Please read this Privacy Policy (“Privacy Policy”) carefully. It provides information about how Offchain Labs, Inc. (“Offchain Labs”, “we”, “us”, and “our”) collects, uses, discloses, and otherwise processes personal information in connection with the products and services available via the ZeroDev platform at zerodev.app (the “Services”). If you have any questions, comments, or concerns please contact us using the methods provided in the “Contact Us” section of this Privacy Policy below. 

By visiting, accessing, or using our Services (defined below), you acknowledge and agree that you have received and reviewed this Privacy Policy. From time to time, we may update this Privacy Policy as described in the “Changes to this Privacy Policy” section below.

Please also review the applicable Terms of Service and the ZeroDev Supplemental Terms of Service, which also apply to the use of our Services (collectively, the “Terms of Service”). Terms that are defined in the Terms of Service have the same meaning in this Privacy Policy unless this Privacy Policy specifies differently.If you are a resident of California, please see the Notice to California Residents below. If you are a resident of the European Economic Area ("EEA"), United Kingdom (“UK”), Switzerland, or another non-U.S. country with local data protection laws, please see the Notice to European and Non-U.S. Residents section below for information about your rights under the applicable local data protection laws.

‍1. Scope of This Privacy Policy

‍We provide the Services to our customers who have entered into an agreement with us for the access and use of the platform (“Customers”) and solely for their benefit and the benefit of personnel or other individuals that they authorize to use the platform (“Authorized Users”).

This Privacy Policy applies to personal information collected, used or otherwise processed by us in connection with a Customer’s Account Data, as defined in the Terms of Service.We are data processors of the User Content (as defined in the Terms of Service) we may process on Customers’ behalf. Our processing of such User Content is governed by our applicable agreement with the Customer, and the Customer is responsible for the collection and use of such Customer Data. Our Customers determine their own policies for handling personal information, and we do not control our Customers’ policies or the manner in which they handle personal information. Any questions or requests relating to User Content should be directed to the relevant Customer’s legal or privacy team. 

‍2. Personal Information We Collect and How We Collect It

‍As used in this Privacy Policy, “personal information” means any information that identifies or could be used to identify an individual person. For example, personal information may include name, email address, and phone number. It also includes other non-public information that we associate with such identifying information. Personal information does not include aggregated or anonymized information. The personal information we collect and how we collect it depends on how you use the Services. We collect the following types of personal information, as described below.

‍(a) Information You Provide

‍We collect information, including personal information, that you provide to us. We collect information that you provide to us in the following ways:

‍Identity and contact information. We collect information such as your name, job title, email address, phone number, social media handles, and postal address if you communicate with us or sign up to use the Services.

‍Sign up to use our Services. We collect the information you provide during the sign up process, including your identity and contact information and other information. In the event you sign up with us through Google or Github for example, we will receive the data associated with your respective profile, which may include name, username or user ID, email, company name, location/IP address, profile photo, OIDC data, social media handles and any other information you choose to associate with those profiles.  We also collect information that you choose to submit to us in connection with administering your account in connection with the Services. 

‍Payment Information. We may collect personal information and details associated with your purchases, including payment information. Any payments made via our Services are processed by third-party payment processors. We do not directly collect or store any payment card information entered through our Services.

‍Support requests and inquiries. If you contact support, we collect your identity and contact information, account information, the details of your question or request, and any other information you choose to include in your message.

‍Communications, feedback, research, events. If you contact us, such as by sending an email or submitting feedback, we may collect your identity and contact information, company, job title, country, the details of your question or request, and any other information you choose to include in your message. We may also collect information you provide if you complete surveys or questionnaires that we make available or if you participate in research opportunities we may offer or sponsor. If you sign up for or attend a webinar or other event hosted by Offchain Labs, we collect registration and attendance information. If you attend a conference, trade show, or other event that Offchain Labs attends or sponsors, we may collect information about individuals who attend the event and/or information from individuals who interact with us or express an interest in our Services. This information may include your identity and contact information as well as any professional background information you may choose to provide.

‍Interactions through social media and other third-party platforms. If you interact with us through any third-party platforms, such as our pages on Github or Discord, or through any of our pages or feeds on social media sites or platforms, such as LinkedIn or Twitter/X, we may collect information such as your identity and contact information, username, demographic information, location data provided by such platforms, and publicly-posted data such as your social media activity.

