Privacy Policy

Last Updated: June 16, 2025

Introduction: This Privacy Policy explains how the sponsor of our Web3/NFT global referral contest (the “Company,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information of contest participants and website visitors. We are based in the United States, but we provide services to users worldwide and strive to comply with major data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), among others. Participants in our contest remain pseudonymous (identified by wallet addresses or usernames) unless we are required by law to verify your identity for Know Your Customer (“KYC”) or other compliance purposes. By participating in the contest or using our website, you agree to the collection and use of your information as described in this Privacy Policy. If you do not agree, please refrain from using our services or entering the contest.

Types of Data Collected

We collect different types of information from and about you. This includes:

  • Wallet Addresses: When you connect your cryptocurrency wallet or register for the contest, we collect your public wallet address. While a wallet address alone is a pseudonymous identifier that does not directly reveal your real-world identity, it can become personally identifiable if combined with other information. We treat wallet addresses and any associated blockchain activity as personal data when it can be linked to you.

  • Social Media Handles: If you provide us with or link a social media username (for example, your X (formerly Twitter), Discord, or other handle) for referral tracking or communication purposes, we collect that handle. This allows us to attribute referrals and contact you via social platforms if needed (for example, to announce you as a winner or address support questions).

  • Website Usage Information: We automatically collect certain information about your use of our website through log files and analytics tools. This may include your Internet Protocol (IP) address, browser type and version, device type, operating system, referral URLs, pages viewed, and the dates/times of your visits. We also collect information about your interactions with our site (such as link clicks or time spent on pages). This data helps us understand how users navigate our site, enables us to secure the platform, and assists in improving our services.

  • Cookies and Tracking Data: Like most websites, we use cookies and similar tracking technologies (such as web beacons, pixels, and local storage) to collect information automatically. Cookies are small data files placed on your device that allow us to recognize your browser and remember certain information. We use these technologies to keep you logged in, track your referral link usage, remember your preferences, and gather analytics about aggregate site traffic. For more details, see the Cookies and Tracking section below.

  • KYC Information (Identity Verification Data): In general, you can participate in the contest pseudonymously. However, if we are required by applicable law or contest rules to verify winners’ identities for prize fulfillment, age verification, anti-money laundering (AML), sanctions compliance, or other legal purposes, we may collect additional personal information. This “KYC” information can include your full name, date of birth, postal address, email address, telephone number, government-issued identification numbers (e.g. passport or driver’s license number), copies of identification documents, selfies or photographs for identity proof, and any other information necessary to confirm your identity. We will only collect this information if it is required (for example, for large prize winners or as mandated by law) and will use it solely for verification and compliance purposes (see KYC and Legal Compliance below).

  • Publicly Available Information: We may also collect or utilize information about you that is publicly available. This includes on-chain blockchain data associated with your wallet address and public social media content. For instance, blockchain transactions related to the contest (such as receiving an NFT prize) are recorded on a public ledger by design. Similarly, if you publicly post about the contest (for example, tweeting that you participated or won), we may collect that information. We collect and use such public data to verify contest results, prevent fraud, or engage with our community (e.g., acknowledging a winner’s announcement tweet). See Use of Public Information for Marketing for how we might use public data in promotions.

Note: Some of the data we collect (such as wallet addresses, device information, and IP addresses) may be considered “personal data” or “personal information” under certain privacy laws, especially when it can be linked to an identifiable individual. We handle all personal data in accordance with applicable laws and the terms of this Policy.

Use of Data

We use the collected data for various purposes necessary to operate our contest, provide our services, and meet legal requirements. The primary uses of your information include:

  • Contest Operation and Administration: We use your information to register you for the referral contest, track referrals and entries, validate participant eligibility, and administer the contest. This includes determining referral counts and contest rankings, selecting winners, and awarding prizes. For example, we will use your wallet address to credit referral rewards and your social handle to attribute referred sign-ups. If you win, we will use your provided contact (such as your wallet address or social handle) to notify you and deliver your prize.

