Privacy Policy
Last update: 14/10/2024
What is this document? Pursuant to art. 13 and 14 European Reg. 2016/679 (“General Data Protection Regulation” or “GDPR”) and in compliance with the principles contained therein, NATIX intends to inform you (“User” or “you”) about the processing of personal data happening during your participation in the Campaign (as defined in the Campaign Terms) through the NATIX Drive& app (hereinafter the “App”) as well as through your interaction with the Staking Interface (hereinafter referred to as the “Staking Interface”, as defined in the Staking Terms of Service) .
Who processes information about me?
We are NATIX Network Limited (hereinafter “NATIX” or “Controller” or “we”, pursuant to art. 4(7) GDPR) with registered offices in Asia Leading, Chambers, Road Town, Tortola VG1110, British Virgin Islands.
The terms and definitions used in this Privacy Policy have the same meaning as in the Campaign Terms, and in the Staking Terms of Service, unless otherwise stipulated in this Privacy Policy.
We provide users the possibility to participate in the Campaign and collect Rewards by providing us the Data collected using the App’s features. Additionally, we enable users to access the NATIX Network Protocol through the Staking Interface, that is one option for Users to Stake their $NATIX in exchange for receiving $NATIX as a reward. To do that, we need information about you. At NATIX, we are deeply committed to respecting and protecting the privacy of all our users. Our Privacy Policy is designed to provide transparency into our privacy practices and principles in a format that users can navigate, read, and understand. We are dedicated to treating your personal information with care and respect.
Our Privacy Policy is designed to give you a comprehensive understanding of the steps that we take to protect the personal information that you share with us, and we would always recommend that you read it in full.
You should also read our Campaign Terms which set out the contract between you and NATIX when you participate in our Campaigns, as well as the Staking terms of Service, which set out the contract between you and NATIX when you use the Staking Interface.
If you have any questions or comments on this policy, you can email us at: [email protected]
💡 DISCLAIMER
This Privacy Policy covers our use of any information that can or could be used to identify you (“Personal Data”). It does not cover information which cannot be used to identify you (“Anonymous Data”).
What Personal Data do we collect?
The personal data we collect includes:
Identity and contact data, such as your name (first name and last name), Internal Account ID and mailing/postal address, nickname, username.
Credentials, such as your phone number, or email address and authentication token provided by Google Signin, Apple ID or Discord Signin, depending on which external accounts you choose to use and depending on your privacy settings with those.
Demographic Data, such as your country of residency and age.
Device and Usage Data, such as:
Device location (GPS, Wi-Fi access points, mobile/cell tower triangulation): where detection mode is turned on/off, the location and type of detections that you make while using the App,
Information about the Mobile Device: Device Identifiers, Device OS, Model, Settings,
Mobile Device: OS software,
Mobile Device: Configuration,
IP Address,
Browser Type,
Browsed App Section, time spent on app section / feature, in-app links clicked, app settings and preferences, In-App Purchases,
In-App Actions and Achievements,
Mobile Device: Information about 3rd party applications and software installed on your device,
Device and Advertising Identifiers.
Cryptocurrency Wallet Data, such as:
Wallet Public Address
X Account Data, such as:
X handle,
Activity Data such as tweets, likes, retweets.
We do not collect ‘special categories of personal data through the App, such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, or health information). We also do not collect information about criminal convictions and offences.
How do we collect your Personal Data?
Personal Data you provide to NATIX
You are required to create an account to use the App. When you enroll in the Campaign, you are sharing certain Data about your App Account with us, depending on the option you used to create the account:
By entering your email or phone number and creating a password. Where this is the case, the Personal Data we collect are the email address or the phone number used.
With a supported external single sign-on service. Where this is the case, the Personal Data we collect also depends on which external accounts you choose to use and what your privacy settings with those services allow us to see when you use their services to access the App.
If you choose to link your Google account to the App, we will collect your Google email address and an authentication token provided by Google;
If you choose to link your Apple account to the App, we will collect your email address connected to your Apple ID account or a private relayed email address if you use the “Hide My Email” option provided by Apple.