‍Marketing communications and promotions. If you subscribe to receive newsletters and marketing communications from us, we collect your identity and contact information in addition to your communications preferences. If you participate in any promotions or contests that we may offer, such as hackathons, we collect your identity and contact information and any other information you may provide in connection with your registration or participation.

‍Business Development and Strategic Partnerships. We may collect personal information from individuals and third parties to assess and pursue potential business opportunities.You may choose not to provide personal information directly to us or to not use the Services. However, some personal information is necessary so that we can provide the Services you have requested. Failure to provide this information may prevent us from providing some or all of our Services.

‍(b) Information We Collect Automatically

‍When you access or use the Services, we or our third-party agents or service providers automatically collect information about the device you use to access the Services and your activity when you use the Services. Depending on your activity, the information may include:

When you access or use the Services, we or our third-party agents or service providers automatically collect information about the device you use to access the Services and your activity when you use the Services. Depending on your activity, the information may include:

Device and Usage Information: We collect certain information about your device and how you interact with the Services each time you access or use them.

Device information may include your IP address, browser type and version, browser settings, time zone, unique device identifiers, information about your approximate location (as determined through your IP address), mobile, computer, and/or device hardware information (e.g., operating system version, hardware model, IMEI number, digital fingerprint, and other unique device identifiers, MAC address, and device settings), device event information, log information, and crash data.

Usage information may include features that you use, clickstream data, access dates and times, and how you interact with the Services. This information may also include referring / exit pages and URLs, how you interact with links on the Website, landing pages, and pages viewed. We also may collect the date and time you open an email communication from us or click on any links in an email and we or our service provider may associate this information with the email address we already have for you. We may use session replay technology to understand how users interact with our Services and platform.

Cookies and Other Tracking Technologies: We and our third-party service providers or agents may collect information using one or more Cookies or similar technologies such as pixels or locally stored objects (collectively “Cookies”). Cookies may collect information such as your IP address, unique device identifiers, your browser settings, and information about how you use the Services (e.g., the pages you view, the links you click). Please refer to the Cookies and Tracking Technologies section below for more information about our use of Cookies and your choices related to Cookies.

‍(c) Information from Third Parties

‍In some instances, and depending on the Services you use or how you use the Services, we collect and process personal information we receive from third parties, which can include the following:

‍Offchain Labs’ Service Providers: We receive information from our service providers or agents who perform business services for Offchain Labs, such as website activity information from third parties that assist us in operating our website and transactional data from our third-party infrastructure service providers, as applicable. We may obtain personal information about you from other sources, including through third-party services and organizations. For example, if you access our Services through a third-party application, such as an app store, a third-party login service, or a social networking site, we may collect personal information about you from that third-party application that you have made available via your privacy settings.

‍Offchain Labs’ Partners: We may receive contact information from business partners with whom we operate co-branded events, webinars, services and marketing campaigns or joint offerings.

‍Analytics and Marketing Providers: We may receive information from third parties that perform data analytics and/or marketing functions for Offchain Labs.

‍(d) Public Blockchain Information

‍We may collect certain public blockchain information that you make available to us, such as wallet address and transaction information for blockchain transactions.

‍(e) User Content​​

We collect, receive, or access User Content that our customers and their authorized users input, upload, submit, transmit, import, or otherwise provide or make available to the platform. We process User Content pursuant to our agreements with our Customers. In the event that User Content contains any personal information, the Customer’s privacy notice will apply to that personal information.

‍(f) Sensitive Personal Information

‍Offchain Labs does not intentionally collect sensitive personal information (e.g., social security numbers, racial or ethnic information, health information, religious information).