  • Communication: We may use your data to communicate with you about the contest and related updates. This can include sending administrative messages such as confirmation of entry, referral status updates, winner announcements, or responding to inquiries you send us. If you contact us for support or questions, we will use your contact information (e.g., social handle or email, if provided) to address your issue. We might also send optional newsletters or updates about our project or future contests, but you will have the ability to opt out of marketing communications if you receive them.

  • Analytics and Improvement of Services: We use website usage and cookie data to analyze how our users interact with our site and contest platform. These analytics help us troubleshoot technical issues, understand user engagement, and improve the design and content of our website. For example, we might analyze overall traffic patterns or referral link effectiveness to optimize the user experience. This use of data is typically on an aggregated basis, and does not focus on individual users except as needed to investigate fraud or technical problems.

  • Fraud Detection and Security: We process personal data to maintain the integrity and security of the contest. This includes monitoring for fraudulent or suspicious activities, enforcing contest rules, and preventing abuse. For instance, we may use IP addresses or device fingerprints to ensure one person is not creating multiple accounts, or use on-chain analysis to verify that contest rewards are not being gamed illicitly. We also may employ automated tools to detect bots or cheating. These measures protect both the Company and all participants from malicious behavior.

  • Marketing and Promotional Activities: We may use certain information (primarily pseudonymous or aggregated data) for promoting our contest and related products/services. For example, we might feature the contest’s success by mentioning how many participants joined or highlighting top referrers by their public username or wallet (without revealing personal identities). We may also contact you with information about future contests or projects if you have indicated interest or if it relates to the contest you participated in. Any direct marketing to individuals will be done in accordance with applicable law – for example, if required, we will obtain your consent or provide an opt-out mechanism. Additionally, as described in Use of Public Information for Marketing, we might announce winners or notable achievements using publicly available identifiers (like a winner’s wallet address or username). We will not use your private personal information (like real name or contact info) in marketing without your consent.

  • Legal Compliance and KYC Verification: We will use your information to comply with our legal and regulatory obligations. This includes using personal data for Know Your Customer (KYC) and anti-money laundering checks if required, verifying that participants are not from restricted jurisdictions or on any sanctions lists, confirming that you meet age requirements (e.g., typically contestants must be 18+ or legal age in their jurisdiction), and fulfilling any financial reporting or tax obligations related to prize awards. If you are a contest winner, we might be required by law to collect additional information (such as tax identification for prize reporting, or citizenship information for export control compliance). We use any data collected for these purposes strictly to meet our legal requirements and for no other purpose.

We will only process your personal data for the purposes above and in ways that are compatible with those purposes. Where required by applicable law, we rely on certain legal bases for processing personal data. For example, our collection and use of data is generally based on: contractual necessity (to perform our obligations and provide the contest services to you), legitimate interests (to ensure the contest is operated fairly, securely, and to promote our business in appropriate ways), and legal obligation (compliance with laws and regulations). If we ever process your data based on consent (such as using optional cookies or sending marketing communications by email), you have the right to withdraw that consent at any time (see User Rights below).

Data Sharing

We value your privacy and do not sell your personal information to third parties. However, in certain circumstances we do share your information with third parties, as described below, in order to operate our business and comply with legal requirements. Any sharing of data is done under strict conditions to safeguard your information.

  • Service Providers and Vendors: We share personal data with trusted third-party service providers who perform functions on our behalf. These include web hosting companies, cloud infrastructure providers, database management services, analytics providers, email or messaging services, customer support tools, and KYC/identity verification services (if we must verify your identity). For example, if we use a third-party platform to run the referral contest or an identity verification company to process KYC documents, those vendors will receive the relevant personal data needed to provide their service. We ensure that such service providers are bound by contractual obligations to keep your data confidential and to use it only for the purposes we specify.

  • Affiliates and Partners: If the contest is run in collaboration with other organizations or within a corporate group, we may share your information with our affiliates, subsidiaries, or business partners involved in the contest. For instance, if a partner organization is co-sponsoring the prizes, we might need to provide them with the winner’s wallet address or contact info to fulfill the prize. Any affiliated entities or partners who receive your data will be required to handle it in accordance with this Privacy Policy (or under privacy terms that offer similar protection).