If you choose to link your Discord account to the App, we will collect your Discord email address and an authentication token provided by Discord.
You also give us Personal Data when you convert collected points, or in general when you communicate with us. Depending on what your interactions are, that Personal Data may include your name, mailing address, phone number, country of residency, age, and email address. We use that information to fulfill our obligations to you and to provide related customer support.
You provide us with your Wallet Public Address, when you connect your Wallet to the App, as well as when you connect your Wallet to the Staking Interface.
3.2. Personal Data we collect automatically
We collect and use your device location information as you use our App, including (i) where you turn on/off the Detection Mode on the App and (ii) the location and type of detections that you make while using the App. We identify the location of the detection you make using a variety of technologies, including GPS, the WiFi points you are accessing the App through and mobile/cell tower triangulation.
We will also generate an internal account ID (a pseudonymized ID) to associate you with the detection made so to attribute points.
When you connect your X account with NATIX, we collect data related to your X account. This information is used solely to administer Social Quests.
How and why do we process your Personal Data?
In order to assign the Rewards you collect to your account, we process your Credentials, as it is necessary to enter into or perform a contract with you.
We process your Identity and Contact Data for points attribution and conversion, as it is necessary to perform a contract with you.
To provide technical and customer support to you, we process your Identity and Contact Data, Credentials, Demographic Data and Device and Usage Data, as it is necessary to perform a contract with you.
To distribute additional rewards to user, including but not limited to Raffle prizes, we process your Identity and Contact Data as well as In-App Actions and Achievements, as it is necessary to perform a contract with you.
For the purpose of connecting your wallet to our App, we are processing your Wallet Public Address and username, as it is necessary to perform a contract with you.
For the purpose of maintaining our relationship with you by providing important updates, such as update of our Campaign Terms and Privacy Policy, information about the product, development roadmap and new marketplace offers, we process your Personal Data such as your name, email address or phone number and information about your Mobile Device, as it is necessary to perform a contract with you and for compliance with legal obligations.
In addition, we have and rely on a legitimate interest in using your Personal Data for certain processing (the processing of the following is based on a legitimate interest of the Controller, according to art. 6.1.f GDPR). In particular:
We are processing your Personal Data, such as in-App actions and achievements, as well as certain information about your mobile device (including device identifiers, device OS, model, configuration, settings and information about third-party applications or software installed on your device), to our legitimate interest (according to art. 6.1.f GDPR) to carry out anti-fraud and anti-cheating measures against behaviors prohibited under our Campaign Terms.
For the purpose of User Analytics, we are processing your personal data such as your IP address, browser type, operating system, the section of the App which you browsed or the features you used, and the time spent on those sections or features, the links on our App that you click on, device and advertising identifiers, age, as well as actions you take while using the App, your user settings and preferences and your in-app purchases to our legitimate interest (according to art. 6.1.f GDPR) learn about our users, and understand who is using our App and how.
We rely on our legitimate interest to improve the features that we offer you in the Campaigns, or to provide you with new or additional features of our Campaigns by processing your Demographic, Device and Usage Data and Credentials.
We are processing your Personal Data, such as Identity and Contact Data, Demographic Data, Credentials, Device and Usage Data to inform you about new features, improvements, and updates in our Campaigns. This processing is based on our legitimate interest of ensuring our users are kept informed and can benefit from the latest advancements in our Campaigns.
We may also process your Personal Data to make legal or regulatory disclosures and to establish, exercise, or defend legal claims.
We will only use your Personal Data for carrying out certain processing if we have your consent (in other words, processing of the following is based on the data subject’s consent, according to art. 6.1.a GDPR). Those are:
Administer Social Quests, calculate Social Points and determine your position on the Social Airdrop Leaderboard. You can opt out of this anytime by disconnecting your X account from the App.
Send you marketing materials by email or via in-app notifications. You can unsubscribe from these at any time in your device settings or in-app settings.
