Last Update: September 5th, 2022

Dear Visitor of the Site, complying with privacy law is particularly dear to us.

Processing of Personal Data“, in plain words, means any operation concerning any information relating to an identified or identifiable natural person. For example, first and last name, or an email address with a “user name” that identifies You (e.g. johndoe@….) is considered “Personal Data”, and the actions of collection, registration with us and use of Your Personal Data to send You a communication are considered “Processing” operations; same applies to communication of Data to other organisations and storage.

Our organisation is defined as the “Data Controller“, meaning that We are the entity that establishes how and for what purposes information relating to natural persons are processed.

You, as an individual whose Personal Data We process, are referred to as “Data Subject” and are entitled to receive the following information about who We are, what Personal Data We process, why, how and for how long We process it, and what obligations and rights You have in this regard.

If You are a natural person or a sole proprietorship, You are the Data Subject; if You are a private or public organisation (e.g. a corporation, association, public body), the Data Subjects are the natural persons who administer the organisation itself or who operate under its authority (e.g. its employees); information strictly related to the organisation (e.g. tax code number or VAT number) is not considered Personal Data.

Depending on whether You are a simple Visitor, sending us a Request through the Contact Form, and/or at the addresses You can find at the “Contact” Page, or in case You want to subscribe and use the Services, we collect and/or we require You to provide us with Data, necessary to permit You to browse our Site and/or receive our answers to your requests relating to the Services.

Definitions of terms and expressions used within this Privacy Policy are contained in the Glossary. For anything not expressly defined therein, please refer to the definitions set forth in our General Terms and Conditions as available on the Site from time to time (“GTCs”); in the event of any conflict between definitions, for the purposes of this Privacy Policy, the definitions in the Glossary (at the bottom of the page) shall prevail over those contained in the GTCs.

PLEASE NOTE THAT the GTCs may sometimes mention certain services that are not yet available on the Site. Our Privacy Policy for the time being in force never deals with Personal Data processing that arises from the provision of services that are not yet available because precisely such processing does not take place yet. When the services will actually be available and the processing methods finalised, you will be promptly informed about the update to our policy.

