Effective Date: October 4, 2021
1. Personal Information We Collect
A. Personal Information You Provide
Account information. When you register for an account on one of the Services, you may provide us with account information, such as your contact information, username, password, and other information relevant for the particular Services.
Communications. When you contact us or if you post on the Services, we may receive your account information, contact information, and the time, date, and content of your message and any attachments.
Contact information. When you sign up to receive updates about our products and services you provide us with contact information, such as your name and email address.
Contributor information. When you contribute to the Stacks project, you may provide us with contributor information, such as the code, documentation or other information you contribute, the time and date of your contributions, your username and profile information, public repository content, and any related comments and discussions.
Developer information. When you submit your app to the App.co platform, you may provide us with developer information such as your contact information, information about your app, and how you learned about app.co.
Evangelist information. When you sign up for our Evangelist program, you may provide us with profile information, such as your name, contact information, social media links, profile photo, and survey information.
Event information. When you participate in one of our events, you may provide us with contact information, and other information necessary or relevant for the organization of the event.
Order information. When you place an order in our online store, we may request information necessary to process your order, such as your contact information, shipping address, as well as credit card, cryptocurrency, or other billing information.
Profile information. When you choose to store your Stacks profile on storage nodes managed by Hiro, we receive your profile information such as your profile photo, biographical information, cryptocurrency addresses, social media handles, and PGP and SSH keys, and other information you choose to include in your profile.
Applicant information. When you apply for a career with Hiro, you may provide us with applicant information, such as your contact information, information in your resume or CV, information from any website you choose to link to (e.g., LinkedIn or Twitter), and any other information you choose to provide.
Where required by applicable law, we indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so.
B. Personal Information We Collect Automatically
Device information. We receive information related to randomly-generated identifiers such as information about the device manufacturer and brand, operating system version, session identifier, and version of the Services that users are using.
Crash report information. If the Services malfunction, crash, or otherwise experience errors, a third-party provider that we use to track errors and monitor performance of the Services will generate and send us crash reports to help us fix the issue. These crash reports contain information about the device and software you use to access the Services, including device manufacturer and brand, screen orientation and resolution, web browser type and operating system version, as well as usage information about page views, clicks, and the dates and times that the errors, malfunctions, or crashes occurred.
C. Personal Information We Collect from Third Parties
Social media information. If you post on Hiro or Stacks social media pages or post about Stacks or Hiro on other publicly available services, we may receive social media information about you, such as your profile information and the time, date and content of your posts.
2. How We Use Personal Information
A. How We Use Personal information
We use Personal Information we collect through the Services as necessary for the following purposes:
Providing the Services. We use Personal Information to operate, maintain, and provide features of the Services.
Communicating with you. We use Personal Information to contact you for administrative and informational purposes, such as to respond to your inquiries, or to inform you about changes to our terms, conditions, and policies, or invitations to join the Services.
Organizing and managing events. We use Personal Information to organize, staff, and manage projects or events.
Fulfilling your orders. We use Personal Information to fulfil your orders, including to process your payment and to ship your order.
Marketing. We use Personal Information to send marketing communications, including promotional and advertising materials that may be useful, relevant, valuable or otherwise of interest relating to products and services offered by us and by third parties we work with, such as app developers. We also use Personal Information to contact you to answer feedback and surveys, and to improve our marketing and promotional efforts. Generally, you have the ability to opt out of receiving any promotional communications as described below under Your Rights and Choices. Where required under applicable law, we will only send you promotional emails with your opt-in consent.
Understanding and improving the Services. We use Personal Information to understand and analyze the usage trends and preferences of our users in order to improve the Services, and to develop new products, services, features, and functionalities.
Compliance with financial regulation. We use Personal Information to comply with financial regulation.
Other business purposes. We use Personal Information for compliance, risk management, and other business purposes, such as audits, security, compliance with applicable laws and regulations, fraud monitoring, and prevention.
B. Our Use of European Personal Information
If you are located in the European Economic Area, we only process your Personal Information when we have a valid legal basis to do so, including when:
- You have consented to the use of your Personal Information, for example to send you marketing communications.
- We need to use your Personal Information to provide you with the Services, for example to give you access to the Services, to respond to your inquiries, or to register you for an event.