  • Legal Compliance and Protection: We may disclose personal information when we believe in good faith that such disclosure is necessary to comply with a legal obligation, regulation, or valid legal process (such as a subpoena, court order, or government demand). This includes sharing information with law enforcement, regulators, or governmental authorities if legally required or if you violate the law. We may also disclose data if necessary to enforce our contest Terms and Conditions, to investigate or defend against third-party claims or allegations, to prevent fraud or security issues, or to protect the rights, property, and safety of our organization, our users, or the public. (For example, if we suspect someone is attempting to hack our site or commit fraud, we may provide information to law enforcement.)

  • Business Transfers: In the event that the Company is involved in a potential or actual merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your personal data may be disclosed to successors or counterparties as part of that transaction. If another company acquires our assets or business, that company will possess the personal information collected and will assume the rights and obligations regarding your information as described in this Privacy Policy. We will require any new owner to continue to honor the privacy commitments we have made here, or we will notify you and seek your consent if required by law.

  • With Your Consent: In cases where we want to share your information for purposes not covered by this Privacy Policy, we will ask for your consent. For example, if we ever wanted to post a testimonial with your name, or share your details with a third-party for their own marketing, we would only do so if you explicitly agree. You have the right to refuse or revoke such consent at any time.

Public Blockchain Data: Please note that if a transaction related to the contest (such as awarding a prize in cryptocurrency or NFT) is recorded on a public blockchain, that information is by nature shared publicly and cannot be erased. This is not a “data sharing” we control – it is an inherent aspect of using blockchain networks. For example, if you win an NFT and we send it to your wallet, the blockchain ledger will show a transfer from our wallet to your wallet, which is visible to anyone. Rest assured that aside from necessary on-chain disclosures, we do not publicly reveal any personal identities behind wallet addresses, except as outlined in Use of Public Information for Marketing or with consent.

Cookies and Tracking

We use cookies and similar tracking technologies on our website to provide and improve our services. This section explains how we use these technologies and your choices regarding them.

What are Cookies? Cookies are small text files that websites send to your device (computer or mobile) to store information about your preferences or usage. We use both session cookies (which expire when you close your web browser) and persistent cookies (which remain on your device for a set period or until you delete them). Other tracking technologies we may use include web beacons or pixel tags (tiny images or snippets of code that can track actions like whether an email was opened) and local storage (which allows data to be stored locally in your browser). These technologies help us recognize you on return visits, personalize content, and gather usage data.

How We Use Cookies: We use cookies and tracking tech for several reasons:

  • Essential Cookies: Some cookies are necessary for our site to function properly. For example, they may enable site security, allow you to log in or stay logged in, or remember your referral code as you navigate the site. Without these, basic features of the contest website may not work.

  • Preference Cookies: We may use cookies to remember your choices and preferences, such as language selection or whether you dismissed a notification, to provide a more personalized experience.

  • Analytics Cookies: We use analytics and performance cookies to collect information about how users interact with our site. This includes data like which pages are visited, how long users stay, and which links are clicked. This information is aggregated and helps us improve the website’s design, content, and performance. We might use third-party analytics services (such as Google Analytics) that set their own cookies to assist with this; these services collect usage data in an anonymized or pseudonymized manner.

  • Referral Tracking: Since this is a referral contest, we may use cookies or similar methods to track referral links. For instance, when a new user clicks on your unique referral link, a cookie might record that they were referred by your ID or handle, so that if they sign up, you get credit. This cookie ensures referrals are attributed correctly even if the new user doesn’t register immediately on first click.

  • Advertising and Marketing Cookies: We currently do not host third-party ads on our site, but we may use cookies to promote our own project. For example, we might use a pixel or cookie to note that you visited our site, and then use that information to show you an advertisement for our project on a third-party site (this is a form of first-party marketing). We may also use information about your visits to target announcements about our services to you or others with similar interests. Importantly, no directly identifying personal information (like your name or email) is shared with advertising partners in this process – if used, it relies on anonymized or pseudonymous data such as cookie IDs or aggregated audiences. You can opt out of such advertising by disabling cookies as described below or using browser-based ad-blocking tools. We do not sell your data to advertisers, and we do not allow third-party ad networks to collect your personal information for their own purposes through our site without your knowledge.

