Privacy Policy

CryptoGrids Privacy Policy

CryptoGrids is one of the world’s first blockchain Advertising platform.CryptoGrids allows players to buy their grids to show ads.

CryptoGrids is committed to protecting and respecting your privacy. This Privacy Policy (this “Policy”) setsout how we collect and process personal information about you when you visit our website at cryptogrids.org, when you use our mobile dapp, when you play our game (our“Platform”), or when you otherwise do business or make contact with us.

1. What information do we collect?

A. SUMMARY

CryptoGrids collects data to enable us to operate the Platform effectively, and to provide you with the bestexperiences on our website and our Platform. You provide some of this data to us directly, such as when youregister to use our Platform, subscribe to a newsletter, respond to a survey, make an enquiry through ourwebsite, contact us for support, or contact us as a prospective user, vendor, supplier, or consultant.We get some of your data by recording how you interact with our website and our Platform by, for example,using technologies like cookies. We also obtain and process data in the context of making the Platformavailable to you.

B. LEARN MORE

You have choices about the data we collect. When you are asked to provide personal data, you may decline.But if you choose not to provide data that is necessary to enable us to make the Platform available to you,you may not be able to sign up for or play the Platform. The data we collect depends on the context of yourinteractions with CryptoGrids, and the choices you make (including your privacy settings). The data wecollect can include the following:

Email and Metamask Wallet Address. We may collect your email address and your Metamask walletaddress.

Device and Usage information. We may collect data about your device and how you and your deviceinteract with CryptoGrids and our Platform. For example, we may collect your interactions on our website,yourfeature usage patterns, location data, and your interactions with us. We may also collect data aboutyour device and the network you use to connect to our Platform; this may include data such as your IPaddress, browser type, operating system, and referring URLs.

2. What do we use your information for?

A. SUMMARY

We use the data we collect to operate our business, and to make the Platform available to you. This includesusing the data to improve our Platform, and to personalize your experiences. We may also use the data tocommunicate with you to, among other things, inform you about your account, provide security updates,and give you information about the Platform. We may also use the data to manage your email subscriptions,improve the relevance and security of our website, respond to user enquiries, send you periodicmarketing communications about our Platform, and improve the relevance of our advertising.

B. LEARN MORE

Providing and improving our Platform. We use data to provide the Platform to you, to improve thePlatform, andto perform essential business operations. This includes operating the Platform, maintaining and improvingthe performance of the Platform, developing new features, conducting research, and providing customersupport. Examples of such uses include the following:

Providing the Platform. We use data to carry out your transactions with us and to make the Platformavailable to you. In certain cases, the Platform may include personalized features and recommendations toenhance your enjoyment, and automatically tailor your experience based on the data we have about you.

Technical support. We use data to diagnose problems, and to provide customer care and othersupport services.

Improving the Platform. We use data to continually improve our website and our Platform, includingsystemadministration, system security, and adding new features or capabilities.

Business Operations. We use data to develop aggregate analyses and business intelligence thatenable us to operate, protect, make informed decisions, and report on the performance of our business.

Promotions. We may use your data to administer contests, promotions, surveys, or other sitefeatures.

Improving Advertising Campaigns. We may use your data to improve our advertising campaigns,primarily in an effort to prevent targeting you with advertisement that are not relevant to you.

Sending Periodic Emails. We may use your data to send you periodic emails. Depending on themarketing preferences you select on your privacy dashboard, we may send you occasional marketing emailsabout our Platform, which you can unsubscribe from at any time using the link provided in the message.

Generally. We use data to respond to your enquiries and requests relating to our Platform, to createand administer your account, and to provide us with information and access to resources that you haverequested from us. We also use data for general business purposes, including, among other things, toimprove customer service, to help us improve the content and functionality of our Platform, to betterunderstand our users, to protect against wrongdoing, to enforce our Terms of Use, and to generallymanage our business.

Communications. We use data we collect to communicate with you, and to personalize ourcommunications with you. For example, we may contact you to discuss your account, to remind you aboutfeatures of the Platform that are available for your use, to update you about a support request, or toinvite you to participate in a survey. Additionally, you can sign up for email subscriptions, and choosewhether you want to receive marketing communications from us.

3. How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when youenter, submit, or access your personal information. We offer the use of a secure server. All suppliedsensitive information is transmitted via Secure Socket Layer (SSL) technology and then encrypted intoour gateway providers database only to be accessible by those authorized with special access rights tosuch systems, and are required to keep the information confidential.