Send you our newsletter. For this purpose, we are processing your Identity and Contact Data, Demographic Data, Credentials, Device and Usage Data.You can sign up to receive our newsletter. To send our newsletter, we use the newsletter sending service Mailerlite, 38 Mount Street Upper, Dublin 2, D02 PR89 Ireland.
Our newsletter is published regularly and contains information and news about us.
To register to the Newsletter, we process your email address from your registration. You can voluntarily provide us with additional information, such as your name. The registration to the Newsletter takes place while you are registering an account:
After you have selected registration method (Google, Apple, Discord, Email) you will be asked if you want to subscribe to our Newsletter. You need to select the Newsletter checkbox to sign up to the newsletter. After you subscribe to our Newsletter, you will receive a confirmation e-mail from us.
This entire process is documented and stored. This includes the storage of the registration and confirmation time as well as your IP address and your privacy choices. The collection of this data is necessary so that we can trace the processes in the event of misuse of the e-mail address and therefore serves our legal protection. By subscribing to our newsletter, you agree to receive it.
The basis for the processing of your data after registration for the newsletter is Art. 6 para. 1 p. 1 lit. a GDPR if you have given your consent.
We use this information in Mailerlite to send and evaluate the newsletter. The evaluation takes place on our behalf, but Mailerlite may also use the data for quality assurance and to improve the quality of its own services.
The "web beacon" contained in the newsletter is retrieved from the MailerLite’s server when the newsletter is opened. During this retrieval, information about the browser, your system, your IP address and the time of the retrieval is collected. In addition, information is collected on whether the newsletter is opened, when it is opened, and which links are clicked. For technical reasons, this information can be assigned to you as the recipient. However, it is not our intention to observe you as an individual user. The evaluations serve us much more to recognize the reading habits of our users in principle and to adapt our content to all users or to send different content according to the interests of our users.
You can withdraw your consent to the storage and use of your personal data to receive the newsletter and the statistical survey described above at any time with effect for the future. To withdraw your consent, you can use the link provided for this purpose in the newsletter or unsubscribe in our App.
Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. Accordingly, your e-mail address will be stored as long as the subscription to the newsletter is active for this purpose.
You can ask for an explanation of the legal basis of each processing at any time.
Processing modalities
The processing of Personal Data will take place through automated and/or manual tools in order to ensure proper security measures to prevent access, disclosure, loss, incorrect, illegal or unauthorized use of data.
Data sharing
Your Personal Data may be shared with the following external subjects:
internet service providers and platforms used by the Controller as organisation tools, channels of communication and/or promotion;
consultants and data sub-processors (a full list of the sub-processors can be found in the Attachment I) who perform services for us or on our behalf and require access to such information to do that job;
public subjects to whom such data must be communicated mandatorily by law or orders of the Authority.
These subjects act as autonomous data controllers or data processors. In the latter case, the Controller has signed a contract pursuant to Art. 28 GDPR (Data Protection Agreement or “DPA”).
The list of data processors is available by sending a request to the Data Controller at [email protected].
Personal data will also be processed by the Controller's internal staff specifically authorised pursuant to Article 29 of the GDPR.
Information that’s Public
Some of the information you give to us and the information we collect is public, and we will make it accessible to all Users of the App, on the Internet via our website and/or communication channels, and some third-party websites. This information includes:
Your username,
Your nickname,
Number of kilometers in each Cycle as well as the total number of kilometers,
Number of Cycle Points earned in each Cycle as well as the total number of Cycle Points earned,
Your HODL Club, HODL Rank and HODL Score.
This information is publicly available in order to ensure the transparency of various Leaderboards the Users can participate in, such as the Regional Leaderboard, Social Quests Leaderboard, Network Laps Leaderboard, HODL Clubs Ranking as well as User’s Referral Circles and winners of Raffles.