Your Choices: You have the ability to control or limit how cookies and similar technologies are used:

  • Browser Settings: Most web browsers allow you to refuse new cookies, delete existing cookies, or notify you when a new cookie is set. Please refer to your browser’s help section for instructions on how to do this. For example, you can typically find options under settings or preferences to clear cookies or set privacy preferences. If you choose to disable or reject cookies, note that some parts of our website might not function properly for you. For instance, you may not be able to remain logged in, or referral tracking might not work.

  • Do Not Track: Some browsers have a “Do Not Track” feature that lets you tell websites you do not want to be tracked. Currently, there is no universal standard for how to interpret Do Not Track signals, and our site does not respond to them. We instead provide the cookie opt-out options described here.

  • Analytics Opt-Out: To opt out of Google Analytics or similar analytics cookies, you can use tools or browser add-ons provided by those service providers (e.g., Google offers a browser add-on to opt out of Google Analytics tracking). You can also use privacy-focused browser extensions that block analytics scripts.

  • Cookie Consent Banner: If required by law in your region (for example, if you are in the EU/EEA), we will present you with a cookie consent banner or pop-up when you first visit our site. This banner allows you to accept or reject non-essential cookies. You can always change your preferences later by adjusting your browser settings or contacting us for assistance.

For more detailed information on our use of cookies (such as a list of specific cookies in use), please see our Cookie Policy if available, or contact us with any questions. By using our site with cookies enabled, you are consenting to our use of cookies as described in this section.

KYC and Legal Compliance

Because our project operates in the Web3/crypto space and involves a global contest, we take legal compliance seriously. This section explains how we handle personal data in the context of “Know Your Customer” (KYC) procedures and other legal obligations.

Pseudonymity and KYC Triggers: We recognize that many participants prefer to remain pseudonymous (identified only by a wallet address or alias). We honor that preference and will not ask for personal identity information unless it becomes necessary. Typical scenarios that might trigger a KYC request include:

  • You are selected as a prize winner of a significant prize value (especially if required by law for tax or regulatory reasons to verify identity before awarding the prize).

  • There is a need to comply with anti-money laundering (AML) laws, anti-fraud measures, or sanctions screening (e.g., ensuring no prizes go to individuals in embargoed countries or on watchlists).

  • Age or residency verification (for example, if the contest or prize has age restrictions or is void in certain jurisdictions, we may need proof of age or residency).

  • Other cases where a law or regulation mandates identity verification or record-keeping (for instance, if authorities require us to collect identity info for large transactions).

Information Collected for KYC: If we determine that KYC verification is required, we will contact you with instructions on how to complete the process. The information we (or our authorized KYC service provider) collect from you at that time may include:

  • Full name (first, last, and any middle names)

  • Date of birth

  • Nationality and country of residence

  • Government-issued identification numbers (such as passport number, national ID number, driver’s license number, or similar)

  • Scans or photos of your government-issued ID document (passport, ID card, driver’s license, etc.)

  • A selfie or photograph of you (to compare with your ID photo as a liveness check, if required)

  • Proof of address (such as a utility bill or bank statement)

  • (If relevant) Additional compliance information, such as source of funds or a declaration regarding sanctions exposure.

We will explicitly inform you what data is needed and for what purpose at the time of KYC collection. You have the right to decline to provide KYC information; however, if you choose not to complete a required KYC, you may be disqualified or deemed ineligible to receive the prize or continue participating, due to our legal obligations.

Use and Storage of KYC Data: Any personal information collected for KYC/AML purposes will be used strictly for verifying your identity, screening against required watchlists, and complying with record-keeping laws. We will not use this sensitive information for any marketing or unrelated purposes. KYC data is considered highly sensitive, and we apply elevated security controls to protect it (encryption in storage and transit, strict access controls, etc.). Only staff or processors with a need-to-know (e.g., our compliance officer or the KYC vendor) will handle this data. We also limit how long we retain KYC documents (see Data Retention below), keeping them only as long as required by law or necessary for compliance audits. For example, financial regulations in some jurisdictions require retaining identity verification records for a minimum period (such as 5 years).