4. How do we ensure that our processing systems remain confidential, resilient, and available?

A. SUMMARY

We implement a variety of measures to ensure that our processing systems remain confidential, resilient,and available. Specifically, we have implemented processes to help ensure high availability, businesscontinuity, and prompt disaster recovery. We commit to maintaining strong physical and logical accesscontrols, and conduct regular penetration testing to identify and address potential vulnerabilities.

B. LEARN MORE

High Availability. Every part of the Platform utilizes properly-provisioned, redundant servers (e.g.,multiple load balancers, web servers, replica databases) in case of failure. We take servers out ofoperation as part of regular maintenance, without impacting availability.

Business Continuity. We keep encrypted backups of data daily in multiple regions on Google CloudPlatform. While never expected, in the case of production data loss (i.e., primary data stores loss), wewill restore organizational data from these backups.

Disaster Recovery. In the event of a region-wide outage, we will bring up a duplicate environmentin a different Google Cloud Platform region. Our operations team has extensive experience performingfull region migrations.

Physical Access Controls. CryptoGrids is hosted on Amazon Web Services and Google CloudPlatform. Google data centers feature a layered security model, including extensive safeguards such ascustom-designed electronic access cards, alarms, vehicle access barriers, perimeter fencing, metaldetectors, and biometrics. According to the Google Security Whitepaper: “The data center floor featureslaser beam intrusion detection. Data centers are monitored 24/7 by high-resolution interior and exteriorcameras that can detect and track intruders. Access logs, activity records, and camera footage arereviewed in case an incident occurs. Data centers are also routinely patrolled by professional securityguards who have undergone rigorous background checks and training.” AWS data centers feature a layeredsecurity model, including extensive safeguards such as custom-designed electronic access cards, alarms,vehicle access barriers, perimeter fencing, metal detectors, and biometrics. According to the AWSSecurity Whitepaper: “AWS’s data centers are state of the art, utilizing innovative architectural andengineering approaches. Amazon has many years of experience in designing, constructing, and operatinglarge-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWSdata centers are housed in nondescript facilities. Physical access is strictly controlled both at theperimeter and at building ingress points by professional security staff utilizing video surveillance,intrusion detection systems, and other electronic means. Authorized staff must pass two-factorauthentication a minimum of two times to access data center floors. All visitors and contractors arerequired to present identification and are signed in and continually escorted by authorized staff.”CryptoGrids employees do not have physical access to Google or AWS data centers, servers, network equipment,or storage.

Logical Access Controls. CryptoGrids is the assigned administrator of its infrastructure on GoogleCloud Platform, and only designated authorized CryptoGrids operations team members have access to configurethe infrastructure on an as-needed basis behind a two-factor authenticated virtual private network.Specific private keys are required for individual servers, and keys are stored in a secure and encryptedlocation.

Penetration Testing. We engage an independent, third-party agency to perform black box penetrationtesting on an annual basis. Information about security vulnerabilities that are successfully exploitedthrough penetration testing is then used to set mitigation and remediation priorities.

Intrusion Detection and Prevention. Unusual network patterns or suspicious behavior are amongCryptoGrids’s biggest concerns for infrastructure hosting and management. Google Cloud Platform’s intrusiondetection and prevention systems (IDS/IPS) rely on both signature-based and algorithm-based security tohelp identify traffic patterns that are similar to known attack methods. IDS/IPS involves tightlycontrolling the size and make-up of the attack surface, employing intelligent detection controls at dataentry points, and developing and deploying technologies that automatically remedy dangerous situations,as well as preventing known threats from accessing the system in the first place. We do not providedirect access to security event forensics, but we do provide access to our engineering and customersupport teams during and after any unscheduled downtime.

5. Do we use cookies?

A. SUMMARY

Yes. Cookies are small files that a site or its service provider transfers to your computers hard drivethrough your Web browser (if you allow) that enables the sites or service providers systems to recognizeyour browser and capture and remember certain information. You can choose to disable cookies, but if youdo, your ability to use or access certain parts of the Platform or of our website may be affected.

B. LEARN MORE

We use cookies and other similar identifiers to understand and save your preferences for future visits,to advertise to you on other sites, and to compile aggregate data about site traffic and siteinteraction so that we can offer better site experiences and tools in the future.

