Privacy Policy

This Privacy Policy ("Policy") describes the Personal Data processing P2P (the term "P2P" in this Policy refers to P2PStaking, a legal entity incorporated under the laws of Cayman Islands, and its Affiliates, whether together or separately(«we», «us», «our»)), carries out regarding the User's («you», «your», «user») Personal Data. This Privacy Policy applies to: all means of access to P2P’s Website, including all subdomains (collectively, the "Website") and/or the use of our servicesor any other features, technologies or functionalities, websites, software and copyright assets and other services which P2Phave or have licensed to Users and/or which are offered by P2P through the Website or any other means (collectively, the"Services"). This Policy is to be considered an integral part of and must be read together with P2P Terms (Terms of Use, and any other Terms located at the Website, depending on the Services the User is enjoying) (the "Terms"). Should the User have any questions about our processing of Personal Data or about this Privacy Policy, please refer to the last section of the document for information on how to get in touch with us.
‍
The term "Personal Data" in this Policy refers to personally identifiable information (also, “PII”) P2P process regarding theUser when they use the Website, the Services, any content as available on the Website, and/or contacts, by any means available, P2P, its Affiliates and/or their shareholders, members, directors, officers, employees, representatives, or any company authorized by it (“Affiliates”). For the sake of clarity this Policy’s scope does not include non-identifiable personal data, or anonymised data.

We process the following types of Personal Data about you:

We do not collect, nor processes any sensitive data, nor any type of “PHI” (personal health information) regarding you thatincludes details about their religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade unionmembership, information about your health and genetic and biometric data. We only process Personal Data that it deems tobe reasonably necessary to carry out with our activities.

Please note that by using the Website and Service, we may also collect and process Personal Data, available on theblockchain, such as your public key or wallet address, the size of your staking, rewards received, etc. Such data is collectedand processed with the aim to provide you with our Services, especially those referred to the Website’s dApp functionality. Byusing that Service, you give your consent to us to collect and process that information.

Below, we describe the purposes and legal grounds regarding the processing of your Personal Data, which we havedifferentiated based on the Service or activity:

Unless we reasonably believe that we need to use it for some other reason and that reason is consistent with the original purpose, we will only use your Personal Data for the purposes herein referred.

Should you wish to find out more about how the processing for the new purpose is consistent with the original purpose, please do not hesitate to email us for details. Should we need to use your Personal Data for another purpose unrelated to the one we have already informed you about, we will do our best in notifying all the Users, describing the processing in the same way we have done here.

As part of our business and the duties we must comply with we might collect, process and communicate Personal Data regarding you from or to third parties, such as the information we collect from public networks or the ones we might have to share with relevant authorities. In any case, we process such data according to the standards set by the applicable legislation and as described here.

Subject to applicable law, you have the right to request access to, object to, correct, and delete your personal data, and to ask for data portability. You may also object to our processing of your personal data or ask that we restrict the processing of your personal data in certain instances. If you wish to do any of these things, please contact us, or submit a data subject access request.

Below, some examples of what you can ask for:

You will not have to pay a fee to access their Personal Data (or to exercise any of the other rights relating to its Personal Data on the Website and/or the Services). However, we may charge you a reasonable fee if we find that your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in such circumstances.

We may need to request specific information from the you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of the other rights). This is a security measure to ensure that Personal Data is not disclosed to any unauthorized person. We may also contact you to ask for further information in relation to your request. P2P will try to respond to all legitimate requests within one month. Occasionally it may take longer if the User’s request is particularly complex or you have made several requests. In this case, we will notify you and keep you posted. If you wish to exercise any of the rights set out above, please email us.

We keep your personal information to enable your continued use of the Services, for as long as it is required in order to fulfill the relevant purposes described in this Privacy Notice, as may be required by law such as for tax and accounting purposes, or as otherwise communicated to you.

We will only retain your Personal Data for as long as necessary to fulfil our purposes as set out above. To determine the appropriate Personal Data retention period, we consider the volume, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of the Personal Data, the purposes for which we process thePersonal Data, whether these purposes could be achieved through any other means, and the applicable legal requirements.

For example, by law, for accounting, tax, and compliance with relevant AML regulation, we have to keep transaction information about your operations (including wallet address, and transaction data) for ten (10) years after each transaction.

P2P does not sell its Users’ data to any third party for any reason. Generally, P2P will not share Users’ Personal Data withthird parties without its Users’ permission.

We must inform that in the provision of our Services we use third party services with which may need to share your PersonalData.For example, we disclose or share Users’ Personal Data with:

We only allow such third parties to process our Users’ Personal Data for specified purposes and in accordance with its instructions and relevant data protection laws.

We collaborate with the following vendors in processing your Personal Data (this is not an exhaustive list):

P2P may disclose its Users’ Personal Data if required to do so by law or if P2P believes that such actions are necessary to:

Accuracy, completeness, and relevance of the Personal Data, when provided by you is on you, which means we deny all responsibilities and liabilities in that regard. Additionally, as stated you as a User have the right to ask for rectification, amendment, or correction of the Personal Data. If you don’t know which Personal Data we hold about you, you can request access to your Personal Data.

Users’ Personal Data is collected and processed in accordance with the applicable privacy laws and the EU General Data Protection Regulation. P2P may share, store, process or attempt to process all Users’ data worldwide. When Personal Data is shared or transferred, P2P will ensure that the transfer will be subject to appropriate safeguards in accordance with applicable data protection legislation and corresponding level of protection.

P2P has taken steps to ensure that the Personal Data collected by P2P is secure. P2P has also taken a range of technical and organizational measures to protect the confidentiality, security, and integrity of the Personal Data collected from Users, including protecting Users’ data from unauthorized access, loss, change, or deletion. Personal Data is stored in secure operating environments that are not available to the public and that are only accessible to authorized employees, consultants and/or service providers. P2P also has security measures in place to protect the loss, misuse, and alteration of the information under our control. Such actions include but are not limited to, physical controls, encryption, eligibility restrictions, policies, etc. P2P has put in place procedures to deal with any suspected Personal Data breach and will notify Users and any applicable regulator of a breach where P2P is legally required to do so.

The Website is not meant to be used by anyone under the age of 18. P2P does not knowingly collect Personal Data from underage unless expressly permitted by their parent or guardian, according to the relevant legislation.

Any dispute, controversy, or claim arising out of or in connection with this Policy, or the breach, termination or invalidity thereof, shall be governed by the laws and venue as stated in the Terms.

This Policy may be subject to change from time to time. If substantial changes are made to the Policy, P2P employ tis best efforts in notifying the Users by posting it to the Website and sending relevant communication, if feasible.We encourage you to check back and review this Policy from time to time so that you are always informed about the processing of Personal Data relevant to you. Your continued use of the Website and/or the Services, means your acceptance of the Policy changes.

If you have any questions about this Policy, please contact P2P at info@p2p.org.