In performing KYC, we may use trusted third-party identity verification services. These KYC providers act as our data processors, collecting your information and documentation through a secure portal. They provide us with a verification result (e.g., “verified” or “pass/fail”) and relevant data points. We ensure any KYC service provider is contractually obligated to protect your data to high standards of privacy and security, and to use it only for the verification purposes we specify.

Legal Compliance: Apart from KYC, there are other legal compliance activities that may involve processing your data:

  • Sanctions and Fraud Screening: We may check your provided wallet address or other identifiers against public sanctions lists and blockchain analytics tools to ensure compliance with export control and anti-terrorism financing laws. (Wallet addresses, while pseudonymous, can sometimes be linked to sanctioned entities or known fraud schemes, and we reserve the right to screen for such risks.)

  • Record-Keeping: If you win a prize, we might be required to collect certain information for tax reporting (for instance, U.S. tax law may require a winner to complete a W-9 form if the prize value exceeds a threshold, which includes providing a Social Security Number or Tax ID). We will inform you if such information is needed and ensure it’s handled confidentially and only used for mandated reporting.

  • Law Enforcement Requests: If we receive a lawful request from a public authority (such as a subpoena or court order), we may be compelled to provide certain personal data. Our policy is to review each request carefully and only comply if required by applicable law. Wherever possible and legally permissible, we will notify affected users of any such request before disclosing information.

In all cases, our approach is to collect the minimum data necessary for compliance and to be transparent with you about it. We maintain a comprehensive compliance program and a “privacy by design” approach, meaning we integrate privacy considerations into our contest operations and technical systems from the start.

Global Data Transfers

The Company is based in the United States, and the data we collect is generally processed and stored on servers located in the U.S. However, by the global nature of our project, your personal data may be transferred to or accessed by our team or service providers in other countries. We understand that different countries have different data protection laws, and if you are located in a region like the European Economic Area (EEA) or United Kingdom, we are committed to ensuring an adequate level of protection for your information when it leaves your country.

Transfers from the EEA/UK: When we transfer personal data from the EEA, UK, or other regions with data transfer restrictions to the United States or any country that is not deemed to have “adequate” data protection by relevant authorities, we take steps to comply with legal requirements for such transfer. Typically, this means we implement appropriate safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) or other legally recognized mechanisms. These contractual agreements impose data protection obligations on the recipient of the data and provide rights for individuals whose data is transferred. In some cases, we may rely on your consent for the transfer (for example, if you initiate a transaction that inherently involves a cross-border transfer), but we will do so only if permitted and if other safeguards are not in place.

International Operations and Providers: Our team may have members or contractors in various countries, and some of our external processors (cloud providers, etc.) might utilize global infrastructure. This means your data could be stored or processed on servers in multiple countries, such as within the European Union, Asia-Pacific, or elsewhere, depending on where resources are allocated. Regardless of where processing occurs, we enforce the same security measures and privacy standards as described in this Policy. Our service providers are vetted for strong data protection practices and, where required, we have signed agreements with them (including SCCs or equivalent for non-EU providers) to protect your information.

Recognition of Global Privacy Laws: We also take into account frameworks like the APEC Cross-Border Privacy Rules and any relevant international agreements to ensure lawful transfer and handling of data worldwide. Although no list of laws is exhaustive, we aim to abide by the spirit and requirements of major privacy regimes across the world as applicable to our operations.

Your Acknowledgment: By using our website or participating in the contest, you understand that your personal data may be transferred to and processed in the United States and other countries. Those countries may have data protection rules different from your country. In all such transfers, we will protect your information as described in this Privacy Policy. If you have questions about cross-border data handling, you can contact us (see Contact Information below) and we will be happy to provide additional details.