Who are we (“Data Controller”)?
Public Pressure Ltd., a company duly existing and incorporated under the laws of Ireland, with registered office in 3rd Floor, Ulysses House, Foley Street, Dublin 1, Ireland, D01 W2T2 registered at the Registrar of Companies of Dublin with Number 701750, VAT no.  IE-3929949FH.
What categories of Personal Data do we process?
Personal data that you may provide through the registration page, your personal profile page, checkout page, or any other section of the Site, at the minimum extent needed to fulfil each of the Purposes shown below. We process all the Data You supply when writing an email. We require You not to include in the communications You send us any “particular information” referred to You or others (e.g. health data). In order to allow You to browse the Site, we process Browsing Data, which sometimes does not consist of Personal Data because it cannot allow your Identification. For further information on the meaning of Browsing Data and whether they consist of Personal Data, You can consult the proper Glossary entry at the end of this Policy.   In addition, remember that in order to enable NFT-related transactions on the Marketplace, the Platform uses on a public blockchain. As a result, the Site collects and publicly displays information relating to the ownership transfer history of each of the NFTs transacted on the Marketplace, including information on which Wallets have owned/own a given NFT. If you do not wish to make this information (and in particular the movements on Your Wallets) publicly available, we recommend that You do not transact NFTs on the Site. You can learn more about the blockchain in use on the Site at the following link: https://moonbeam.network/
Why do we process Personal Data (Purpose) and what is the basis for the Processing (Legal Basis) of each category of Data?
n. Purpose Categories of Personal Data Legal basis
1 The need to make the Site available in accordance with the GTCs; analyse the traffic on the Site (e.g. detect the most visited pages, the number of visitors per time slot or day, geographical areas of origin, etc.) to understand how the Site is used, in order to manage, optimise, and improve it, or even just for statistical purposes; solve operational problems (e.g. anomalies in page loading) Browsing Data, anonymous information (which does not allow us to trace your identity) and Common Personal Data (e.g. full IP address) The necessity to perform  the contract (art. 6 § 1.b of the GDPR and the UK GDPR)
2 To perform monitoring activities to reject and/or prevent cyber attacks and frauds  (security of the system) Browsing Data, anonymous information (which does not allow us to trace your identity) Our legitimate interest of keeping our Site secure (art. 6 § 1.f of the GDPR and the UK GDPR) as far as Personal Data are involved
3 To satisfy your requests regarding the Site and our activities received at the contact details on the “Contacts” page through the Contact Form or through other means Common Personal Data The necessity to perform the contract (art. 6 § 1.b of the GDPR and the UK GDPR)
4 Provide the Services and perform all the activities related and subsequent, including the possibility of registering your own profile and transact NFT on the marketplace, in accordance with the GTCs. Common Personal Data The necessity to perform  the contract (art. 6 § 1.b of the GDPR and the UK GDPR)
5 Direct Marketing (sending advertising material, commercial communications, direct sell, market’s interviews, appreciation questionnaires) toward Lead and/or Prospect, also through the Newsletter. Common Personal Data (email address)  Your consent (art. 6 § 1.a of the GDPR and the UK GDPR), freely given and withdrawable at any time
6 Marketing communications relating to products or Services similar to those You have already purchased or negotiated with us, sent to the e-mail address previously provided by You (“soft spam” or “soft opt in”) or if so provided under the GTCs. Common Personal Data (e-mail address, service provided) Our legitimate interest in consolidating our business relationship with You (art. 6 § 1.f of the GDPR and the UK GDPR), unless You inform us that You wish to object it
7 Compliance with  obligations under Applicable Law and/or orders issued by Authorities. Common Personal Data The performance of the contract (art. 6 § 1.b of the GDPR and the UK GDPR) or the need to comply with  legal obligations (art. 6 § 1.c of the GDPR and the UK GDPR).
8 Establish, exercise and/or defend legal claims. Common Personal Data Our legitimate interest in exercising or defending our rights (art. 6 § 1.f of the GDPR and the UK GDPR).
To whom do we communicate the Data (Categories of Recipients)?
To the minimum extent necessary to achieve each of the Purposes, to:
  1. persons/entities who provide us with services and process data on our behalf as Site, Data Processors (e.g. software and hardware providers, email marketing providers, other IT service providers, accountants, other consultants, etc.);
  2. our personnel committed to confidentiality or subject to a legal obligation to confidentiality;
  3. public or private entities to whom we are required to communicate the data in accordance with the law;
  4. to the blockchain used by the Platform, and therefore, indirectly, to decentralised nodes managing such a blockchain, for the sole purpose of enabling NFT-related transactions.
Do we transfer Personal Data outside the European Economic Area?
Some of our IT service providers are based in countries that may not have equivalent privacy and data protection laws to the country in which You reside. We ensure that when we transfer information of users in the EEA, the UK or Switzerland to third countries the transfer will take place only in presence of an adequacy decision or on the basis of  the Standard Contractual Clauses (SCCs) which have been approved by the European Commission and other appropriate measures to safeguard the transfer. We invite the Visitor/ User to contact us for further information about the transferral of Personal Data outside the European Economic Area, the UK and Switzerland.
How long do we retain the Data?
