This Privacy Notice (“Privacy Notice”) explains and sets out the basis for our collection of personal data when you visit our websites (https://anoma.foundation, https://anoma.net, https://namada.net), use our services, when you interact with us in relation to a contract, communicate with us or otherwise deal with us, how we use it, the conditions under which we may disclose it to others and the measures we take to keep it secure. In addition, we may inform you about the processing of your data separately, for example in consent forms, terms and conditions, additional privacy notices, forms and other notices. We use the word «data» here interchangeably with «personal data».

If you provide information to us about any person other than yourself, you must ensure that the data is accurate and that these people understand how their information will be used, that they have given their permission for you to disclose it to us and for you to allow us, and our service providers, to use it. You are welcome to provide them with a copy of this Privacy Notice.

Who we are

The responsible person for processing your data under this Privacy Notice (“Controller”) unless we tell you otherwise in an individual case is: Anoma Foundation, Baarerstrasse 82, 6300 Zug, Switzerland.

You may contact us regarding data protection matters and to exercise your rights at [email protected]

What kind of data we process about you and why

We process the following data about you for the purposes outlined below:

Data collection on our website(s) or platform

When you visit our website(s) or platform, we collect personal data that is necessary for the functionality and security of our website/platform (e.g. IP address and information about the operating system of your end device, referrer URL, date, region and time of the server request, browser type and version, name of your Internet provider).

Communication and contact forms etc.

When you contact us by email, telephone, chat, letter or other means of communication, we collect the data exchanged between you and us for the purposes of communicating with you and provide our services to you, in particular to respond to your enquiries. By providing us with this information, you acknowledge that we use your personal information in accordance with this Privacy Notice.

If you communicate with us via our accounts on third party platforms like Discord, GitHub, Twitter (“X”) or Telegram, your data will also be processed according to the privacy policies of the respective platform.

For further information on the purpose and scope of the data processing of Discord please see here: https://discord.com/privacy.

For further information on the purpose and scope of the data processing of GitHub please see here:https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement.

For further information on the purpose and scope of the data processing of “X” (formerly Twitter) please see here:https://twitter.com/en/privacy.

For further information on the purpose and scope of the data processing of Telegram please see here: Telegram Privacy Policy.

Newsletters

If you subscribe to our newsletter, we process the information provided by you (e.g. contact details) in order to provide you with our newsletter. You may cancel your subscription at any time by using the option to unsubscribe contained in the newsletter or by sending us an email to the address mentioned above.

Participation in our RPGF Drop Program

When you participate in our RPGF Drop Program we collect and process your Github username and wallet address / public Key for the purpose of your participation in the program. For further information on our RPGF Drop Program please see our respective Terms and Conditions.

Cookies

We use cookies to operate and optimise our website (see also "Tracking Tools” below). These are text files that are stored on your computer and enable the analysis of the use of our website. You can configure your browser in such a way that no cookies are stored on your computer or a message always appears before a cookie is installed. Please note that deactivation of cookies may result in our website not functioning or not functioning completely.

Tracking Tools

We want to process as little personal information as possible when you use our website. That's why we've chosen Fathom Analytics for our website analytics, which doesn't use cookies and complies with the GDPR, ePrivacy (including PECR), COPPA and CCPA. Using this privacy-friendly website analytics software, your IP address is only briefly processed, and we (running this website) have no way of identifying you. As per the CCPA, your personal information is de-identified. You can read more about this on Fathom Analytics' website. The purpose of us using this software is to understand our website traffic in the most privacy-friendly way possible so that we can continually improve our website and business. The lawful basis is, if required, our our legitimate interest to improve our website and business continually." As per the explanation, no personal data is stored over time.

Links to third party offerings

Our website may contain third-party offerings. Please note that when you use such link, your data such as IP address, personal browser settings etc., are transmitted to these third parties. We have no control over, do not review and cannot be responsible for these third-party websites or their content. Please be aware that the terms of this Privacy Notice do not apply to these third-party websites or their content, or to any collection of your data after you click on links to such third-party websites. We encourage you to read the privacy policies of every website you visit. Any links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.

Plugins and our presence on third party platforms

We do not use plugins on our website. If our website contains icons from other third-party providers (e.g. X, Discord, Telegram, GitHub), we only use these for passive linking to the pages of the respective providers. Please find further information on the purpose and scope of data collection and processing by the third party providers in their respective privacy policies. This also applies with regard to our own presence on third party platforms (e.g. X).

Integration of YouTube videos

We have integrated YouTube videos into website that are stored on YouTube.com and can be played directly from our website. These are all integrated in "extended data protection mode", i.e. no data about you as a user is transmitted to YouTube provided that you do not play the videos, however, if you play the videos, the data mentioned below is transferred. We have no influence on this data transfer. The legal basis for the display of the videos is your consent, i.e. the integration only takes place after you click on the video. By visiting the website, YouTube receives the information that you have called up the corresponding sub-page of our website. In addition, the above-mentioned basic data such as IP-address and timestamp are transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as user profiles and uses them for purposes of advertising, market research and/or needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right. The information collected is stored on Google servers, including servers in the US. For these cases, the provider complies, according to its own information, with the EU-U.S. Data Privacy Framework and/or relies on Standard Contractual Clauses (SCCs) for providing appropriate data protection safeguards. For up to date information please see Privacy Policy – Privacy & Terms – Google. You will also find further information about your rights and settings options for protecting your privacy there.