‍3. How We Use Personal Information

‍We use the personal information we collect in the following ways:

To provide and operate the Services;

To respond to your inquiries and requests, or otherwise communicate with you, and to provide you with assistance related to the Services;

To provide technical support for, secure, and protect the Services, including to detect and prevent fraud, abuse, or security risks, and to track outages and troubleshoot;

To conduct analytics related to the Services, such as to understand how they are being used and where improvements may be needed;To improve user experience with the Services;

To update, improve, and/or enhance the Services, and develop new features, functionality, and Services;

To send you newsletters and promotional and marketing communications that may be of interest to you;

To conduct and administer promotions, sweepstakes, or contests if you have chosen to participate, in accordance with the terms of such campaign;

To better understand your personal preferences and to enable us to provide you with improved and personalized communications and services;

To compile aggregate data, such as about traffic and interaction with or on the Services;

To provide transactional updates about our Services;

To enforce our Terms of Service, resolve disputes or otherwise to carry out our obligations and enforce our rights, and to protect our business interest and rights of third parties;

To audit our compliance with legal and contractual requirements and internal policies;

To comply with legal and contractual obligations and requirements, law enforcement requests, and legal process; 

For our business transfers (as more fully described in the “How We Disclose Personal Information” Section below);

To keep you updated about changes to policies related to our Services (including this Privacy Policy); and 

For any other purpose with your consent.

We may combine any of the information that we collect from you with other information, including information that we obtain from third parties, or with information derived from any other products or services we provide. We will use this information for the purposes described in this Privacy Policy.

‍4. How We Disclose Personal Information

‍We transmit, disclose, grant access, make available and provide personal information to or with the following types of third parties.

‍(a) Service Providers

‍We disclose personal information with our third-party vendors, consultants, agents, contractors, and service providers that help us provide our Services or with any of the purposes described in this Privacy Policy. Depending on how you use the Services, the following categories of Service Providers may collect data on our behalf, receive, or access personal information:

Hosting service providers,
Analytics providers,
Marketing partners,
Providers of business operations and communication tools, such as email and messaging software providers,
Customer support service providers,
Other third-party service providers that help us provide features and functions for the Services, and
Professional advisors, agents and service providers, such as auditors, lawyers, consultants, accountants and insurers.

‍(b) Offchain Labs Partners

‍From time to time, we may work with other businesses to sponsor or host conferences or webinars, market related services, promote joint ventures or other similar collaborations. We might disclose personal information, such as company name, and contact name and email address, with our partners in these situations.

‍(c) Sweepstakes, Contests, and Other Promotional Activities

‍If you participate in a promotion, sweepstakes, contest, or other campaign (collectively, “Promotion”), we may disclose your personal information to any third parties affiliated with the Promotion or to the public in connection with conducting and administering the Promotion. For example, we may disclose personal information to select a winner, provide a prize, as required by applicable law (such as publishing a list of winners), or as permitted by the applicable terms and conditions or official rules of the Promotion.

‍(d) Legal, Compliance and Regulatory Purposes

‍We may disclose personal information if we believe that it is necessary to:comply with a law, regulation, legal process, or legitimate governmental request;protect the safety or security of the Services, users of the Services, or any person;investigate, prevent, or take action regarding illegal or suspected illegal activities;prevent spam, abuse, fraud, or other malicious activity of actors using or accessing the Services; orprotect our rights or property or the rights or property of those who use the Services.

Non-public information about our users will not be released to law enforcement except in response to an appropriate legal process such as a subpoena, court order, or other valid legal process that has been reviewed by Offchain Labs. However, if we receive information that provides us with a good faith belief that there is an exigent emergency, we may provide information to law enforcement trying to prevent or mitigate the danger, to be determined on a case-by-case basis.

‍(e) Business Transfers

‍We may disclose personal information with third parties we choose to acquire or with buyers, successors, or others in connection with a merger, divestiture, restructuring, reorganization, financing due diligence, initial public offering, dissolution, or other sale or transfer of some or all of our assets or transition of service to another provider, whether as a going concern or as part of bankruptcy, receivership, liquidation or similar proceeding, as permitted by law and/or contract.

‍(f) With Your Consent

‍There may be situations where you are asked to consent to disclose personal information with third parties for additional reasons not included in this Privacy Policy.

‍5. Cookies and Tracking Technologies

‍As described above in this Privacy Policy, we collect and may permit third parties to collect information using cookies and other similar technologies.

‍(a) What Are Cookies?

‍Cookies are small data files that are placed on your device set by us or by third parties when you visit a website or other online service. In addition to cookies, we may use other technologies that are similar in function, such as pixel tags, also called web beacons or single-pixel tags/gifs, local or web storage, and embedded scripts.Web Beacons: Web beacons, or “clear gifs,” and single-pixel tags/gifs, or web tags, are tiny graphics with a unique identifier placed on a website or in an email that gathers information about your interaction with that website or email. Because of their small size, they are not visible.

