Last updated: August 22, 2022
PLEASE REVIEW THE FOLLOWING TO UNDERSTAND HOW WE PROCESS AND SAFEGUARD PERSONAL DATA ABOUT YOU. BY USING ANY OF OUR SERVICES, WHETHER BY VISITING OUR PLATFORM OR OTHERWISE, AND/OR BY VOLUNTARILY PROVIDING PERSONAL DATA TO US, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THE PRACTICES CONTAINED IN THIS PRIVACY NOTICE. THIS PRIVACY NOTICE MAY BE REVISED FROM TIME TO TIME, SO PLEASE ENSURE THAT YOU CHECK THIS PRIVACY NOTICE PERIODICALLY TO REMAIN FULLY INFORMED.
- PERSONAL DATA WE COLLECT
We receive several types of information about you from various sources, including (A) information and content that you give us; (B) automatically collected information; and (C) demographic information or other aggregate information; and (D) information from other sources. Each is described in further details below.
- Information and Content You Give Us.
We collect personal information that you knowingly choose to disclose. This may include:
(1) Personal Information. Personal information, such as your name, identity card number, passport number, address, e-mail address, username, password, and any other information you directly provide us on or through the Services. This includes information you provide when you register or create an account, or request for customer service.
(2) Email Correspondences. Records and copies of your email messages together with your email address and our responses, if you choose to correspond with us through email.
(3) User Content. Information or content you submit to be published or displayed on public areas of the Services or transmitted to other users of the Services or third parties (collectively, "User Content"). Your User Content is posted on and transmitted to others at your own risk. The Company cannot control the actions of other users of the Services with whom you may choose to share your User Content. Therefore, we cannot and do not guarantee that your User Content will not be viewed by unauthorized persons.
(4) Transaction Information. Information about any purchase or transactions made on the Services. This includes payment information, such as your credit or debit card number and other card information; other account and authentication information; and billing, shipping, and contact details.
Information We Collect Automatically.
We may use a variety of technologies to collect certain information about your equipment, browsing actions, and patterns whenever you interact with the Services, including:
(1) Activity Information. Details of your visits to our Services and any transactions undertaken, including the types of content you view or engage with; the NFTs and other tokens interacted or transacted by you; the features you use; the actions you take; the people or accounts you interact with; the time, frequency, and duration of your activities; and other information about your use of and actions on the Services.
(2) Equipment Information. Information about your computer and internet connection, including your computer operating system, IP address, browser type, and browser language.
(3) Location Information. Information about the location of your device, including GPS location, for purposes of enhancing or facilitating the Services. For example, such information may be used to enable the functionality or features of the Services that provide you with information about stores near you, or enable you to remotely order and pay for the Services. We may also use information about the location of the device you are using to help us understand how the Services and functionality are being used and to deliver more relevant advertising.
The gathering of this information may be used for maintaining the quality of the Services we provide, as well as providing overall general statistics related to the use of the Services. The technologies we use for this automatic data collection may include:
(2) Web Beacons. Web beacons are small files that are embedded in webpages, applications, and emails (also known as "clear gifs", "pixel tags", "web bugs", and "single-pixel gifs"). Web beacons allow the Company, for example, to track who has visited those webpages or opened an email, to test the effectiveness of our marketing, and for other related website statistics.
(4) Entity Tags. Entity Tags are HTTP code mechanisms that allow portions of websites to be stored or "cached" within your browser and validates these caches when the website is opened, accelerating website performance since the web server does not need to send a full response if the content has not changed.
(5) HTML5 Local Storage. HTML5 local storage allows data from websites to be stored or "cached" within your browser to store and retrieve data in HTML5 pages when the website is revisited.
(6) Resettable Device Identifiers. Resettable device identifiers (also known as "advertising identifiers") are similar to cookies and are found on many mobile devices and tablets (for example, the "Identifier for Advertisers" or "IDFA" on Apple iOS devices and the "Google Advertising ID" on Android devices), and certain streaming media devices. Like cookies, resettable device identifiers are used to make online advertising more relevant.
