or legal advisors)
  • regulatory authorities (such as national tax authorities)

any actual or potential buyer of our business

LAWFUL BASIS

Open book outline

USEFUL TO KNOW

Lawful bases are permitted reasons for which an organization can use personal data.

We have identified relevant lawful bases for our use of your personal data. We primarily rely on:

  • Performance of a contract – where the use of personal data is necessary for us to administer your account and provide our services.  
  • Legitimate interests  – to promote and improve our services, to record where a guardian has declined or not responded to a request, to protect our application and website, to defend legal claims, to gain insight into how our services are used  
  • Legal obligation – in meeting our legal obligations under financial, data protection and employment laws (among others)
  • Consent – where you subscribe to our mailing lists, to use non-essential cookies

HOW LONG DO WE KEEP YOUR PERSONAL DATA

Stopwatch with solid fill

USERS AND GUARDIANS

  • We retain the personal data held in your account for as long as the account is active, plus 6 years once deactivated.
  • Where you later change your mind and no longer wish to be a guardian, we retain your personal data for one year.
  • Where you receive a request to become a guardian but do not respond within 6 months or decline to become a guardian, we retain your personal data for one year after the date the user made the request.

E-NEWSLETTER SUBSCRIBERS

We retain your personal data until you unsubscribe

WEBSITE VISITORS

We use cookies on our website. The longest duration of our cookies is one year.

YOUR RIGHTS

Weights Uneven with solid fill

        

You have specific rights in relation to your personal data:

  • The right of access (obtaining a copy of your data)
  • The right to rectification (correcting your data)
  • The right to erasure (deleting your data)
  • The right to restrict processing (to stop use of your data for a time limited period)
  • The right to data portability (to move your data to another organisation)
  • The right to object (to object to our use of your data)

If you wish to make a request in relation to any of these rights, please contact us as: dataprotection@gridlock.network.

INFORMATION SECURITY

Shield Tick outline

We have information security measures in place to reduce the risk of unauthorized access to, misuse or loss of personal data. These include:

  • Appropriate access controls and user authentication, including multi factor authentication
  • Staff policies and training
  • Incident and breach processes
  • Appropriate internal IT and network security
  • Business continuity processes
  • Contracts with our suppliers covering data protection and information security
  • Regular testing and review of our security measures

COOKIES AND SIMILAR TECHNOLOGIES

Illustrator outline

USEFUL TO KNOW

Cookies and similar technologies (e.g. beacons and pixels) are small text files that are downloaded to your device when you access a website. They contain unique references which are used to distinguish you from other visitors on the site.

SET BY

COOKIE

WHAT IT DOES

Google LLC

Identifies trusted web traffic

Identifies and remembers website visitors, how they arrived at our website, which pages they  viewed and how long they stayed on

QUESTIONS OR COMPLAINTS

Question mark with solid fill

In the first instance, we hope we can resolve any queries or concerns you have in an informal way, you can contact us by email at dataprotection@gridlock.network , or by post to:

Gridlock, Inc.

Data Protection

1309 Coffeen Avenue STE 1200

Sheridan, Wyoming 82801

United States