Last Updated: July 12, 2022
Types of Data We Collect. “Personal Data” means data that allows someone to identify you individually, including, for example, your name, email address, as well as any other non-public information about you that is associated with or linked to any of the foregoing. “Anonymous Data” means data, including aggregated and de-identified data, that is not associated with or linked to your Personal Data; Anonymous Data does not, by itself, permit the identification of individual persons. We collect Personal Data and Anonymous Data as described below.
Information You Provide Us.
- When you use our Service, update your account profile, or contact us, we may collect Personal Data from you, such as email address, first and last name, user name, and other information you provide. We also collect your blockchain address, which may become associated with Personal Data when you use our Service.
- Our Service lets you store preferences like how your content is displayed, notification settings, and favorites. We may associate these choices with your ID, browser, or mobile device.
- If you provide us with feedback or contact us, we will collect your name and contact information, as well as any other content included in the message.
- We may also collect Personal Data at other points in our Service where you voluntarily provide it or where we state that Personal Data is being collected.
Information Collected via Technology. As you navigate through and interact with our Service, we may use automatic data collection technologies to collect certain information about your browsing actions, and patterns, including:
- Information Collected by Our Servers. To provide our Service and make it more useful to you, we (or a third party service provider) collects information from you, including, but not limited to, your browser type, operating system, Internet Protocol (“IP”) address, blockchain address, wallet type, and date/time stamps.
- Log Files. As is true of most websites and applications, we gather certain information automatically and store it in log files. This information includes IP addresses, browser type, Internet service provider (“ISP”), referring/exit pages, operating system, date/time stamps, and clickstream data. We use this information to analyze trends, administer the Service, track Users’ movements around the Service, and better tailor our Services to our Users’ needs. For example, some of the information may be collected so that when you visit the Service, it will recognize you and the information can be used to personalize your experience.
- Pixel Tag. In addition, we use “Pixel Tags” (also referred to as clear Gifs, Web beacons, or Web bugs). Pixel tags are electronic images that generate a generic notice of a visit to the Site and are used in conjunction with cookies to anonymously track the activity on the Site by a particular browser. Pixel Tags allow us to analyze how users find our Service, make the Service more useful to you, and tailor your experience with us to meet your particular interests and needs.
- How We Respond to Do Not Track Signals. Our systems do not currently recognize “do not track” (“DNT”) signals or other mechanisms that might enable Users to opt-out of tracking on our site. Some web browsers (including Safari, Internet Explorer, Firefox, and Chrome) incorporate a DNT or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. Because there is not yet an accepted standard for how to respond to browser DNT signals, we do not currently respond to them.
- Information Collected from Third-Party Companies. We may receive Personal and/or Anonymous Data about you from companies that offer their products and/or services for use in conjunction with our Service or whose products and/or services may be linked from our Service. For example, third-party wallet providers provide us with your blockchain address and certain other information you choose to share with those wallet providers. We may add this to the data we have already collected from or about you through our Service.
- Public Information Observed from Blockchains. We collect data from activity that is publicly visible and/or accessible on blockchains. This may include blockchain addresses and information regarding purchases, sales, or transfers of NFTs, which may then be associated with other data you have provided to us.
Use of Your Personal Data.
We process your Personal Data to run our business, provide the Service, personalize your experience on the Service, and improve the Service. Specifically, we use your Personal Data to:
- facilitate the creation of and secure your account;
- identify you as a user in our system;
- provide you with our Service, including, but not limited to, helping you view, explore, and create NFTs using our tools and, at your own discretion, connect directly with others to purchase, sell, or transfer NFTs on public blockchains;
- improve the administration of our Service and quality of experience when you interact with our Service, including, but not limited to, by analyzing how you and other users find and interact with the Service;
- provide customer support and respond to your requests and inquiries;
- investigate and address conduct that may violate our Terms of Service;
- detect, prevent, and address fraud, violations of our terms or policies, and/or other harmful or unlawful activity;
- display your username next to the NFTs currently or previously accessible in your third-party wallet, and next to NFTs on which you have interacted;
- send you a welcome email to verify ownership of the email address provided when your account was created;
- send you administrative notifications, such as security, support, and maintenance advisories;
- send you notifications related to actions on the Service, including notifications of offers on your NFTs;
- comply with applicable laws, cooperate with investigations by law enforcement or other authorities of suspected violations of law, and/or pursue or defend against legal threats and/or claims; and
- act in any other way we may describe when you provide the Personal Data.