Data Processing Locations
Personal data are processed at the headquarters of the Controller, as well as in the servers that host the backend of the App. Controller ensures that when using cloud providers established outside the EEA, the processing of personal data by these recipients is carried out in accordance with applicable law. Transfers shall be carried out by means of appropriate safeguards, such as adequacy decisions, standard contractual clauses approved by the European Commission or other safeguards provided for in the GDPR.
Data Retention
We retain your data for:
the period necessary for the response regarding the sending of communications and responses to requests related to NATIX's business and in any case never for a period exceeding 12 months;
the period needed for the attribution of Points in regard to the location of your detection and in any case no more than 12 months in case of fraud prevention activities;
as long as it is needed for handling the contractual relationship and the related service as well as to provide customer support with regards to Account data;
until consent is withdrawn regarding the sending of newsletters and/or other materials for marketing communication purposes and in any case never for a period longer than 24 months;
according to applicable regulations to enable the Controller to fulfill formalities required by law, including those of a fiscal nature for a period of up to 10 years.
Data subject’s rights
The User may exercise all the rights provided for by Articles 15-21 of GDPR, at any time and without unjustified limitations, by contacting the Controller at [email protected]. Requests shall be filed free of charge and processed by the Controller within 30 days.
Specifically, the User can:
Obtain from the controller confirmation as to whether or not personal data are being processed (Art.15);
Obtain from the controller the rectification of inaccurate personal data (Art. 16);
Obtain from the controller the erasure of personal data (Art. 17);
Obtain from the controller restriction of processing (Art. 18);
Have the right to receive the personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller (Art. 20);
Have the right to object (Art. 21);
With regard to the purposes of processing based on consent, withdraw it at any time.
Complaints
In any case, Users are always entitled to lodge a complaint with the competent supervisory authority, under Art. 77 of the Regulation, if they believe that the Controller’s processing of their Personal Data is in violation of the applicable law.
Amendments
The Controller reserves the right to amend and update the Privacy Policy as a result of any further new or revised provisions laws and regulations on personal data protection. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "effective date" at the top of this Privacy Policy. We encourage users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect.
Attachment I
Full list of data sub-processors with the description of products and services we use for data processing:
MongoDB, Inc - MongoDB, Inc. is an American software company that develops and provides commercial support for the database MongoDB, a NoSQL database that stores data in JSON-like documents with flexible schemas. We use MongoDB Atlas - a fully managed cloud database that handles all the complexity of deploying, managing, and healing deployments on the cloud service provider. For more information on MongoDB’s Privacy Policy, visit: https://www.mongodb.com/legal/privacy-policy
Instabug, Inc. - Instabug is a software company used by mobile app developers to help track bugs and crashes, collect user feedback, monitor, prioritize, and debug performance and stability issues throughout the app development lifecycle. For more information on Instabug’s Privacy Policy, visit: https://www.instabug.com/privacy
XACT Acquisition - XACT provides us with Customer Contact Solutions for Phone, Chat, Email and Internet Support. For more information on XACT’s Privacy Policy, visit: https://www.myxact.com/company/privacy/
Google. LLC - Google LLC is a technology company focusing on artificial intelligence, online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, and consumer electronics. We use Google Analytics - a web analytics service that provides statistics and basic analytical tools for search engine optimization (SEO) and marketing purposes. The service is part of the Google Marketing Platform. Google Analytics is used to track website performance and collect visitor insights. We also use Google Tag Manager, which features support for tag organization and version control, 3rd party and community-developed tag templates, and enterprise collaboration and security features. We also use Google Looker Studio - a data visualization and business intelligence tool used to convert data into customizable informative reports and dashboards. We also use BigQuery - a serverless data warehouse that enables scalable analysis over large amounts of data. We also use Google Ads - Google’s pay-per-click (PPC) platform, which allows businesses to gain visibility across Google’s properties. If your explicit consent is provided, NATIX will use Google Ads remarketing service to advertise on third-party websites with personalized ads. We also use Google Sign in which helps you easily and securely sign in to our app with your Google Account. For more information on Google’s Privacy Policy, visit: https://policies.google.com/privacy?hl=en-US
