Privacy Policy

General information 

In this privacy policy (“Policy”), you will find information regarding the processing of personal data that Medium Rare Foundation, a foundation established in Panama (“we” or “our company”) processes as a data controller with you as a data subject (“you”). 

This Policy is intended to provide a clear and transparent overview of our data processing practices across multiple jurisdictions. Certain provisions of this Policy may therefore apply only to individuals located in specific jurisdictions, in particular where you are protected under the GDPR or under applicable U.S. privacy laws (such as the CCPA or other comprehensive consumer privacy laws in various U.S. states). We have included these provisions to align our practices with internationally recognized data protection standards. Where a specific section applies only to certain jurisdictions, this will be indicated in the relevant part of the Policy.

We implement appropriate technical and organizational measures to protect your Personal Data. In the event of a Personal Data breach that is likely to result in a risk to your rights and freedoms, we may notify you and the relevant supervisory authority as required by applicable law.

Each third-party protocol or decentralized application (dApp) you interact with is an independent data controller. We are not responsible for the privacy practices of such third parties, and their processing of your data is governed by their respective privacy policies.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Policy:

• Cookies are small files that are placed on your computer, mobile device or any other device by a website, containing the details of your browsing history on that website among its many uses.

• CCPA means California Consumer Privacy Act of 2018.
• Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.

• EEA means European Economic Area. 
• GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
• Personal Data or Personal Information means information we may process about you and means any data which identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual. 
• Service refers to the features and functionalities made available through the Website, as further described in our Terms of Use available on the Website.

• Service Provider means any natural or legal person who processes the data on behalf of our company. It refers to third-party companies or individuals employed by us to facilitate the Service, to provide the Service on behalf of our company, to perform services related to the Service or to assist our company in analyzing how the Service is used.

• Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

• Website refers to Marinade Finance, accessible from https://marinade.finance.

TL;DR version

• This document explains how and why we collect information from you, how we use it and how you can access or change it. If you have any questions, please contact us at info@marinade.finance. 
• Some of the provisions of this Policy only apply to individuals in certain jurisdictions, depends on whether you are protected under the GDPR, applicable U.S. privacy laws (such as the CCPA or other comprehensive consumer privacy laws in various U.S. states) or other applicable data protection laws. Details on how this Policy applies to you can be found below. 
• We process your data if you: 

1. visit our Website, or any website of ours that links to this Policy; 
2. use our Services; 
3. engage with us in other related ways, including any sales, marketing, or events.

• We may transfer your Personal Data internationally, including to countries outside the EEA or outside the country(ies) you reside. Please see section 6 for additional information on such transfers.
• We use Cookies and a range of 3^rd-party analytical and marketing tools to properly operate the Website. For more information, please see sections 10 and 14. 
• We may use profiling based on your on-chain activity to optimize the Service.
• We do not collect or process any special categories of personal data (e.g., information about health, ethnicity, or religious beliefs) or criminal conviction data.
• If you provide us with your contact address and consent, we may send you newsletters to keep you informed about updates and new features. You can unsubscribe at any time via the link provided in each email. 

1. What personal information do we collect?

We process various categories of Personal Data about you, for various purposes. These categories are: 

Personal identification information

If you participate in a survey or usability study, we may record any identification and contact details you voluntarily provide (such as your name, email address, or job title), as well as your responses and engagement with the survey or study.

We may store communications you send to us via email, social media, or other channels (e.g., Twitter or Discord), including submissions made through surveys, forms, or questionnaires.

Wallet addresses or blockchain records are collected while connected and the analytical tools might collect your Device Internet Protocol address. To comply with legal obligations and protect the Services from fraud or illicit activity, we may work with external service providers who may obtain information related to your wallet address or transactions conducted through the Services. These records are inherently public, self-generated, and not issued or assigned by us or any central authority, and they do not inherently identify any natural person.

Legal basis: Processing is necessary for the performance of a contract (your use of the Service).

Data retention time: For the duration of your interaction with the Service and for a period thereafter, and in any event no longer than 2 years after your last interaction.

Usage Data

Usage Data is collected automatically when using the Service.