We may collect demographic, statistical, or other aggregate information that is about you, but individually does not identify you. Some of this information may be derived from personal information, but it is not personal information and cannot be tied back to you. Examples of such aggregate information include gender, age, race, household income, and political affiliation.
Information from Other Sources.
We may receive information about you from other sources and add it to our account information. We protect this information according to the practices described in this Policy, plus any additional restrictions imposed by the source of the data. These sources may include online and offline data providers, from which we obtain demographic, interest-based, and online advertising related data; publicly available sources such as open government databases or social networks; and service providers who provide us with information, or updates to that information, based on their relationship with you. By gathering additional information about you, we can correct inaccurate information, enhance the security of your transactions, and give you product or service recommendations and special offers that are more likely to interest you.
- HOW WE USE YOUR PERSONAL DATA
We may use the information we collect about you in a variety of ways, including to:
(1) provide the Services and its content to you;
(2) respond to comments and questions, and provide customer service;
(3) fulfill any other purpose for which you provide such information;
(4) communicate with you about your order, purchase, account, or subscription;
(5) inform you about important changes to, or other news about, the Services or any of its features or content;
(6) operate, maintain, improve, personalize, and analyze the Services;
(7) monitor and analyze trends, usage, and activities for marketing or advertising purposes;
(8) detect, prevent, or investigate security breaches, fraud, and other unauthorized or illegal activity;
(9) carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
(10) maintain appropriate records for internal administrative purposes;
(11) allow you to participate in interactive features on the Services;
(12) send promotional communications, such as information about features, newsletters, offers, promotions, contests, and events;
(13) share information across the Company's products and devices to provide a more tailored and consistent experience on all Company products you use;
(14) develop, test and improve new products or services, including by conducting surveys and research, and testing and troubleshooting new products and features;
(15) facilitate business asset transactions (which may extend to any merger, acquisition or asset sale) involving the Company or any of its affiliates; and
(16) comply with any applicable rules, laws and regulations, codes of practice or guidelines or assist in law enforcement and investigations by relevant authorities.
You hereby consent to our use of your personal data for any or all of the above purposes.
- HOW WE SHARE YOUR PERSONAL DATA
We may disclose aggregated or anonymized information about our users without any restrictions. We will not share your personal information that we collect or you provide as described in this Policy except in the following circumstances:
(1) With subsidiaries and affiliates for business purposes. To our subsidiaries and affiliated companies for purposes of management and analysis, decision-making, and other business purposes.
(2) When we work with service providers. To service providers, contractors, and other third parties that provide us with support services, such as credit card processing, website hosting, email and postal delivery, location mapping, product and service delivery, or analytics services, and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
(3) When we become involved in a sale or transfer of the Company. If we become involved with a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the Company's assets (whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding), to business entities or people involved in the negotiation or transfer.
(4) When we are required by law. To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
(5) When we enforce our rights. To enforce or apply this Policy, our Terms of Service, and other agreements, including for billing and collection purposes.
(6) To help protect lawful interests. If we believe disclosure will help us protect the rights, property, or safety of the Company, our users, partners, agents, and others. This includes exchanging information with other companies and organizations for fraud protection, and spam and malware prevention.
(7) To fulfill the purpose for that information or with your consent. To fulfill the purpose for which you provide the information, for any other purpose disclosed by us when you provide the information, or with your consent.
(8) When we work with marketing service providers. To marketing service providers to assess, develop, and provide you with promotions and special offers that may interest you, administer contests, sweepstakes, and events, or for other promotional purposes.
Information that you post on or through the public areas of the Services (e.g., chat rooms, bulletin boards, and discussion groups) are generally accessible to, and may be collected and used by, others and may result in unsolicited messages or other contact from others. Users of the Services are encouraged to exercise caution when providing personal information about themselves in public or interactive areas.