Local or Web Storage: Local or web storage refers to other places on a browser or device where information can be stored. It includes both your own device storage and browser cache.
Embedded Scripts: An embedded script is a programming code that is designed to collect information about your interactions with the Services, such as the links you click. The code is temporarily downloaded onto your device, is active only while you are connected to the Services and is deactivated or deleted after you are no longer connected.We use the term “Cookie” throughout this Privacy Policy to cover all these technologies.You can find more information about cookies at: www.allaboutcookies.org.

‍(b) Types of Cookies

‍Cookies are often described by who created and placed them and how long they last. Types of Cookies generally include the following:Persistent Cookies and Session CookiesPersistent Cookies: A persistent Cookie stays in your browser and will be read by us when you return to our website. A persistent Cookie helps us recognize you as an existing user, so it is easier for you to return and interact with our Services.Session Cookies: A session Cookie is temporary and enables you to move from page to page on our Services and allows information that you enter to be remembered. A session Cookie is deleted when you close your browser or after a short time.First-Party Cookies and Third-Party CookiesFirst-party Cookies: These are Cookies set by the publisher of the website or online service you are visiting. First-party Cookies may be set either by us or by a service provider at our request.Third-party Cookies: These are Cookies that are set by a party other than the publisher of the website you are visiting.

‍(c) What Types of Information Do Cookies Collect?

‍Cookies collect different types of information depending on the type of Cookie and its purpose. Some examples of information that may be collected by Cookies when you use our Services include:The pages or features you visit within our Services;The buttons you click on our Services;The date and time you visit our Services;The amount of time you spend on our Services;Social engagement metrics; The Internet Protocol (“IP”) address used to connect your device to the internet; andYour device (such as computer, mobile phone) and connection information such as your browser type and version and operating system.

‍(d) How Do We Use Cookies?

‍Offchain Labs uses Cookies for purposes such as providing content or features on our Services, helping us remember you and your preferences, and improving your user experience by making our Services more efficient and relevant to you. We, our service providers, and/or agents acting on our behalf, use the following persistent and session Cookies (which may be first-party or third-party Cookies) on our Services:Strictly Necessary Cookies: These Cookies are essential because they enable our Services to work properly, and they cannot be disabled. Without these Cookies, some of our Services cannot be provided. These Cookies do not gather information about you for advertising purposes. For example, these Cookies are used to:

Remember the information that you fill in when performing certain activities on your Services;

Pass information from one page to the next, for example when filling out forms;

Read your browser and device settings to optimize the display of our Services;

Identify misuse of our Services;Load our Services uniformly to maintain accessibility; and

Prevent fraud.

Functional Cookies: We use functional Cookies to remember your choices so we can tailor our Services to provide you with enhanced features and personalized content. For example, these Cookies can be used to remember your preferences on our Services. We do not use functional Cookies for online advertising. While these Cookies can be disabled, this may result in less functionality during your use of our Services. For example, we use these Cookies to:

Provide you a personalized experience, such as remembering how you have customized our Services;

Remember the information that you fill in when performing certain activities on our Services; and

Store your preferences such as language and location.

Performance or Analytics Cookies: These Cookies help us understand how our Services are being accessed, used, or are performing. These performance or analytics Cookies may collect information about the content you view, and your system and geographic information. The information generated by these Cookies will be transmitted to and stored by the applicable analytics services. For example, we may use performance or analytics Cookies to:

Maintain and continually improve our Services;

Keep track of the number of visitors to the pages within our Services;

Keep track of the length of time that each visitor spends on the pages within our Services;

Determine the order in which a visitor visits the various pages or features within our Services;

Identify performance issues with our Services; and

Assess which parts of our Services need improvement.

‍(e) How to Manage or Delete Cookies

‍You can exercise your preferences concerning Cookies served on our Services by taking the steps outlined below.

Browser Settings: You may alter the Cookie settings in your browser settings at any time. You may accept all or only certain Cookies. If you disable Cookies in your browser settings, however, you may find that certain sections of our Services will not work.

First-Party Cookies: If you do not want Cookies placed on your device, you can adjust the setting of your Internet browser to reject some or all Cookies and to alert you when a Cookie is placed on your device. To do this, follow the instructions provided by your browser (usually located within the “Help,” “Tools,” or “Edit” settings). While adjusting your browser setting can prevent the future placement of Cookies, it does not remove existing persistent Cookies.