- We may create Anonymous Data records from Personal Data. We use this Anonymous Data to analyze request and usage patterns so that we may improve our Services and enhance Service navigation. We reserve the right to use Anonymous Data for any purpose and to disclose Anonymous Data to third parties without restriction.
- Third-Party Service Providers. We may share your Personal Data with third-party service providers to: provide technical infrastructure services; conduct quality assurance testing; analyze how our Service is used; service providers that perform services for us (such as e-mail, analytics, and web hosting); prevent, detect, and respond to unauthorized activities; provide technical and customer support; and/or to provide other support to us and to the Service.
- Other Disclosures. We may also disclose your Personal Data to fulfill the purpose for which you provide it; for any other purpose disclosed by us when you provide it; or with your consent.
- Your Choices Regarding Information. You have a choice regarding the use of information on our Services: If you decide at any time that you no longer wish to accept Cookies from our Service for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Service or all functionality of the Service.
Data Access and Control. You can view, access, edit, or delete your Personal Data for certain aspects of the Service via your Settings page. You may also have certain additional rights:
- If you are a user in the European Economic Area or United Kingdom, you have certain rights under the respective European and UK General Data Protection Regulations (“GDPR”). These include the right to (i) request access and obtain a copy of your personal data; (ii) request rectification or erasure; (iii) object to or restrict the processing of your personal data; and (iv) request portability of your personal data. Additionally, if we have collected and processed your personal data with your consent, you have the right to withdraw your consent at any time.
- If you are a California resident, you have certain rights under the California Consumer Privacy Act (“CCPA”). These include the right to (i) request access to, details regarding, and a copy of the personal information we have collected about you and/or shared with third parties; (ii) request deletion of the personal information that we have collected about you; and (iii) the right to opt-out of the sale of your personal information. As the terms are defined under the CCPA, we do not “sell” your “personal information.”
- If you wish to exercise your rights under the GDPR, CCPA, or other applicable data protection or privacy laws, please contact us by sending an email to [email protected] or at the address provided in Section 13 below, specify your request, and reference the applicable law. We may ask you to verify your identity or ask for more information about your request. We will consider and act upon any above request in accordance with applicable law. We will not discriminate against you for exercising any of these rights.
- Notwithstanding the above, we cannot edit or delete any information that is stored on a blockchain, for example, the Ethereum blockchain, as we do not have custody or control over any blockchains. The information stored on the blockchain may include purchases, sales, and transfers related to your blockchain address and NFTs held at that address.
- Note that the Services employ Smart Contracts that collect information stored on a blockchain that we do not control. If you use the Services, you are consenting to allow your information to be cryptographically transmitted and stored on that blockchain, and any deletion or modification of that information (to the extent possible on a blockchain) is governed by the terms of the relevant Smart Contract.
Data Protection. We care about the security of your information and use physical, administrative, and technological safeguards to preserve the integrity and security of information collected through our Service. However, no security system is impenetrable and we cannot guarantee the security of our systems. In the event that any information under our custody and control is compromised as a result of a breach of security, we will take steps to investigate and remediate the situation and, in accordance with applicable laws and regulations, notify those individuals whose information may have been compromised. This paragraph shall be understood as meaning that neither Mintdrop nor any of their controllers of the relevant Network or Service provided assume any responsibility deriving from any security breach other than taking the necessary preventative measures stated above.
- We use SSL (Secure Socket Layer) technology in connection with the highest encryption level supported by your browser. In general, this is a 256-bit encryption. ECDSA (Elliptic Curve Digital Signature Algorithm ) also known as the bitcoin curve, is used for private and public key encryption with the blockchain for locally securing data. For even more secure interactions dealing with the deployment of smart contract interactions, we use WebAuthn for 2FA encryption. Our security measures are continuously improved in line with technological developments.
- You are responsible for the security of your digital wallet, and we urge you to take steps to ensure it is and remains secure. If you discover an issue related to your wallet, please contact your wallet provider.
- Minors. We do not intentionally gather Personal Data from visitors who are under the age of 13. Our Terms of Service require all users to be at least 18 years old. Minors who are at least 13 years old but are under 18 years old may use a parent or guardian’s Mintdrop account, but only with the involvement of the account holder. If a child under 13 submits Personal Data to Mintdrop and we learn that the Personal Data is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Data from a child under 13, please contact us by email at [email protected] or at the address indicated in Section 13 below.