Data Localization: If certain laws require that specific data remain within a certain territory (data localization requirements), we will endeavor to comply (for example, by using regional data centers). As of the Last Updated date of this Policy, we do not specifically localize general contest data, but we continually monitor legal developments in the countries where we have users.

User Rights

We respect your rights to your personal data. Depending on the jurisdiction in which you reside or applicable law, you may have some or all of the following rights regarding the personal information we hold about you:

  • Right to Access: You have the right to request confirmation that we are processing your personal data, and to request a copy of the information we hold about you. We will provide you with the relevant data in a common digital format, or in writing, as required. This is sometimes called a “Data Subject Access Request.” (For example, you can ask us to send you a report of what personal data we have associated with your wallet or account.)

  • Right to Rectification: If any of your personal information that we have is inaccurate or incomplete, you have the right to request that we correct or update it. For instance, if you provided an email or contact and it has changed or was entered incorrectly, you can ask us to fix it. We want to ensure we have accurate data, and will promptly make corrections based on your verified request.

  • Right to Erasure: You have the right to request that we delete your personal data. This “Right to be Forgotten” is subject to certain limitations – for example, we may need to retain certain information for legal compliance or legitimate business purposes. We will honor deletion requests to the extent we can. If you ask to delete data that is necessary for us to provide the service (e.g., your contest registration information), we may need to cancel your participation. We will inform you if such a situation arises. Note that because of the nature of blockchain, we cannot delete data that is stored on a public blockchain (e.g., past transaction records); however, we can delete information that we store on our own servers.

  • Right to Restrict Processing: You have the right to request that we limit the processing of your personal data under certain circumstances. For example, if you contest the accuracy of the data or have objected to our processing (see “Right to Object” below), you can ask that we restrict processing while your request is pending. This means we would store your data but not actively use it until the issue is resolved.

  • Right to Data Portability: For data that you have provided to us, you have the right to request a portable copy in a structured, commonly used, machine-readable format. You can also ask that we transmit such data to another service provider where technically feasible. This right mainly applies to data processed based on your consent or for the performance of a contract. In practice, if you request it, we can provide things like the list of referrals you made, or any profile info you gave us, in a CSV or JSON format that you could re-use elsewhere.

  • Right to Object: You have the right to object to our processing of your personal data in certain scenarios. Specifically, you can object to processing that is based on our legitimate interests or for direct marketing purposes. For example, if we use your data to send you promotional messages, you can opt out and object to further marketing – we will then cease marketing communications to you. If you object to processing based on legitimate interest (like some analytics or security processing), we will evaluate your request and stop or adjust processing unless we have compelling legitimate grounds to continue or a legal requirement that overrides your objection.

  • Right to Withdraw Consent: If we are processing any personal data based on your consent, you have the right to withdraw that consent at any time. For instance, if you consented to optional cookies or to receiving newsletters, you can change your mind later. Withdrawing consent will not affect the lawfulness of any processing we did prior to withdrawal, and it won’t affect processing under other legal bases, but it means we will stop the specific activities that relied on consent.

  • California Privacy Rights: If you are a California resident, you have certain additional rights under the CCPA (as amended by CPRA). These include the right to know the categories and specific pieces of personal information we have collected about you, the categories of sources of that information, the business purpose for collecting (or sharing) the information, and the categories of third parties with whom we share it. Most of this information is provided in this Privacy Policy. You also have the right to request that we delete your personal information (which aligns with the erasure right above). Additionally, California residents have the right to opt out of the “sale” or “sharing” of personal information. We do not sell your personal information for money; in the context of CCPA, “sale” and “sharing” could include certain uses of cookies or advertising. We do not share personal information with third parties for cross-context behavioral advertising without consent. If you believe our use of your data constitutes a “sale” or “sharing” under CCPA and you wish to opt out, please contact us and we will honor that request. California law also gives you the right to correct inaccurate personal information and to limit use of sensitive personal information (if we had any). We generally only collect sensitive information (like ID data) for KYC, which is used solely for compliance, so by default we limit its use.

  • Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. This means, for example, we will not deny you our services, give you a different level of service, or charge you a different price or rate (or suggest we would do so) just because you made a privacy rights request. The contest outcome (aside from necessary data for entry) is not conditioned on you agreeing to any processing that’s not essential.