The maximum extent of storage time is related to the provisions of the Applicable Law which allow us to (or obliged us to) retain the Data to protect our rights or until You exercise your right to object to the processing (if and to the extent that it is applicable). We process Personal Data for Marketing purposes until the withdrawal of the consent (or until You unsubscribe from the Newsletter). If You write to us for information through the Contact Form and/or at the addresses on the “Contacts” page we will hold your data for a maximum of one years from the request. The Browsing Data persists no longer than seven days (except for any need to ascertain crimes by the judicial authority).
Please note that the information relating to your NFTs transactions on the Platform will be permanently and immutably recorded on the blockchain used by the Site and will therefore always be viewable through the Site; this being due to immutability, decentralised management, public nature, and transparency policies of the blockchain that we have chosen for the benefit of the Site and its users, which will never allow us to delete such information. In other words, if you decide to transact NFTs on the Marketplace, you are consciously deciding to waive some of your confidentiality in the name of transparency, security and public proof of transactions. You can learn more about the blockchain in use on the Site at the following link: https://moonbeam.network/
Does the Site make use of Cookies?
Yes, and you can figure out what happens on this matter by reading our Cookie Policy.
Are You obliged to provide us with Personal Data?
Due to the operation of the Internet network, You may not refuse to communicate your Browsing Data; it is not allowed to refuse to communicate some Personal Data (e.g. IP address of your device). Of course You are not obliged to send us a request through the Contact Form or contact us to purchase our products and benefit from our Services, subscribe the Newsletter, but if You intend to do it, then You will have to provide us with the Personal Data we need. Also it is not mandatory to express consent for Marketing purposes.
What happens if You refuse to communicate your Data?
If You refuse to provide us with your Data for the contractual purposes, we will not be able to enter into and/or continue the Agreement.
If You refuse (initially or subsequently) the processing for Marketing purposes (e.g. Newsletter), You will not (or can no longer) be informed about news related to our activities, nor benefit from any promotions, discounts or bonuses.
Refusal to provide data for the other purposes is not possible.
What rights do You have as a “Data Subject”?
You, as the person to whom the data refer (“Data Subject”) have the right to:
  1. access the data held by the Controller, and to ask for a copy, unless the exercise of the right violates the rights and freedoms of other natural persons;
  2. request the rectification of  incomplete or inaccurate data;request the erasure of the data, subject to the exclusions or limitations established by the Applicable Law;
  3. request the restriction of processing, if the conditions are met and subject to the exclusions established by the Applicable Law request data portability (i.e. commonly used and machine-readable format, so that they can be transmitted to another Data Controller without hindrance), to the extent that the processing is based on consent or on the need to perform a contract, where technically possible and except where the exercise of the right infringes the rights and freedoms of other natural persons;
  4. lodge a complaint with the Data Protection Authority of your country, or of the place where the alleged violation occurred.  
Right to withdraw the consent
Remember that You can withdraw the consent given at any time, but the withdrawal will not affect the lawfulness of the data processing carried out in the period prior to such revocation.
Right to object
You may object to the processing of data based on:
  1. the legitimate interest of the Controller, and specifically for the purpose of direct marketing upon simple request, initially (by writing to the e-mail address below) or subsequently in each communication;
  2. the legitimate interest of the Data Controller, at any time for reasons related to your particular situation (e.g. harm to your honour, reputation, decorum), unless the Data Controller demonstrates a compelling and overriding legitimate interest, and unless the processing is necessary for the establishment, exercise or defence of a legal claim.  
Please note that, as already mentioned above, the Site uses a fully decentralised public blockchain to enable NFT transactions and therefore the information relating to your NFTs transactions on the Marketplace will be permanently and immutably recorded on the blockchain used by the Site and will therefore always be viewable through the Site.​​ At the present state of the art, there is no technical possibility for us to intervene on the blockchain (which is not managed by us, nor by one of our providers, but managed in a decentralised manner by multiple nodes scattered around the world and operating among themselves as peers) and to erase or modify such Data. Therefore, sometimes we might be unable to completely fulfil some of your requests pertaining to the Processing of your Personal Data (e.g. if you send us a request for complete erasure of your data, we will be able to erase your user profile, but we will not be able to erase from the transfer history of the NFTs you have owned or do own your Wallet address and other Data of yours related to the purchase of such NFTs. In other words, if you decide to transact NFTs on the Site you are consciously deciding to partially waive to some of the above-referred rights in the name of transparency, security and public proof of transactions. You can learn more about the blockchain in use on the Site at the following link: https://moonbeam.network/
Who can You contact for questions or to exercise your rights?
You may contact the Data Controller for questions concerning the processing of your Personal Data by sending an email to legal@publicpressure.io.