You may refuse to accept cookies by activating the setting on your browser that allows you to refuse thesetting of cookies. You can find information on popular browsers and how to adjust your cookiepreferences at the following websites:

However, if you choose to disable cookies, you may be unable to access certain parts of our site. Abanner asking you to accept our cookies policy will be displayed upon the first visit to our website (orthe first visit after you delete your cookies). Unless you have adjusted your browser setting so that itwill refuse cookies and/or you have not accepted our cookies policy, our system will issue cookies whenyou log on to our site.

Our web pages may contain electronic images known as web beacons (also called single-pixel gifs) that weuse to help deliver cookies on our websites, and to count users who have visited those websites. We mayalso include web beacons in our promotional email messages or newsletters, to determine whether and whenyou open and act on them.

In addition to placing web beacons on our own websites, we sometimes work with other companies to placeour web beacons on their websites or in their advertisements. This helps us to develop statistics on howoften clicking on an advertisement on a CryptoGrids website results in a purchase or other action on theadvertiser's website.

Finally, our Platform may contain web beacons or similar technologies from third-party analytics providersthat help us compile aggregated statistics about the effectiveness of our promotional campaigns or otheroperations. These technologies enable the analytics providers to set or read their own cookies or otheridentifiers on your device, through which they can collect information about your online activitiesacross applications, websites or other products.

6. Do we disclose any information to outside parties?

A. SUMMARY

We share your personal data with your consent, or as necessary to make the Platform available to you. We alsoshare your data with vendors working on our behalf; when required by law or to respond to legal process;to protect our customers; to protect lives; to maintain the security and integrity of our Platform; and toprotect our rights or our property.

B. LEARN MORE

We share your personal data with your consent, or as necessary to make the Platform available to you. We alsoshare personal data with vendors or agents working on our behalf for the purposes described in thisPolicy. For example, companies we have hired to provide cloud hosting services, off-site backups, andcustomer support may need access to personal data to provide those functions. In such cases, thesecompanies are required to abide by our data privacy and security requirements and are not allowed to usepersonal data they receive from us for any other purpose. The current list of vendors that we use tohelp us make the Platform available to you can be found here(no list by now).We will update this list from time to time as the list of vendors changes.If you have questions or concerns about any of our vendors, feel free to contact us at [email protected].

We may disclose your personal data as part of a corporate transaction such as a corporate sale, merger,reorganization, dissolution, or similar event. Finally, we will access, transfer, disclose, and/orpreserve personal data, when we have a good faith belief that doing so is necessary to:

(1) comply with applicable law or respond to valid legal process, judicial orders, or subpoenas;

(2) respond to requests from public or governmental authorities, including for national security or lawenforcement purposes;

(3) protect the vital interests of our users, customers, or other third parties (including, for example,to prevent spam or attempts to defraud users of our products, or to help prevent the loss of life orserious injury of anyone);

(4) operate and maintain the security or integrity of our Platform, including to prevent or stop an attack onour computer systems or networks;

(5) protect the rights, interests or property of CryptoGrids or third parties;

(6) prevent or investigate possible wrongdoing in connection with the Platform; or

(7) enforce our Terms of Use.

We may use and share aggregated non-personal information with third parties for marketing, advertising,and analytics purposes. We do not sell or trade your personal information to third parties.

7. How to Access and Control Your Personal Data

A. SUMMARY

You can view, access, edit, delete, or request a copy of your personal data for many aspects of the Platformvia your user dashboard. You can also make choices about CryptoGrids’s collection and use of your data. Youcan always choose whether you want to receive marketing communications from us. You can also opt outfrom receiving marketing communications from us by using the opt-out link on the communication, or byvisiting your user dashboard.

B. LEARN MORE

Data Access. You can access your personal data on your account’s user dashboard.

Data Portability. You can request a copy of your personal data by submitting an email to us at [email protected] and including“Please sendme a copy of my personal data” in the “Subject” line. CryptoGrids will verify your ability to access thatemail, then send you a digital export of the data we hold that is associated with your email address. Wewill use reasonable efforts to respond to your request within 14 days, but in all events within 30 daysof our receipt of the request. CryptoGrids may be limited in its ability to send certain personal data toyou(e.g., the identification of your Metamask wallet).

Data Erasure. You can delete your personal data on your account’s user dashboard. Please be awarethat we require certain information about you in order to make the Platform available to you; this meansthat if you want to delete any of these critical pieces of personal data, you may be required to deleteyour entire profile and no longer be able to access or play the Platform. Alternatively, you may requestthat CryptoGrids delete your personal data by submitting an email to us at [email protected] and including“Pleasedelete my personal data” in the “Subject” line. CryptoGrids will verify your ability to access that email,then delete the personal data associated with your email address. We will use reasonable efforts torespond to your request within 14 days, but in all events within 30 days of our receipt of the request.