Usage Data may include information such as your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the Service by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device. 

Legal basis: Processing is based on our legitimate interests in analyzing and improving our Service.

Data retention period: For the necessary period for such purposes, and in any event no longer than 3 months, unless a longer retention period is required for security fraud prevention or technical stability purposes.

The Services are not intended for individuals under the age of 18 (or any other age required by local law), and we do not deliberately gather Personal Information from children. 

If we need to rely on consent as a legal basis for processing your information and your country requires consent from a parent, we may require your parent's consent before we collect and use that information.

2. How do we use data collected?

We use your Personal Data for several business purposes such as providing our Services, carrying out administrative tasks and promoting our products and Services, as detailed below:

• Administration of your accounts and data;
• Granting access to specific functions, areas, and features of our Services;
• Responding to inquiries for technical or customer assistance;
• Handling job or partnership applications;
• Permitting registration for events;
• Improving, upgrading, or enhancing our Services;
• Creating new products and Services;
• Ensuring internal quality control and safety;
• Offering you the right services and products;
• Authenticating and verifying individual identities, including handling requests to exercise your rights under this policy;
• Debugging to detect and correct errors with our Services;
• Auditing related to interactions, transactions, and other compliance activities;
• Sharing information with third parties as necessary to provide the Services;
• Enforcing our agreements and policies;
• And other uses required to comply with our legal obligations.

3. How do we disclose data collected?

The following are the types of third parties that we may share your information with:

• Service Providers who assist us in delivering our Services, such as IT support, hosting, payment processing and customer service;
• business partners who help us provide you with the products or services you have requested or who jointly offer products or services with us. In addition, your Personal Data may be shared with a potential or actual acquirer, successor, assignee, or other entity in connection with any corporate transaction, including a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of assets (including in bankruptcy or similar proceedings);
• advertising partners who may use Cookies and other tracking tools to collect information about your activities and device and use it to deliver personalized ads to you; 
• law enforcement agencies, regulators, or judicial authorities if required by law or we believe in good faith that such disclosure is reasonably necessary. We may share your Personal Data: (a) under applicable laws and regulations, including those outside your country of residence; (b) to comply with legal process; (c) in response to requests from public or governmental authorities, including those operating outside your jurisdiction; (d) to enforce the Terms; (e) to protect our operations or those of our affiliates; (f) to safeguard our rights, privacy, safety, or property, as well as that of our affiliates, Users, or others; and (g) to pursue available remedies or mitigate potential damages. Your Personal Data may be disclosed during litigation, regulatory inquiries, compliance activities, or when required by subpoena, court order, or similar legal mechanisms; and
• Any person you have expressly authorized to disclose to. 

4. Duration of Personal Data storage or criteria for storage

We retain Personal Data only for as long as necessary for the purposes for which it was collected. For specific retention periods, where applicable, please refer to section 1 (What personal information do we collect), where each purpose is matched with its corresponding retention timeframe. 

Please note that in some circumstances we may store your Personal Data for longer periods of time, for example (i) where we are required to do so under applicable legal, regulatory, tax or accounting requirements, (ii) to maintain an accurate record of your interactions with us in the event of any complaints, (iii) where we reasonably expect there would be investigation or litigation in relation to your Personal Data, or (iv) in order to detect, investigate, prevent, or stop fraudulent, unauthorized, or illegal activities, to address security vulnerabilities or technical issues, and to protect our Users and the broader ecosystem. After expiry of the relevant retention period, Personal Data will be deleted or anonymized where feasible.

5. Newsletter opt-out option 

If you provide us with your email address and consent, we may occasionally send you newsletters to keep you informed about updates and new features. 

If you wish to opt-out of receiving our newsletters, you may withdraw your consent at any time by clicking on the unsubscribe link included in each email. You may also withdraw your consent by contacting us at info@marinade.finance. 

6. International data transfers

Due to the global nature of our Services, your Personal Data may be transferred to and processed in countries outside your jurisdiction, including outside the EEA and the United States.