PLEASE NOTE THAT:

  1. The information presented herein relates exclusively to the processing of personal data collected through this Site. In the event that You enter into a relationship with us that goes beyond simply browsing the Site or requesting information, You will receive further information regarding the processing of your personal data.
  2. This Privacy Policy is in force from the date indicated in the header; we reserve the right to modify its content, in part or in full, even following changes to the Privacy Policy; we will proceed to the Publication of the updated version of the Privacy Policy on the Site and from that moment it will be binding: You are therefore invited to visit this section regularly.
  3. We do not intentionally collect personal information from individuals under the age of sixteen. In the event that information about children is recorded, we will delete it in a timely manner, at the request of the person concerned or of those exercising authority over them.

GLOSSARY

Agreement”: any agreement entered into by a Data Subject with our company.

Applicable Law”: any provision of laws and regulations, applicable to the processing of personal data through the Site.

“Browsing Data”: are the data that the computer systems and software procedures used to operate the Site acquire, during their normal operation, and whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified  Data Subjects, but given  their very nature, this information could, through processing and association with data by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the Site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc..) and other parameters relating to the operating system and computer environment of the user. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and is deleted immediately after processing.

Contact Form”: means any online form provided by us through the Site, composed of one or more pages, through which the Visitor can send information or make requests.

Cookies“: short fragments of text (letters and/or numbers) that allow the web server to store information on the browser to be reused during the same visit to the Site (session cookies) or afterwards, even after days (persistent cookies). Cookies are stored, according to the user’s preferences, by the individual browser on the specific device used (computer, tablet, smartphone). The following categories are considered:

  • Technical cookies: these cookies are essential for the correct functioning of the Site and are used for the sole purpose of transmitting a communication over an electronic communication network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or User to provide such service.
  • Analytical cookies: these cookies are used to anonymously collect and analyse the Site’s traffic and usage. These cookies, while not identifying the user, allow, for example, to detect if the same user logs in again at different times. They also make it possible to monitor the system and improve its performance and usability. The deactivation of such cookies can be performed without any loss of functionality.
  • Profiling cookies: these cookies are persistent ones used to (anonymously or otherwise) identify your preferences and improve your browsing experience.
  • Third party cookies (analytical and/or profiling): these cookies are generated by organisations not part of the Site, but integrated into parts of the Site page. For example, Google widgets (e.g. Google Maps) or social plugins (Facebook, Twitter, LinkedIn, Google+, etc.).

Data Processor“: “a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller”, as defined in Article 4, sub-paragraph 1, no. 8, of the GDPR and the UK GDPR.

GDPR“: Regulation (EU) 2016/679 “on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)”.

Processing“: “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction”, as defined in Article 4, subparagraph 1, no. 2, of the GDPR.

Recipient“: means “a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not”, as defined in Article 4, sub-paragraph 1, no. 9, of the GDPR.

Restriction of processing“: “the marking of personal data stored with the aim of limiting their processing in the future”, as defined in Article 4, sub-paragraph 1, no. 3, of the GDPR and the UK GDPR.

Supervisory Authority”: the independent public authority in charge of monitoring the application of the privacy law).

UK GDPR“: the Regulation (EU) 2016/679 as transposed in the United Kingdom as a result of Brexit, in accordance with the update to the Data Protection Act 2018, with effect from the 1st Jan 2021.

Visitor“: the natural or legal person who uses a device and navigates, through the Internet, on the public pages of the Site.

Site“: the web pages displayed through publicpressure.io, subdomains included, as well as any other web page provided by Public Pressure that expressly refers to this policy.