Data Correction. You can modify your personal data on your account’s user dashboard. Note thatsince some of the data we collect is specific to you – for example, your Metamask wallet address – youmay not be able to modify this data without needing to create a new user profile.

Your Communications Preferences. You can choose whether you wish to receive marketingcommunications from us. If you receive marketing communications from us and would like to opt out, youcan do so by following the directions in that communication. You can also make choices about yourreceipt of marketing communications by signing into your account, and viewing and managing yourcommunication permissions in your account’s user dashboard, where you can update contact information,manage your contact preferences, opt out of email subscriptions, and choose whether to share yourcontact information with CryptoGrids and our partners. Alternatively, you can request that we withdrawconsent to use your personal data by submitting an email to us at [email protected] and including “Please withdraw my consent for marketingcommunications” in the “Subject” line. CryptoGrids will verify your ability to access that email, thenupdateour systems to remove your email address from the system we use to send marketing communications. Wewill use reasonable efforts to respond to your request within 14 days, but in all events within 30 daysof our receipt of the request. Please note that these choices do not apply to mandatory communicationsthat are part of the Platform, or to surveys or other informational communications that have their ownunsubscribe method.

8. Third Party Links

Occasionally, at our discretion, we may include or offer third party products or services on our websiteor through our Platform. If you access other websites using the links provided, the operators of thesewebsites may collect information from you that will be used by them in accordance with their privacypolicies. These third party sites have separate and independent privacy policies. We, therefore, have noresponsibility or liability for the content and activities of these linked sites. Nonetheless, we seekto protect the integrity of our site and welcome any feedback about these sites.

9. Where we Store and Process Personal Data; International Transfers

Personal data collected by CryptoGrids may be stored and processed in Canada or in any other country whereCryptoGrids or its affiliates, subsidiaries or service providers maintain facilities. The storagelocation(s)are chosen in order to operate efficiently, to improve performance, and to create redundancies in orderto protect the data in the event of an outage or other problem. We take steps to ensure that the data wecollect is processed according to the provisions of this Policy, and the requirements of applicable lawwherever the data is located.

We transfer personal data from the European Economic Area and Switzerland to other countries, some ofwhich have not been determined by the European Commission to have an adequate level of data protection.When we engage in such transfers, we use a variety of legal mechanisms, including contracts, to helpensure your rights and protections travel with your data. To learn more about the European Commission’sdecisions on the adequacy of the protection of personal data in the countries where CryptoGrids processespersonal data, please visit: ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm

10. Data Retention

A. SUMMARY

We may retain your personal information as long as you continue to use the Platform, have an account with us,or for as long as is necessary to fulfill the purposes outlined in this Policy. You can ask to closeyour account by contacting us as described above, and we will delete your personal information onrequest. We may, however, retain personal information for an additional period as is permitted orrequired under applicable laws, for legal, tax, or regulatory reasons, or for legitimate and lawfulbusiness purposes.

B. LEARN MORE

We will retain your personal data for as long as necessary to make the Platform available to you, or forother essential purposes such as complying with our legal obligations, resolving disputes, and enforcingour agreements. Because these needs can vary for different types of data, actual retention periods canvary significantly. The criteria we use to determine the retention periods include:

11. Changes to our Privacy Policy

We will update this privacy statement when necessary to reflect customer feedback and changes to ourPlatform. When we post changes to this statement, we will revise the "last updated" date at the top of thestatement. If there are material changes to the statement or in how CryptoGrids will use your personal data,we will notify you either by prominently posting a notice of such changes before they take effect or bysending you a notification directly. We encourage you to periodically review this privacy statement tolearn how CryptoGrids is protecting your information.

12. How to Contact Us

If you have a technical or support question, please send us an email at [email protected].

If you have a privacy concern, complaint, or a question for the Data Protection Officer of CryptoGrids,pleasecontact us by sending us an email at [email protected]. We will respond to questions or concerns within 30 days.

Unless otherwise stated, CryptoGrids is a data controller for personal data we collect through the Platformsubject to this statement. Our address is CryptoGrids Labs Inc., 980-350 Howe Street, Vancouver, BC, CanadaV6Z 1N9.

The End

2019