Privacy Policy

Carbify OÜ (the “Company”, “we” or “Carbify”) is committed to protecting your privacy. This Privacy Policy (“Policy”) explains how your personal data (“Your Data”) is collected, stored, used, and disclosed by the Company. This Policy applies to the sites (including without limitation https://carbify.io, https://globalcarbonstandard.org, https://carbondebits.io and https://ecoempires.com) (the “Sites”), products and services (the “Services”) on or in which it is posted, linked or referenced.

By accessing or using the Services, you acknowledge and accept that you have read, understood, and agree to our collection, storage, use, and disclosure of your Data as described in this Policy. If you do not agree with any part of the Policy herein, please do not use any part of the Services.

Definitions

Personal Data: Personal Data means data about a living individual who can be identified from those data. Your Data is any information that directly, indirectly, or in connection with other information allows for the identification of a natural person;
Usage Data: Usage Data is data collected automatically either by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit);
Cookies: small amount of data generated by a website and saved by your web browser. It is used to identify your browser, provide analytics and remember information about you such as your language preference or login information;
Data Controller: Data Controller means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any Data is, or is to be processed. For the purpose of this Privacy Policy, the Company is a Data Controller of your Data;
Third-party service: refers to advertisers, contest sponsors, promotional and marketing partners, and others who provide our content or whose products or services we think may interest you.
Data Subject: Data Subject is any living individual who is the subject of your Data;
User: the User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.

What we collect

Information the Company collects from you may include:

Personal Data: while using the Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. It means information such as e-mail address, name, address, username or password;
Feedback and correspondence: such as information you provide in your response to surveys, when you participate in market research activities, report a problem with the Services, receive customer support or otherwise correspond with us;
Usage Data: we may also collect information on how the Services are accessed and used (Usage Data). This Usage Data may include information such as your computer’s Internet Protocol address (“IP address”), browser type, browser version, the pages of the Services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data;
Financial information: such as your credit card, wallet address, other payment details or transaction information (details about purchases or other transactions you make through the Services and billing details);
Tracking & Cookies data: we use cookies and similar tracking technologies to track the activity on our Services and hold certain information. Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse the Services. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of the Services;
Further information you give us in relation to the Services: further information we collect in relation to your use of the Services may include:
Further Personal Data, such as your country of birth, nationality, social security number, place of birth, employer or occupation;
Information required to comply with anti-money laundering (“AML”) laws and know-your-customer (“KYC”) requirements;
Source of funds for making purchases within the Services;
Information that you may give use in relation to your purchased tokens, such as the number of tokens in your wallet or their nature;
Information automatically collected: we may automatically record certain information relating to your use of the Sites (“Log Data”). Log Data may include information such as your IP address, device and browser type, operating system, the pages or features of the Sites that you browse and the time spent on those pages or features, the frequency with which the Sites are used by a user, search terms, the links on our Sites that you clicked on or used, as well as other statistics. We use this information to administer the Services and we analyse (and may engage third parties to analyse) this information to improve and enhance the Services by expanding its features and functionality and tailoring it to our users’ needs and preferences.

We may use cookies, local storage or similar technologies to analyse trends, administer the Sites, track users’ movements around the Sites, and to gather demographic information about our user base as a whole. Users can control the use of cookies and local storage at the individual browser level. For more information, please see our Cookies Policy.

We may use Google Analytics to help us offer you an optimized user experience. You can find more information about Google Analytics’ use of your Data here: https://google.com/analytics/terms/us.html.

Information we will never collect: your private keys or wallet seed. Never trust anyone or any site that asks you to enter your private keys or wallet seed.

Use of personal data

Any of the information we collect from you may be used in one of the following ways:

To enable your access and/or use of the Services;
To deliver products and/or services that you may request and process and complete transactions;
To improve our Services (we continually strive to improve our application offerings based on the information and feedback we receive from you);
To send information, such as communications, technical notices, updates, security alerts and/or support and administrative messages;
To monitor the usage of our Service;
To detect, prevent and address technical issues;
To provide you with news, special offers and general information about other goods, services and events, which are similar to those that you have already purchased or enquired about unless you have opted not to receive such information;
To comply with law: we may use your Data to the extent we deem appropriate or necessary to comply with applicable laws, including AML laws and KYC requirements, lawful requests and legal process, such as to respond to court or government requests;
To communicate with you: we use your Data to communicate about promotions, upcoming events, and other news about products and/or services offered by us (and our selected partners) unless you have opted not to receive such information;
To optimize the Services: in order to optimize your user experience, we may use Data to operate, maintain and improve our Services. We may also use your Data to respond to your questions regarding the Services, and to provide you and other users with general customer service;
With your consent: we may use or share your Data with your consent, such as when you consent to let us post your testimonials or endorsements on our Sites, you instruct us to take a specific action with respect to your personal Data, or you opt into third party marketing communications;
For compliance, fraud prevention and safety: we may use your Data to protect, investigate and deter against fraudulent, unauthorized or illegal activity;
How we use your e-mail address: by submitting your e-mail address, you agree to receive e-mails from us. You can cancel your participation in any of these e-mail lists at any time by clicking on the opt-out link or other unsubscribe option that is included in the respective e-mail. However, transactional e-mails are an essential part of the e-mail system and to stop receiving them, you must cancel the service completely. We only send e-mails to people who have authorized us to contact them, either directly, or through a third party. We do not send unsolicited commercial e-mails. We will periodically send you free, opt-in newsletters and e-mails that directly promote the use of our Service. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly. Despite your indicated e-mail preferences, we may send you occasional service-related communications, including notices of updates to our Privacy Policy.