Transfers relating to individuals in the EEA

If you are located in the EEA, we ensure that any transfer of your Personal Data outside the EEA is carried out in compliance with GDPR. In particular, we rely on one or more of the following safeguards, as appropriate:

• transfers to countries that have been recognized by the European Commission as providing an adequate level of data protection;
• the standard contractual clauses (“SCCs”) approved by the European Commission;
• appropriate supplementary safeguards designed to ensure an adequate level of protection of Personal Data;
• where applicable, your explicit consent; or
• other lawful transfer mechanisms permitted under applicable data protection laws. 

Transfers relating to individuals outside the EEA

If you are located outside the EEA, your Personal Data may be transferred to countries (including out of the United States) other than your country of residence for the purpose of provision of the Services and customer support. 

For more information about the safeguards we use for international data transfers, please contact us using the details provided in this Policy. 

7. What are your rights?

The following rights shall apply to individuals located in the EEA.  If you wish to exercise any of your rights, please contact us by e-mail at info@marinade.finance. However, due to the inherent nature of the blockchain, any Personal Data recorded on the blockchain (such as your transaction history associated with a wallet address) cannot be edited, corrected, restricted, or deleted. You acknowledge and agree that your relevant rights under the GDPR or similar laws do not extend to information permanently recorded on the public blockchain.

• Right of withdrawal of consent 

If we process your Personal Data based on your consent, you have the right to withdraw your consent at any time, including consent to receive newsletters. You can withdraw your consent by contacting us at info@marinade.finance.

• Right of access 

You have the right to access the Personal Data we process about you, including information on the purposes of processing, categories of data, recipients, retention periods, and whether we use automated decision making. 

• Right to rectification 

You have the right to request correction or completion of inaccurate or incomplete Personal Data.

• Right of erasure  

You have the right to request deletion of your Personal Data, subject to legal exceptions. 

• Right to restrict processing  

You have the right to request restriction of processing where applicable.

• Right to data portability 

You have the right to receive Personal Data you provided to us in a structured, commonly used and machine-readable format and to request transmission to another controller where technically feasible. 

• Right to object  

You have the right to object to processing of your Personal Data.  

• Right to lodge a complaint  

You can make a complaint by contacting your local Office for Personal Data Protection, you can find your local Office for Personal Data Protection according to your country of residence in the list of Personal Data Protection Competent Authorities available here https://digital-strategy.ec.europa.eu/en/library/list-personal-data-protection-competent-authorities. 

The following rights shall apply to individuals protected by applicable U.S. privacy laws (such as the CCPA and comprehensive consumer privacy laws in other U.S. states). If you wish to exercise any of your rights, please contact us by e-mail at info@marinade.finance. 

• Right to access / know 

You have the right to know whether we process your Personal Information, and to access such information, including categories, sources, purposes, disclosures and whether it has been sold or shared.

• Right to correction

You have the right to request correction of inaccurate Personal Information. 

• Right of deletion 

You have the right to request deletion of your Personal Information, subject to legal exceptions. 

• Right to data portability / copy  

You have the right to request a copy of your Personal Information in a portable format.

• Right to opt-out

You have the right to opt-out of the sale or sharing of Personal Information and targeted advertising, where applicable. 

• Right to non-discrimination 

You have the right not to be discriminated against for exercising your privacy rights. 

• Right to appeal

If we deny your request, you may appeal our decision. 

‍

• Right to lodge a complaint 

You may lodge a complaint with relevant authorities such as the Federal Trade Commission, state attorney general, or other applicable authority, depending on the nature of the issue. We ask you to please attempt to resolve any issues with us before you contact your local supervisory authority and/or relevant institution. 

8. Additional information under GDPR

We may use profiling based on your on-chain activity to analyze and optimize the Service. However, we do not carry out automated decision-making, including profiling, that produces legal or similarly significant effects on you.

We have not appointed a data protection officer as we do not currently consider that we are required to do so under applicable data protection laws.

9. Specific provisions under applicable U.S. state privacy laws 

This Policy details the categories of Personal Information we collect and process, the categories of sources from which we obtain it, the purposes for its collection and processing, the categories of Personal Data we disclose to third parties for our operational business purposes, as well as our practices regarding data retention and deletion (please see sections 1-5). 