Third-Party Cookies: Browsers also allow you to block third-party Cookies using the steps described above for first-party Cookies.Preferences Tools: There are several services available that can assist you with managing your Cookie preferences, including industry groups, standards associations, and tools provided by the Cookie providers and social media sites. Please note that we have no affiliation with, and are not responsible for, third-party websites.

Google Analytics: You may download the Google Analytics opt-out browser add-on at https://tools.google.com/dlpage/gaoptout.Web Beacons and Pixels: You may avoid web beacons and pixels by disabling the functionality that allows remote images to load in your email account and refraining from clicking on any links in email messages.To learn more about how to manage Cookies and opt-out of Cookies being placed on your devices, please visit www.allaboutcookies.org.

‍6. "Do Not Track" Preferences

‍The Services do not monitor for or behave differently if your browser or device transmits a “Do Not Track” or similar message. Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. There is no consensus among industry participants as to what "Do Not Track" means in this context. Like many websites and online services, Offchain Labs does not currently alter our practices when we receive a "Do Not Track" signal from a visitor’s browser except as specifically required by law. For information about "Do Not Track" please visit All About DNT.

‍7. Third-Party Links

‍We may provide links to other websites or resources with which we do not have a contractual relationship and over which we do not have control (“External Websites”). Such links are not paid advertisements, nor do they constitute an endorsement by Offchain Labs of those External Websites and are provided to you only as a convenience. By clicking on links to the External Websites, the operators of the External Websites may collect personal information. We are not responsible for the content or data collection practices of those External Websites, and your use of External Websites is subject to their respective terms of use and privacy policies. We encourage you to carefully read the privacy policy of any website you visit.

‍8. Third-Party Social Media Plugins

‍The Services may offer Social Media Platform sharing features and other integrated tools that enable you to share or view certain content via social media sites (such as the X (f/k/a Twitter) “Follow” button). These features may function as cookies or web beacons when you interact with them and collect information such as information about your device or your interactions with the Services, such as what you’re viewing through the Services. If you are logged in to your account with the third party, the third party may be able to link information about your interactions with the Services to your account with them. Please refer to each third party’s privacy policies to learn more about its data practices.

‍9. Children’s Privacy

‍Our Services are made available to companies and organizations. Accordingly, our Services are not intended for use by anyone younger than the age of 18 or under the applicable legal age of the relevant country. We do not knowingly collect personal information from children younger than the age of 18 without the consent of a parent or legal guardian, as required under applicable law. If you learn or believe that a child under the age of 18 has provided us with personal information, please contact us using the methods provided in the “Contact Us” section of this Privacy Policy below.

‍10. Your Choices(a) Marketing Preferences

‍To stop receiving, or opt-out of, promotional email communications from Offchain Labs, click on the "unsubscribe" link or follow the relevant opt-out instructions within the marketing communication. If you opt-out, we will still send you transactional emails for service purposes, such as for responses to your requests or communications about your account.

‍(b) Third Party Analytics

‍Offchain Labs uses third-party analytics providers to provide us with information regarding the use of the Services. For more information about the tracking technologies that these third parties use and your options, please see the Cookies and Tracking Technologies section above.

‍11. How Long We Retain Personal Information

‍We retain personal information for the purposes stated in this Privacy Policy and as required under applicable law. To determine how long we keep personal information, we consider the amount, nature, and sensitivity of personal information, the reasons for which we collect and process the information, and applicable legal requirements.

‍12. How We Protect Personal Information

‍At Offchain Labs, we take our responsibility to protect the security and privacy of personal information seriously. We have implemented what we believe to be reasonable and appropriate security measures designed to prevent personal information from being lost, used, accessed, altered, or disclosed in an unauthorized or unlawful way.If you have reason to believe that your information is no longer secure, please let us know by contacting us using the methods provided in the “Contact Us” section of this Privacy Policy below.

‍13. Notice to California Residents This Notice to California Residents (“California Notice”) supplements the information provided in this Privacy Policy and applies only to California residents who are within the scope of this Privacy Policy. This California Notice provides our “notice at collection,” describes the rights that California residents have over their personal information, and includes supplemental disclosures related to our processing activities. If you have any questions about your California privacy rights or the information provided in this California Notice, please contact us.