Exercising Your Rights: You can exercise these rights by contacting us using the information in the Contact Information section. Please clearly describe your request – for example, “I am requesting a copy of my data” or “Please delete my account data.” For your security and to prevent fraud, we will need to verify your identity before fulfilling certain requests (such as access or deletion requests) to ensure that the person making the request is you or an authorized representative. Verification methods may include contacting you through previously provided channels or asking for information that confirms your identity.

We will respond to your request within the timeframe required by law (for instance, CCPA requires us to respond to verifiable consumer requests within 45 days, with possible extension; GDPR requires response within one month, etc.). If we need more time, we will inform you of the reason and extension period in writing.

Some requests might be limited by law; for example, if fulfilling a deletion request would impede a legal obligation (like we need to keep certain records), we will explain that in our response. However, we will endeavor to fulfill your request to the fullest extent possible.

If you are an EU/EEA or UK individual and believe we have not handled your personal data properly or have not fulfilled your rights, you have the right to lodge a complaint with your country’s data protection supervisory authority. We encourage you to contact us first, so we can address your concerns directly, but you are free to contact the authority at any time.

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, or as required by applicable law. This means that we evaluate the type of data and the reason we collected it, and determine an appropriate retention period on that basis.

In practice:

  • Contest Data: We keep the data collected for the contest (such as your registration info, referral activity, and wallet addresses) for the duration of the contest and a period afterwards. After the contest ends, we may retain data for a reasonable period in case of any disputes, to pay out all rewards, to analyze the contest’s success, or to comply with any legal obligations (for example, retaining a record of winners for regulatory or tax purposes). Typically, we retain general contest records for up to 3 years.

  • KYC Data: If we collected KYC/AML information from you, we will retain that information for the minimum period required by law or recommended by regulators. In many jurisdictions, AML laws require businesses to keep identity verification records for 5 years from the end of the customer relationship or date of the transaction. We will securely store your KYC data for the required period and then delete it. We will not keep KYC documents longer than necessary.

  • Website Analytics Data: Analytics data (like log files and cookie information) may be retained for a shorter period, typically a 3 months to 3 years, unless we need to keep it longer (for example, if required for security investigations or if the data has been aggregated/anonymized). Aggregate data that no longer identifies a user may be kept longer for statistical purposes without notice.

  • Communications: If you contact us, we may retain correspondence (emails, support tickets, etc.) as long as needed to address your inquiry and for our records. This helps us serve you better in future interactions and maintain an audit trail of our communications. These records will be purged periodically if no longer needed.

  • Legal Records: We may need to retain certain information for longer periods if necessary to comply with legal obligations. For instance, if a law requires us to keep records of contest winners for X years, or if we reasonably anticipate a potential legal claim related to the contest, we will retain the relevant data until it is no longer needed for that purpose. Similarly, backup copies of data might be retained for a short duration beyond active use, but are governed by strict access controls until they are automatically overwritten or deleted.

When the retention period for a given set of personal data expires, or if you request deletion and we no longer have a legal basis to keep it, we will either securely delete or anonymize the data. Secure deletion means we will remove it from our active databases and archives in a manner that it cannot be readily recovered. If complete anonymization or deletion is not immediately feasible (for example, data stored in long-term backups), we will isolate the data and protect it from further use until deletion is possible.

Please note that due to the decentralized nature of blockchain, any data recorded on a public blockchain (such as cryptocurrency transactions) cannot be altered or erased by us – those records may persist on the blockchain indefinitely by design. However, any personal data we hold off-chain (in our systems) is subject to the above retention policy.

If you have specific questions about our data retention practices (for example, “How long will you keep X type of data?”), feel free to contact us for more detailed information.

Data Security

We are committed to protecting your personal data and have implemented a variety of technical and organizational security measures to guard it against unauthorized access, alteration, disclosure, or destruction. However, it is important to understand that no method of transmitting data over the internet or storing data electronically is completely secure, and we cannot guarantee absolute security.