We do not sell your Personal Information in exchange for monetary compensation. However, we use targeting cookies to enhance your browsing experience by providing personalized ads and analytics (please see section 10) which may constitute “sharing” of Personal Information under applicable U.S. privacy laws. To opt-out of such uses of your Personal Data, you may contact us using the contact details provided in this Policy or exercise your preferences through any available consent management tools or privacy controls we may make available from time to time. We do not currently implement automated recognition of browser-based opt-out preference signals, such as Global Privacy Control (GPC). However, you may exercise your opt-out rights at any time by contacting us, and we will process such requests in accordance with applicable privacy laws. We will not unlawfully discriminate against you for exercising your rights under applicable privacy law. 

You may have certain rights under applicable law regarding your Personal Data. These rights are set forth above in the section 7 “What are your rights?”. If you have questions or wish to exercise your rights under applicable privacy laws, please contact us using the details provided in this Policy. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Data subject to the request. We may need to request additional Personal Data from you, such as your account email address where applicable, in order to verify your identity and protect against fraudulent requests. If you make a request to delete, we may ask you to confirm your request before we delete your Personal Data. We will respond to your request within timeframes required by applicable law (generally within 45 days). If you have a complex request, applicable law may allow us up to 90 days to respond. We will still contact you within 45 days from when you contacted us to let you know we need more time to respond. 

If we decline to take action on a request that you have submitted, we will inform you of our reasons for doing so, and provide instructions for how to appeal the decision. Depending on your state of residence you may have the right to appeal within a reasonable period of time after you have received our decision. If you have this appeal right, within the timeframe required under applicable law of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If we deny your appeal, we will provide you with a method for contacting your state attorney general’s office to submit a complaint to the extent required by applicable law.

Other California Privacy Rights 

Additional information for California residents regarding their privacy rights under the CCPA is included in this Policy. The CCPA permits you, as a California resident, to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to info@marinade.finance.

Do Not Track Notice: 

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not currently respond to or honor DNT signals or similar mechanisms transmitted by web browsers except as required by applicable law.

10. Tracking technologies and Cookies 

We use Cookies and similar tracking technologies to track the activity on our Service and Website and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service. The technologies we use may include:

• Cookies or Browser Cookies. A cookie is a small file placed on your Device. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Service. Unless you have adjusted your browser setting so that it will refuse Cookies, our Service may use Cookies.

• Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit our company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
  Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on your personal computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser. 

We use both Session and Persistent Cookies for the purposes set out below:

• Necessary / Essential Cookie

• Type: Session Cookies

• Administered by: Us

• Purpose: These Cookies are essential to provide you with services available through the Website and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that you have asked for cannot be provided, and we only use these Cookies to provide you with those services.

• Cookies Policy / Notice Acceptance Cookies

• Type: Persistent Cookies

• Administered by: Us

• Purpose: These Cookies identify if users have accepted the use of cookies on the Website.

• Functionality Cookies‍

• Type: Persistent Cookies

• Administered by: Us

• Purpose: These Cookies allow us to remember choices you make when you use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the Website.

For more information about the cookies we use and your choices regarding cookies, please visit section 14 (Cookies).

11. Links to other websites

Our Service may contain links to other websites that are not operated by our company. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

12. Changes to this Policy

This Policy may be updated from time to time to reflect legal, regulatory, or operational requirements relating to Personal Data protection and our protection. The current version will always be available on the Website.

You are advised to review this Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page.

13. Contact Us

If you have any questions about this Policy, you can contact us by email: info@marinade.finance‍

14. Cookies

We use technical Cookies (those that are strictly necessary) that are required for the operation of the Website or Services, which may be stored on your device without your consent. For all other types of Cookies, your consent is required. You can accept or reject non-essential Cookies via the cookie banner displayed when you first visit the Website.

You may withdraw your consent or change your cookie preferences at any time by adjusting your settings via the cookie banner or by contacting us using the details provided in this Policy.

Necessary (2)

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

‍

‍