Sharing of personal data

We do not share the personal Data that you provide us with other organizations without your express consent, except as described in this Policy. We disclose personal Data to third parties under the following circumstances:

Affiliates: we may disclose your personal Data to our subsidiaries and corporate affiliates (i.e. our family of companies that are related by common ownership or control) for purposes consistent with this Policy;
Business transfers: we may share personal Data when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding;
Compliance with laws and law enforcement, protection and safety: we may share personal Data for legal, protection, and safety purposes:
We may share information to comply with laws, including KYC and AML requirements;
We may share information to respond to lawful requests and legal processes;
We may share information to protect the rights and property of the Company, our agents, customers, and others. This includes enforcing our agreements, policies, and terms of use;
We may share information in an emergency. This includes protecting the safety of our employees and agents, our customers, or any person;
Professional advisors and service providers: We may share your information with professional advisors and service providers who need it to do work for us. These recipients may include third party companies and individuals who help us administer and provide the service (such as payment processing, customer support, hosting, e-mail delivery, and database management), as well as lawyers, bankers, auditors, and insurers;
Other: You may also allow us to share your data with other companies or entities of your choice. The privacy policies of these recipient entities will apply to these uses;
We may also share aggregated and/or anonymous data with others for their own purposes.

How information is secured

We retain information we collect as long as it is necessary and relevant for the purposes outlined in this Policy, as well as to comply with applicable law where required, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Terms & Conditions, and other actions permitted by law. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your Data, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances, we may make your Data anonymous (so that it can no longer be associated with you) in which case we may use this data indefinitely without further notice to you.

We employ industry standard security measures designed to protect the security of all information submitted through the Services. However, the security of data transmitted through the internet can never be guaranteed. We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data. Users of the Services are responsible for maintaining the security of any password, biometrics, user ID or other form of authentication involved in obtaining access to password protected or secure areas of any of our Services. In order to protect you and your data, we may suspend your use of any of the Services without notice if any breach of security is suspected.

Information choices and changes

Accessing, updating and deleting your information: you may access information that you have voluntarily provided through your account on the Services, and to review, correct, or delete it by sending a request to info@carbify.io. You can request to change contact choices, opt-out of our sharing with others, and update your personal and preferences;
Tracking technologies generally: regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. For more information, please see our Cookies Policy;
Google Analytics: you may exercise choices regarding the use of cookies from Google Analytics by going to https://tools.google.com/dlpage/gaoptout and downloading the Google Analytics Opt-out Browser Add-on.

Links to other websites

This Privacy Policy applies only to our Services. Carbify may contain links to other websites not operated or controlled by our company. We are not responsible for the content, accuracy or opinions expressed in such websites, and such websites are not investigated, monitored or checked for accuracy or completeness by us. Please remember that when you use a link to go from the Services to another website, our Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our platform, is subject to that website’s own rules and policies. Such third parties may use their own cookies or other methods to collect information about you.

Your rights

You have certain data protection rights. Carbify aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Data. If you wish to be informed what Data, we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

The right to access, update, or to delete the information we have on you;
The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete;
The right to object. You have the right to object to our processing of your Data;
The right of restriction. You have the right to request that we restrict the processing of your Data;
The right to data portability. You have the right to be provided with a copy of your Data in a structured, machine-readable and commonly used format;
The right to withdraw consent. You also have the right to withdraw your consent at any time where Carbify relied on your consent to process your Data.

You can submit these requests by e-mail to info@carbify.io. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your Data or response to your requests regarding your Data, you may contact us at info@carbify.io.

Ccookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the Sites may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookies Policy.

Changes to this Privacy Policy

We reserve the right to change this Policy at any time. We encourage you to periodically review the Sites for the latest information on our privacy practices. If we make any changes, we will change the Last Updated date above.

Any modifications to this Policy will be effective upon our posting of the new terms and/or upon implementation of the changes to the Sites (or as otherwise indicated at the time of posting). In all cases, your continued use of the Sites or Services after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.

Eligibility

If you are under the age of majority in your jurisdiction of residence, you may use the Services only with the consent of or under the supervision of your parent or legal guardian. If we learn that we have received any data directly from a child under age 13 without first receiving his or her parent’s verified consent, we will use that data only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Sites and subsequently we will delete that information.

Sensitive data

Some information you provide us with may constitute sensitive data as defined in the GDPR, including identification of your race or ethnicity on government-issued identification documents.

Legal bases for processing

We only use your Data as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal bases under which we process your personal information, contact us at info@carbify.io.

Use for new purposes

We may use your Data for reasons not described in this Policy, where we are permitted by law to do so and where the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis for that use. If we have relied upon your consent for a particular use of your Data, we will seek your consent for any unrelated purpose.

Applicable law

This agreement shall be governed by the laws of Estonia. The parties agree that the exclusive jurisdiction of any dispute arising from this agreement shall be heard and determined by the competent jurisdiction of the courts in Estonia.