- YOUR RIGHTS REGARDING PERSONAL DATA
Your rights vary depending on the laws that apply to you, but may include:
- The right to know whether, and for what purposes, we process your personal data;
- The right to be informed about the personal data we collect and/or process about you;
- The right to learn the source of personal data about you we process;
- The right to access, modify, and correct personal data about;
- The right to know with whom we have shared your personal data with, for what purposes, and what personal data has been shared (including whether personal data was disclosed to third parties for their own direct marketing purposes);
- The right to withdraw your consent, where processing of personal data is based on your consent; and
- The right to lodge a complaint with a supervisory authority located in the jurisdiction of your habitual residence, place of work, or where an alleged violation of law occurred.
See “Your California Privacy Rights”, “Your Nevada Privacy Rights”, and “Your European Union and UK Privacy Rights”, for more information about certain legal rights.
- Accessing, Modifying, Rectifying, and Correcting Collected Personal Data
We strive to maintain the accuracy of any personal data collected from you and will try to respond promptly to update our records when you tell us the information in our records is not correct. However, we must rely upon you to ensure that the information you provide to us is complete, accurate, and up-to-date, and to inform us of any changes. Please review all of your information carefully before submitting it to us. Any updates or corrections to your information may be made through your account settings.
Your California Privacy Rights
California’s “Shine the Light” law permits our users who are California residents to request and obtain from us a list of what personal data (if any) we disclosed to third parties for their own direct marketing purposes in the previous calendar year and the names and addresses of those third parties. Requests may be made only once per year per person, must be sent to the email address below, and are free of charge. However, we do not disclose personal data protected under the “Shine the Light” law to third parties for their own direct marketing purposes.
The California Consumer Privacy Act (“CCPA”) provides our users who are California residents the following additional rights:
- Right to Know: You have the right to request that we disclose certain information to you about the personal data we collected, used, disclosed, and sold about you in the past 12 months. This includes a request to know any or all of the following:
- The categories of personal data collected about you;
- The categories of sources from which we collected your personal data;
- The categories of personal data that we have sold or disclosed about you for a business purpose;
- The categories of third parties to whom your personal data was sold or disclosed for a business purpose;
- Our business or commercial purpose for collecting or selling your personal data; and
- The specific pieces of personal data we have collected about you.
- Data Portability: You have the right to request a copy of personal data we have collected and maintained about you in the past 12 months.
- Right to Deletion: You have the right to request that we delete the personal data we collected from you and maintained, subject to certain exceptions. Please note that if you request deletion of your personal data, we may deny your request or may retain certain elements of your personal data if it is necessary for us or our service providers to:
- Complete the transaction for which the personal data was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between our business and you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent.
- To enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us.
- Comply with a legal obligation.
- Otherwise use the personal data, internally, in a lawful manner that is compatible with the context in which you provided the information.
- Right to Opt-Out/In: You have the right to opt-out of the sale of your personal data. You also have the right to opt-in to the sale of personal data. However, we do not sell your personal data.
- Right to Non-Discrimination: You have the right not to receive discriminatory treatment by us for the exercise of your CCPA privacy rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Only you, or a person authorized by you to act on your behalf, may make a verifiable consumer request related to your personal data.
You may only make a verifiable consumer request for Right to Know or Data Portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal data or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We may deny your request if we are unable to verify your identity or have reason to believe that the request is fraudulent.
Consumer Request by an Authorized Agent
- Proof that you gave the authorized agent signed permission to submit the request.
- Sufficient information to verify the authorized agent’s identity, depending on the nature of the request.
- To verify your identity, depending on the nature of the request, we may also require a valid Government Issued ID (not expired), email address, and the last 4 digits of the social security number.
We cannot respond to your request or provide you with personal data if we cannot verify your identity or authority to make the request and confirm the personal data relates to you. We will only use personal data provided in a verifiable consumer request to verify the request’s identity or authority to make the request.