Meta Platforms, Inc - Meta (formerly known as Facebook) builds technologies that help people connect, find communities and grow businesses. If your explicit consent is provided, NATIX will use Meta's remarketing service to advertise on third-party websites with personalized ads. For more information on Meta Platform’s Privacy Policy, please visit: https://www.facebook.com/privacy/policy
X Corp - X. com (formerly known as Twitter) is a free social networking site where users broadcast short posts known as tweets. If your explicit consent is provided, NATIX will use Custom Audiences feature to create specific user groups that can be used for retargeting, exclusion, and/or expansion. Additionally, if you decide to participate in Social Quests, NATIX will use your X account data, such as handle, tweets or retweets to administer Social Quests. For more information on X’s Privacy Policy, visit: https://twitter.com/en/privacy
Reddit,Inc - Reddit is a social news website and forum where content is socially curated and promoted by site members through voting. If your explicit consent is provided, NATIX will use Reddit's remarketing service to advertise on third-party websites with personalized ads. For more information on Reddit’s Privacy Policy, visit: https://www.reddit.com/policies/privacy-policy
Quora, Inc - Quora is a platform to ask questions and connect with people who contribute unique insights and quality answers. If your explicit consent is provided, NATIX will use Quora's remarketing service to advertise on third-party websites with personalized ads. For more information on Quora’s Privacy Policy, visit: https://www.quora.com/about/privacy
Firebase, Inc - Mobile and web app development platform that helps developers build apps and games, provided by google. For more information on Firebase’s Privacy Policy, visit: https://firebase.google.com/support/privacy
Mailerlite Limited - MailerLite is an email marketing tool we use for email communicaiton with our users. For more information on MailerLite’s Privacy Policy, visit: https://www.mailerlite.com/legal/privacy-policy
Apple, Inc – We use Apple ID which helps you easily and securely sign in to our app with your Apple Account. For more information on Apple’s Privacy Policy, visit: https://www.apple.com/legal/privacy/en-ww/
Discord, Inc - Discord is a voice, video, and text chat app that's used for the purpose of communication. We use OAuth2 that helps you easily and securely sign in to our app with your Discord Account. For more information on Apple’s Privacy Policy, visit: https://discord.com/privacy
Atlassian Corporation Plc - Atlassian is a development and collaboration software company that offers tools to help teams organize, collaborate, and complete work together. We use Jira Software – a project management tool to plan, track, release our app and provide support to our users. For more information on Atlassian’s Privacy Policy, visit: https://www.atlassian.com/legal/privacy-policy
Microsoft Corporation, Inc - Microsoft Office is a suite of applications we use for productivity and completing common tasks. For more information on Microsoft’s Privacy Policy, visit: https://privacy.microsoft.com/en-us/privacystatement
Slack Technologies - Slack is a messaging app we use for internal communication. For more information on Slack’s Privacy Policy, visit: https://slack.com/trust/privacy/privacy-policy
LINK Mobility Austria GmbH - LINK Mobility is a mobile application provider, providing communications services (SMS, MMS, Voice, Mobile Video, ...) via webSMS platform. For more information on LINK Mobility’s Privacy Policy, visit: https://websms.de/de-de/privacy/
WalletConnect, Inc - WalletConnect is an open source protocol that allows you to connect your crypto wallet to decentralized applications (dApps) on the web. For more information on WalletConnect’s Privacy Policy, please visit: https://walletconnect.com/privacy
NATIX GmbH – NATIX GmbH is a company which specializes in the development and distribution of AI, edge computing and security and data protection solutions and products. It is specifically active in the development of blockchain-based platforms. For more information on NATIX GmbH’s Privacy Policy, please visit: https://docs.natix.io/natix-drive-and-policies/privacy-policy-app
Mapbox, Inc. - Mapbox is a provider of custom online maps for websites and applications. For more information on Mapbox’s Privacy Policy, please visit: https://www.mapbox.com/legal/privacy
Last updated