- We need to use your Personal Information to comply with a legal obligation, for example to comply with a court order.
- We or a third party have a legitimate interest in using your Personal Information. In particular, we have a legitimate interest in using your Personal to understand and improve the Services, and to monitor and prevent fraud. We only rely on our or a third party’s legitimate interests to process your Personal Information when these interests are not overridden by your rights and interests.
We and third-party service providers may use the following cookies to collect Personal Information:
Functional cookies. Some cookies are strictly necessary to make the Services available to you. For example, to provide login and mailing list signup functionality. We cannot provide you with the Services without this type of cookie.
You can find more information about your rights and choices, and how to opt out of the use of certain cookies in the section Your Rights and Choices below.
3. How We Share Your Personal Information
Except as described in this Policy, we will not disclose your Personal Information collected on the Services to third parties without your consent. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
Your Stacks ID and profile information will be publicly available via the blockchain.
To our third party service providers who provide services such as website hosting data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing, monitoring, metrics generation, and other services.
To analytics partners, such as Google Analytics, who may collect information about your use of other websites, apps, and online resources. You can learn about Google’s practices by going to https://www.google.com/policies/privacy/partners/ and opt-out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
To a potential or actual acquirer, successor, or assignee as part of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in bankruptcy or similar proceedings).
If required to do so by law or in the good faith belief that such action is appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
We may use and disclose aggregated or otherwise de-identified information for any purpose, unless we are prohibited from doing so under applicable law.
4. Third Party Services
We use certain physical, organizational, and technical safeguards that are designed to maintain the integrity and security of information that we collect. Please be aware that no security measures are perfect or impenetrable and thus we cannot and do not guarantee the security of your data. It is important that you maintain the security and control of your credentials, and not share your passwords or private keys with anyone.
6. Your Rights and Choices
You have several rights and choices with regard to our use of your Personal Information. You may, of course, decline to share certain Personal Information with us, in which case we may not be able to provide to you some of the features and functionality of the Services. If you wish to access, amend, or delete any other Personal Information we hold about you, you may contact us using the contact details at the end of this Policy. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so, as permitted under applicable data protection law. From time to time, we send marketing email messages to our users. If you no longer want to receive such emails from us on a going forward basis, you may opt-out via the “unsubscribe” link provided in each such email or by contacting us using the contact details at the end of this Policy.
A. Your European Privacy Rights
If you are located in the European Economic Area, you have additional rights described below.
- You may request access to and receive information about the Personal Information we maintain about you, update and correct inaccuracies in your Personal Information, restrict or object to the processing of your Personal Information, have the information anonymized or deleted, as appropriate, or exercise your right to data portability to easily transfer your Personal Information to another company. In addition, you may also have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work, or where an incident took place.
- You may withdraw any consent you previously provided to us regarding the processing of your Personal Information, at any time, and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before you withdrew your consent.
You may exercise these rights by contacting us using the contact details at the end of this Policy. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
B. Your Cookie Choices
- Do Not Track Signals. There is no accepted standard on how to respond to Do Not Track signals, and we do not respond to such signals.
7. Use of Services by Minors
8. International Visitors
Hiro uses servers hosted in the United States and is intended for users in the United States. If you choose to use the Services from regions of the world with laws governing data collection and use that may differ from U.S. law, please note that we may be transferring your information outside of your region for storage and processing in the United States and around the globe. By using the Services you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.
If you are located in the European Economic Area, we will comply with applicable EEA data protection law when transferring your Personal Information outside of the EEA. We may transfer your Personal Information to countries which have been found to provide adequate protection by the EU Commission (e.g., Canada), use contractual protections for the transfer of Personal Information, or transfer to recipients who have certified to the Privacy Shield or adopted Binding Corporate Rules. For more information about how we transfer Personal Information outside of the EEA, or to obtain a copy of the contractual safeguards we use for such transfers, you may contact us as specified below.
We take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required or permitted by law to keep this information for a longer period. When determining the specific retention period, we take into account various criteria, such as the type of Services provided to you, the nature and length of our relationship with you, and mandatory retention periods provided by law and the relevant statute of limitations.
11. Contact Us
Hiro Systems PBC
Attn: Legal Department
101 West 23rd Street Ste 224
New York, NY 10011