On-Chain Data

By using our protocol you acknowledge that your wallet addresses and other data/information provided by your transactions, which are considered personal data if relating to an identified or identifiable natural person, are permanently and publicly stored on the blockchain, and – depending on your choice of privacy regarding the transition – publicly available to anyone. Neither we, nor any third party, has any power to delete such data published by its users to the blockchain. If you want to ensure that your privacy rights are not affected in any way, you should not transact on blockchains as certain rights may not be available or exercisable by you or us due to the technological infrastructure of the blockchain.

You hereby release and indemnify us of any liability associated with data that you transferred to the blockchain.

Providing Services and performance of a contract

We process your data (e.g. your contact data and further information provided by you, data on the services provided to you) for entering into a contract with you, perform and administer it and to provide our services to you.

Services improvement and innovation

We process your data for marketing and business activities in relation to our services.

Safety or security reasons

We process your data to protect our IT and other infrastructure. For example, we process data for monitoring, analysis and testing of our networks and IT infrastructures including access controls. We might also use surveillance systems, e.g. cameras for security purposes. In such a case, we will inform you at the relevant locations separately.

Compliance with law and legal procedures

We process your data to comply with legal requirements, e.g., money laundering and terrorist financing, tax a etc. and we might have to request further information from you to comply with such requirements («Know Your Customer», “KYC”) or as otherwise required by law and legal authorities. Furthermore, we may process your data for the enforcement of legal claims and for the defense in legal disputes and official proceedings.

Risk management, corporate governance and business development

We process your data as part of our risk management and corporate government in order to protect us from criminal or abusive activity. As part of our business development, we might sell businesses, parts of businesses or companies to others or acquire them from others or inter into partnerships and this might result in the exchange and processing of data based on your consent, if necessary.

Legal basis for the processing of your data

Where we asked for your consent (e.g. for receiving newsletters), we process your data based on such consent. Where we did not ask for your consent and where required under applicable law, we process your data on other legal grounds, such as

• a contractual obligation
• a legal obligation
• a vital interest of the data subject or of another natural person
• to perform a public task
• our legitimate interest.

To whom do we transfer your data?

As part of our data processing, we may share your personal data with third parties, in particular to the following categories of recipients:

Service providers

We may share your information with service providers and business partners around the world with whom we collaborate to fulfil the above purposes (e.g. IT provider, shipping companies, advertising service provider, security companies, banks, insurance companies, telecommunication companies, credit information agencies, address verification provider, lawyers) or who we engage to process personal data for any of the purposes listed above on our behalf and in accordance with our instructions only.

Legal authorities

We may pass on personal data to offices, courts and other authorities in Switzerland or abroad if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The authorities are responsible for processing data about you that they receive from us.

Contractual partners

In case required under the respective contract we share your data with other contractual partners. If we sell or buy any business or assets, we may disclose your data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.

Do we disclose your data abroad?

The data that we collect from you may be transferred to, processed and stored in, a country outside the European Economic Area (EEA) or Switzerland. In view of the EEA or Switzerland the law in some of those countries may not offer an adequate level of data protection. We only transfer data to these countries when it is necessary for the performance of a contract or for the exercise or defense of legal claims, or if such transfer is based on your explicit consent or subject to safeguards that assure the protection of your data, such as the European Commission approved standard contractual clauses, adjusted according to Swiss law, if applicable and required.

How long do we keep your data?

We only process your data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of complying with legal retention requirements and where required to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled. Upon expiry of the applicable retention period we will securely destroy your data in accordance with applicable laws and regulations.

Security of your data

We take appropriate organizational and technical security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. However, we and your personal data can still become victims of cyber-attacks, cybercrime, brute force, hacker attacks and further fraudulent and malicious activity including but not limited to viruses, forgeries, malfunctions and interruptions which is out of our control and responsibility. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Your choices and your rights

To the extent provided for by applicable law, you may request information free of charge about the data processed relating to you, its origin and recipients and the purpose of the data processing. You may also have the right to correction, deletion, restriction or objection to processing, as well as to the transfer of the data to another controller.

Furthermore, you can revoke your consent at any time with effect for the future. All you need to do is send us an informal e-mail.

Please note that the foregoing rights are subject to legal restrictions and may interfere with or make impossible the provision of our services.

How you can update your information

The accuracy of your information is important to us. If you change your contact information, or any of the other information we hold is inaccurate or out of date, please email us to the email address mentioned above.

Updating and changing this Privacy Notice

Due to continuous development of our website/platform and the contents thereof, changes in law or regulatory requirements, we might need to change this Privacy Notice from time to time. Our current Privacy Notice can be found at https://anoma.foundation/privacy-notice.