‍(a) California Notice at Collection

‍To understand what personal information we collect, how we use it, and how long we retain it, please review the sections above and the Personal Information Categories We Collect section in this California Notice. For information about whether personal information is sold or shared, please see Sale or Sharing of Personal Information in this California Notice. 

‍(b) California Privacy Rights

‍If you are a resident of California, you have the following rights related to your personal information:

‍The right to know - You have the right to know (a) the categories of personal information we have collected, (b) the categories of the sources from which the personal information is collected, (c) the business or commercial purposes for collecting, selling, or sharing the personal information, (d) the categories of third parties with whom we have disclosed personal Information, and (e) the categories of personal information we have disclosed for a business purpose, sold, or shared, and the third parties to whom we have disclosed, sold, or shared the personal information; 

‍The right to access (portability) - You have the right to request and receive the specific pieces of personal information we have collected about you in a commonly used, machine readable format; 

‍The right to correct your personal information - You have the right to correct inaccurate personal information that we have collected from you and retained; 

‍The right to delete your personal information - You have the right to request that we delete your personal information, subject to certain exceptions; 

‍The right to opt-out of sale and sharing of your personal information - You have the right to opt-out of having your personal information “sold” or “shared”; 

‍The right to limit the use and disclosure of sensitive personal information - In certain circumstances, you have the right to request that we limit the use and disclosure of certain personal information considered “sensitive personal information” under the CCPA, as applicable; and 

‍The right against discrimination - You have the right not to be discriminated against because you have exercised your rights under California law.For information on how to exercise your rights, please see Exercising Your California Privacy Rights below.

‍(c) Personal Information Categories We Collect and Personal Information Practices

‍For purposes of this California Notice, “personal information” is used as defined under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, and its implementing regulations, all as amended over time (“CCPA”) and means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to a particular consumer or household. Personal information does not include:information that is lawfully made available from federal, state, or local government records;anonymous, de-identified, or aggregated information; andinformation excluded from the scope of the CCPA, such as health or medical information covered under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and financial information covered under the Fair Credit Reporting Act (“FCRA”) or Gramm-Leach Bliley Act (“GLBA”).When we talk about a “sale” or “sharing” of personal information or personal information being “sold” or “shared,” we are also using those terms as they are defined under the CCPA.Below is a summary of the personal information categories, as defined by the CCPA, that we have collected in the preceding twelve (12) months, the categories of sources from which the personal information were collected, the business purposes for which we have collected and disclosed them, and the categories of third parties to which we have disclosed them for a business purpose. Some of the information in several of the categories may overlap. For information about the sale or sharing of personal information, please see the Sale or Sharing of Personal Information section below.In the table below, “Service Providers” means our third-party vendors, consultants, agents, contractors, and other service providers that perform services for us or on our behalf, as further described in the How We Disclose Personal Information section of this Privacy Policy.

‍Category of Personal InformationSources of Personal InformationPurposesThird Parties to which Disclosed for Business PurposeIdentifiers (such as name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address)

Directly from you
From third-party sources
We generate internally
From our Service Providers
To provide our Services
To manage payments
To communicate with you
To provide customer support
To improve and enhance our Services and develop new ones
For our marketing purposes
For our security, anti-fraud, and legal and compliance purposes
For our internal analytics purposes

Service Providers

‍The categories of Personal Information under California Civil Code section 1798.80(e) (such as name, signature, address, telephone number, credit card number, debit card number, or any other financial information)

Directly from you
From third-party sources
From our Service Providers
To provide our Services
To manage payments
To communicate with you
To provide customer support
To improve and enhance our Services and develop new ones
For our marketing purposes
For our security, anti-fraud, and legal and compliance purposes
For our internal analytics purposes

Service Providers

‍Commercial information (such as records of products or services purchased, obtained, or other purchasing or consuming histories or tendencies)

Directly from you
We generate internally
From our Service Providers
To provide our Services
To manage payments
To communicate with you
To provide customer support
To improve and enhance our Services and develop new ones
For our marketing purposes
For our security, anti-fraud, and legal and compliance purposes
For our internal analytics purposes

Service Providers

‍Professional or employment-related information (such as job title, employer)