We will acknowledge receipt of the request within ten (10) business days of its receipt. We will respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For Data Portability requests, we will provide the responsive information in a portable and, to the extent technically feasible, in a readily useable format that allows you to transmit the information to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
- Right to Know: You have the right to request that we disclose certain information to you about the personal data we collected, used, disclosed, and sold about you in the past 12 months. This includes a request to know any or all of the following:
Your Nevada Privacy Rights
Your European Union and UK Privacy Rights
In addition to the above-listed rights, European Union and UK privacy law provides individuals with enhanced rights in respect of their personal data. These rights may include, depending on the circumstances surrounding the processing of personal data:
- The right to object to decisions based on profiling or automated decision-making that produce legal or similarly significant effects on you;
- The right to request restriction of processing of personal data or object to processing of personal data carried out pursuant to (i) a legitimate interest (including, but not limited to, processing for direct marketing purposes) or (ii) performance of a task in the public interest;
- In certain circumstances, the right to data portability, which means that you can request that we provide certain personal data we hold about you in a machine-readable format; and
- In certain circumstances, the right to erasure and/or the right to be forgotten, which means that you can request deletion or removal of certain personal data we process about you.
- YOUR CHOICES
You have choices about certain information we collect about you, how we communicate with you, and how we process certain personal data. When you are asked to provide information, you may decline to do so; but if you choose not to provide information that is necessary to provide some of our Services, you may not be able to use those Services. In addition, it is possible to change your browser settings to block the automatic collection of certain information.
- Location Information. If you want to limit or prevent our ability to receive location information from you, you can deny or remove the permission for certain Services to access location information or deactivate location services on your device. Please refer to your device manufacturer or operating system instructions for instructions on how to do this.
- Cookies. If you decide at any time that you no longer wish to accept Cookies from our Service for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Service or all functionality of the Service. If you have any questions about how to disable or modify Cookies, please let us know at the contact information provided below.
- PROTECTING PERSONAL DATA
We use reasonable and appropriate physical, technical, and organizational safeguards designed to promote the security of our systems and protect the confidentiality, integrity, availability, and resilience of personal data. Those safeguards include: (i) the encryption of personal data where we deem appropriate; (ii) taking steps to ensure personal data is backed up and remains available in the event of a security incident; and (iii) periodic testing, assessment, and evaluation of the effectiveness of our safeguards.
However, no method of safeguarding information is completely secure. While we use measures designed to protect personal data, we cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that Internet data transmission is not always secure, and we cannot warrant that information you transmit utilizing the Services is or will be secure.
- RETENTION OF PERSONAL DATA
We may retain your personal data for as long as it is necessary for the purposes it has been collected, and (i) in most cases, up to 7 years; or (ii) in respect of our activities in the EU, up to 10 years, unless otherwise required by applicable law or in order to defend legal claims. Where we no longer require your Personal Data for those purposes, we will cease to retain such Personal Data in accordance with our internal retention policy.
- TRANSFER OF PERSONAL DATA
Your personal data may be stored in external servers located overseas. In addition, as described above, in carrying out our business, it may be necessary to share information about you with and between our related corporations and third-party service providers, some of which may be located in countries outside your country of residence. Such countries may not afford a standard of protection similar to those in your country of residence. However, we will take reasonable steps to ensure that your personal data transmitted outside of your country of residence is adequately protected. In addition, we will ensure that such transfers comply with the requirements of the applicable data protection laws.
If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include user information among our assets transferred to or acquired by a third party. You acknowledge that such transfers may occur, and that any parties who acquire us may continue to use your personal data according to this policy.
- MODIFICATIONS AND UPDATES TO THIS PRIVACY NOTICE
- APPLICABILITY OF THIS PRIVACY NOTICE
- ADDITIONAL INFORMATION AND ASSISTANCE
You may contact us as follows:
We will respond to questions or concerns within  days.
Unless otherwise stated, gDEX Metaverse Pte Ltd is the data controller for personal data we collect through the subject to this policy.