Privacy Policy

1. COMPANY AS THE DATA CONTROLLER

• Headquarters respects your privacy and confidentiality.
• Personal data collected is kept secure and used only with your consent.
• This policy explains how Headquarters collects, processes, uses, and discloses your personal data from use of the website (https://gnosishq.com/) and other related services.
• The Privacy Policy is part of Headquarters’ Terms of Service (https://gnosishq.com/terms-of-use).
• Headquarters is a SaaS platform helping users share content and analyze viewers who are non-registered users.
• Questions or requests regarding personal data can be sent to: privacy@hq.xyz

2. General Definitions

• Affiliate: Entity controlling or controlled by another entity.
• APIs: Application programming interfaces offered by Headquarters as part of Subscription Services.
• Data Controller: The party determining purposes and means of personal data processing.
• Data Protection Laws: Laws regulating use and processing of personal data.
• Personal Data: Any data that can identify an individual, directly or indirectly.
• Purposes: Reasons for collecting your personal data as described here.
• Services: Website, APIs, Subscription Services, Services Data, and related offerings.
• Services Data: Content, software, and data made available through services.
• Third Party Provider: External service providers unrelated to Headquarters.
• User / You: Individual accessing the Website and Services.

Capitalised terms follow meanings in Headquarters Terms of Service unless otherwise defined.

3. PURPOSE AND SCOPE

• Policy applies mainly to data collected online, but may include offline data.
• Covers collection from Users and information about Viewers collected on Users’ behalf.
• Headquarters isn’t responsible for privacy policies of Users or third parties.

4. HOW WE COLLECT YOUR PERSONAL DATA

We collect Personal Data depending on how you use our services:

• From Users:
  • Account creation and login details (name, email).
• From Viewers:
  • Data like email addresses when accessing User content, stored on Users’ behalf.
• Automated Collection:
  • Technical device data such as IP address, device type, OS.
• User-generated Data:
  • Voluntarily provided info like text, photos, attachments tied to your account.
• Transactional Data:
  • Details when entering transactions like service requested, payment info, dates.

Additional sources may include agreements, interactions with our team, or other contacts.

Data may be combined with info from other sources for purposes listed in this policy.

Note: This policy does not cover third-party data collection outside of Headquarters control.

5. TYPES OF PERSONAL DATA WE COLLECT

Includes but not limited to:

• Contact and registration info (name, DOB, email, phone).
• Location info (nationality, residence).
• Usage data of Website and Services.
• Technical info like IP addresses and browser details.
• Payment details if applicable.
• Blockchain wallet identifiers.
• Aggregated anonymised statistical data.
• Social media identifiers (e.g. Facebook, Discord) when relevant.
• Any other info you provide.

Note: Wallet identifiers are collected to pull transaction histories from blockchains or exchanges you connect.

Third-party features: Website may include social media sharing/liking, which collect data per their policies.

National ID numbers: Collected only as legally necessary for identity verification.

6. HOW WE PROCESS AND USE YOUR PERSONAL DATA

Purposes include:

• Providing requested Services.
• Sending updates, newsletters, and responding to requests.
• Business intelligence and data analytics.
• Managing customer relationships.
• Internal records and account authorisation.
• Identity verification.
• Personalising user experience.
• Security enforcement and compliance.
• Handling subscriptions and legal obligations.
• Improving Website and Services.
• Tailoring content and advertisements.
• Contacting you regarding your use of services.
• Other incidental business purposes related to the above.

Legal basis for processing:

• Consent given by Users.
• Permitted processing until Users object (opt-out), except where GDPR applies.
• Necessary for contract performance, legal claims, or compliance.
• Public interest or official authority.
• Legitimate interests not overridden by user rights.
• Other lawful bases as permitted.

We may notify you of any other uses at or before data collection.

Processing occurs at Headquarters offices or elsewhere depending on involved parties.

7. WHO HAS ACCESS TO YOUR PERSONAL DATA WITHIN OUR ORGANISATION

• Access is limited to staff who need it to provide services or respond to inquiries.
• Teams may include marketing, events, product development, and customer support.
• Access is on a strict need-to-know basis.

8. HOW WE DISCLOSE OR EXPORT YOUR PERSONAL DATA

• Personal Data may be disclosed to trusted third parties (“Third-Party Processors”) who process data on our behalf or for related purposes.
• These include agents, contractors, advisers (auditors, lawyers), third party providers, and potential assignees or merged entities.
• Disclosures comply with Data Protection Laws and include contractual protections.
• We may disclose your data when legally required or to protect Headquarters’ rights and safety.
• A current list of Third-Party Processors is provided at the end of the policy.

9. HOW WE MAINTAIN YOUR PERSONAL DATA

• Reasonable security measures are in place to protect your data.
• Protection against unauthorized access, loss, alteration, or misuse.
• Data is destroyed or anonymised when no longer needed for legal or business reasons.
• We aren’t responsible for misuse caused by factors beyond our control.

10. OUR POLICY CONCERNING CHILDREN AND THEIR PERSONAL DATA

• Services and Website are not directed at children under 16.
• We do not knowingly collect or share children’s personal data.
• If discovered, children’s data will be deleted.
• Any future changes to collect children’s data will require verifiable parental consent.

11. COOKIES AND GOOGLE ANALYTICS

• Cookies store info on your device to track usage; disabling cookies won’t break the site.
• We use cookies for anonymous statistics and may work with third-party analytics, currently Google Analytics.
• Google Analytics collects visitor behavior data for website optimization and advertising.
• You can disable cookies or Google Analytics tracking through browser settings or plugins.
• More info on Google Analytics privacy and options:
  • Google Privacy Terms
  • Google Analytics opt-out
  • Google Ads Settings
  • Google Analytics data protection

12. WHERE YOU PROVIDE US WITH THIRD-PARTY PERSONAL DATA

• You must only provide third-party personal data if allowed under Terms of Service.
• You warrant that you have obtained consent from individuals for us to collect and use their data for the stated purposes.
• You agree to use our forms/documents for obtaining consent where requested.
• You warrant data accuracy and authority to share the data.
• If providing children’s data, you confirm you are their legal guardian and consent to our data practices.

13. THIRD-PARTY LINKS

• Website may include links to third-party websites/apps.
• Headquarters is not responsible for their content or privacy practices.
• You should review third parties’ privacy policies separately.

14. YOUR RIGHTS IN RESPECT OF YOUR PERSONAL DATA

• You may ask about or object to the use of your data, request updates or access at any time by contacting us.
• Requests for data correction or access must be in writing.
• We aim to respond within 30 days or notify you otherwise.
• We may refuse requests as permitted by law.
• Refusal to provide required data may affect your ability to use our services.
• We may charge a fee for responding to access requests, which will be communicated beforehand.
• We respect and uphold all applicable data protection rights.

15. CHANGES TO THIS PRIVACY POLICY

• We may update this policy anytime by posting changes on the Website and possibly notifying you.
• Major changes take effect 30 days after notice; minor ones take effect immediately.
• Review the policy regularly to stay informed.
• If changes affect processing based on your consent, we will seek renewed consent where required by law.