Directly from you
From third-party sources
From our Service Providers
To provide our Services
To communicate with you
To provide customer support
To improve and enhance our Services and develop new ones
For our marketing purposes
For our security, anti-fraud, and legal and compliance purposes
For our internal analytics purposes

Service Providers

‍Electronic network activity information (such as information regarding a consumer’s interaction with an internet website, application)

Directly from you
From third-party sources
We generate internally
From our Service Providers
To provide our Services
To manage payments
To communicate with you
To provide customer support
To improve and enhance our Services and develop new ones
For our marketing purposes
For our security, anti-fraud, and legal and compliance purposes
For our internal analytics purposes

Service Providers

‍Inferences drawn from any of the information identified above to create a profile about a consumer

‍Directly from you
From third-party sources
We generate internally
From our Service Providers
To provide our Services
To provide customer support
To improve and enhance our Services and develop new ones
For our marketing purposes
For our internal analytics purposes

Service Providers

‍Sensitive Personal Information (account log-in in combination with any required security or access code, password, or credentials allowing access to an account)

Directly from you
From our Service Providers
To provide our Services
To provide customer support
For our security, anti-fraud, and legal and compliance purposes 

Service Providers 

We do not use sensitive personal information for purposes other than those specified in the table above. We do not collect or process sensitive personal information for purposes of inferring characteristics about consumers. We do not engage in profiling in furtherance of or automated decisions that produce legal or similarly significant effects.

For more information about the purposes for which we use personal information and the third parties to whom we disclose personal information, please see How We Use Personal Information and How We Disclose Personal Information in our Privacy Policy above.

‍(d) De-identified Data Disclosure

‍The Services may use de-identified data in some instances. Offchain Labs either maintains such data without attempting to re-identify it or treats such data as personal information subject to applicable law, unless such data is publicly available information and therefore would not be personal information under applicable law even without de-identification.

‍(e) Retention of Personal Information

‍For information about how long we retain personal information that we collect, see the How Long We Retain Personal Information section in the Privacy Policy above. 

‍(f) Sale or Sharing of Personal Information

‍Offchain Labs does not engage in the “sale” or “sharing” of personal information, as “sale” and “sharing” are defined under the CCPA. Offchain Labs does not sell or share personal information of known minors under sixteen (16) years old. 

‍(g) Exercising Your California Privacy Rights

‍To exercise any of the privacy rights described above, you or your authorized agent acting on your behalf may submit a request by:Email at privacy@offchainlabs.com

‍To verify your identity, we may ask you to confirm personal information we already have on file for you. If we cannot verify your identity from the information we have on file, we may request additional information, which we will only use to verify your identity and for security or fraud prevention purposes.If you use an authorized agent to make a request on your behalf, we may require proof from you that they have been authorized directly by you to act on your behalf.We will respond to your rights request as required under the CCPA. We reserve the right to deny your request subject to applicable law, such as if we cannot verify your identity or the authority to receive the personal information related to you.

‍(h) California “Shine the Light” Disclosure

‍The California “Shine the Light” law gives residents of California the right under certain circumstances to opt-out of the sharing of certain categories of personal information with third parties for their direct marketing purposes. We do not currently share personal information with third parties for their own direct marketing purposes.

‍14. International Data Transfers

‍The personal information that we collect or receive may be transferred to and processed in countries located outside of your country of residence to the countries where we or our third-party service providers process it. The data protection laws of the countries where personal information is processed may not be as comprehensive as or equivalent to those in your country of residence. Whenever we transfer personal information internationally, we take steps to protect it as required under applicable law.

‍15. Notice to European and other Non-U.S. Residents

‍This notice supplements the information provided in this Privacy Policy and applies only to individuals located in the EEA, UK, Switzerland, or another country with a comprehensive data protection law who are within the scope of this Privacy Policy.For the purposes of the General Data Protection Regulation (EU) 2016/679 ("GDPR") and relevant local data protection laws, Offchain Labs is the data controller of your personal information. "Personal information" as used in this Notice to European and other Non-U.S. Residents means "personal data," as defined in Article 4(1) of the GDPR or the relevant section of the local data protection laws. If you have any questions about how we process your personal data, or to exercise your data protection rights please contact us using the methods provided in the “Contact Us” section of this Privacy Policy below.

‍(a) Legal Basis for Processing

‍Offchain Labs processes personal information where there is a legal ground to do so, as described below. The applicable legal ground depends on the Services you use and how you use them.

‍Performance of a Contract. We process personal data for the performance of our Services under the terms of our agreement with you in the Terms of Service or applicable agreement. This includes, for example, using personal data to:

Facilitate your use of the Services;
Maintain our Services in accordance with this Privacy Policy and the applicable Terms of Service;
Provide support; and
Respond to your inquiries and requests, or otherwise communicate with you, and provide you with assistance related to the Services.

‍Legitimate Interest. We process personal data when Offchain Labs has a legitimate interest to do so. This includes, for example, processing personal data to:

Provide you with support;
Debug, update and improve the Services;
Personalize your experience using the Services;
Send you marketing communications in accordance with your applicable marketing preferences;
Prevent or detect fraud on the Services;
Conduct analytics regarding the Services; and
Establish, exercise, or defend legal claims or in connection with any court or jurisdiction.

You may request more information regarding our processing activities based on legitimate interest by contacting us with your request and confirmation that you are located in the EEA, United Kingdom, or Switzerland using the methods provided in the “Contact Us” section of this Privacy Policy below.

‍Legal Obligation. We process personal information for compliance with any legal obligation to which Offchain Labs is subject.

‍Consent. We process personal information based on consent where we obtain your consent prior to such processing. This processing may include, for example:

Surveys and certain marketing communications about our Services or other services or products we think might interest you; and

Certain marketing features or content.Where Offchain Labs relies on your consent as the lawful basis for processing personal data, you have the right to withdraw your consent to further use of your personal data at any time. You can use the methods described in Exercising Your Rights below to withdraw your consent.

‍(b) Your Data Rights

‍Under the GDPR and relevant local data protection laws, you have certain rights regarding your personal data. Depending on your country of residence, your rights may include:

The right to be informed – that’s a right to be informed about how we use personal data (and that’s what we’re doing in this Privacy Policy);

The right of access – that’s a right to make what’s known as a ‘data subject access request’ for a copy of the personal data we hold about you;

The right to rectification – that’s a right to request that we correct personal data about you that may be incomplete or inaccurate (though we generally recommend first making any changes in your account if you registered for one);

The right to erasure – that’s where, in certain circumstances, you can ask us to delete the personal data we have about you;

The right to restrict processing – that’s a right for you in certain circumstances to ask us to suspend processing personal data;

The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common, machine-readable format (for example, a .csv file);

The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your personal data for direct marketing);

Rights in relation to automated decision-making and profiling – that’s a right you have for us to be transparent about and not be subject to any profiling or any automated decision-making we may do;

Withdraw consent – if we have collected and processed personal data with your consent, you have the right to revoke that consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent; andFile a complaint – that’s the right to file a complaint with a local supervisory authority about our collection and processing of your personal data.

‍(c) Exercising Your Rights

‍For each of the rights described above, and for any complaints you may have, please contact us.We respond to all requests we receive from individuals wishing to exercise their data rights in accordance with applicable data protection laws. These rights are subject to certain rules around when you can exercise them.We may need to request specific information from you to help us confirm your identity before we can respond to your request. This is a security measure to help ensure that personal data is not disclosed to any person who has no right to receive it and to help ensure that the person exercising the right is the person about whom the personal data relates.If you are located in the EEA, the United Kingdom, or Switzerland, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us using the methods provided in the “Contact Us” section of this Privacy Policy below.

For information on how to contact your data protection authority, please see:

‍EEA Data Protection Authorities (DPAs)
‍Swiss Federal Data Protection and Information Commissioner (FDPIC)
‍UK Information Commissioner’s Office (ICO)

‍16. Changes to this Privacy Policy

‍We may update this Privacy Policy from time to time. When we update this Privacy Policy, we will revise the “Last Updated” at the top of this Privacy Policy and post a link to the updated Privacy Policy on our Website. Changes to this Privacy Policy are effective when they are posted. If we make any material changes, we will provide you with notice as required under applicable law. Please review this Privacy Policy periodically to ensure you are aware of any such changes.

‍17. Contact Us

‍If you have any questions about this Privacy Policy or our privacy practices, please contact us by email at privacy@offchainlabs.com. You may contact our DPO at privacy@offchainlabs.com.