Security Measures:

  • Encryption: We use encryption to protect sensitive data. For example, our website employs HTTPS (TLS encryption) for data transmission, which means that information you send to us (such as form entries) is encrypted in transit. For particularly sensitive data (like KYC documents), we also encrypt the data at rest in our databases or secure storage.

  • Access Controls: We limit access to personal data to employees, contractors, and service providers who need to know that information in order to process it for us. They are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations. Within our organization, we use role-based access control so that, for instance, a marketing team member would not have access to raw KYC data, and an engineer troubleshooting site logs would only see pseudonymized identifiers.

  • Security Testing and Monitoring: We regularly monitor our systems for vulnerabilities and attacks. We employ firewalls, intrusion detection systems, and anti-malware tools to prevent unauthorized access. Our systems are kept updated with security patches. We may also engage in routine penetration testing and security audits to evaluate the strength of our defenses.

  • Secure Development Practices: Our platform is developed following best practices for security (such as input validation, protection against SQL injection, CSRF tokens for requests, etc.). We follow a “privacy by design” and “security by design” philosophy. This means security and privacy considerations are integrated into the development lifecycle of our contest platform and website from the start.

  • Vendor Due Diligence: When we use third-party service providers (hosting, analytics, KYC processors, etc.), we vet their security practices. We choose reputable providers with proven track records in security. We also ensure any transfer of data to them is protected (for example, through encrypted channels and agreements on how they will protect the data).

Despite all our efforts, no security measure is infallible. The Internet by its nature has risks, and new threats emerge constantly. We therefore cannot guarantee that personal information may not be accessed, altered, or destroyed by a breach of our safeguards. You should also take care with how you handle and disclose your personal data. Avoid sharing your account credentials with others, use strong and unique passwords, and notify us immediately if you suspect any unauthorized access to your account or wallet.

Incident Response: In the event of a security breach that compromises your personal data, we will act promptly to identify the cause and contain the incident. We will notify affected users and relevant authorities as required by law. This may include emailing you at the contact information we have on file and posting a notice, depending on the severity of the breach and legal requirements. We will also take steps to mitigate any potential harm and prevent a recurrence, such as by patching vulnerabilities, restoring integrity from backups, and providing guidance to users on protective measures.

By using our services, you acknowledge that you understand these security measures and their inherent limitations. We continuously update and refine our security practices to meet the evolving threats and to protect your privacy.

Use of Public Information for Marketing

Our project exists in a transparent blockchain ecosystem, and we occasionally leverage publicly available information for community engagement and marketing. This section clarifies how we might use information that is already public (either on-chain or on social platforms) to promote the contest or announce results, while still respecting your privacy.

On-Chain Data and Winner Announcements: Blockchain transactions and wallet activities related to our contest are public by the nature of blockchain technology. For example, when contest rewards are distributed, anyone can see the transfer on the blockchain between our wallet and the winner’s wallet address. We reserve the right to publicly announce contest winners or notable contest achievements by referencing pseudonymous blockchain identifiers. For instance, we might publish a blog post or tweet saying “Congratulations to the top referrer, wallet 0xABC… (truncated for privacy) for winning first place!” or “The contest has ended with 500 participants – prize NFT sent to winner’s wallet 0xABC…”. Similarly, if a certain wallet achieved a record (like most referrals), we might mention that wallet address in our communications. We will typically truncate or abbreviate long wallet addresses for readability and a modest level of privacy (e.g., showing only the first and last few characters). We will not associate the wallet address with a real name or personal identity unless you have publicly done so or consented to such disclosure.

Social Media and Community Interaction: We are active in our community and may repost or share content that participants make public. If you voluntarily post on social media about the contest (for example, tweeting “I just referred 10 friends to [Project]’s NFT contest!” or sharing an image of a prize NFT on Instagram), we may like, comment on, or share your post through our official accounts. If your X (formerly Twitter) handle or other social media username is evidently connected to your participation, we might include that in marketing narratives, such as “User @YourHandle referred the most new members!” Additionally, some participants link their wallets to social identities (for example, using an NFT as a profile picture or having an ENS domain name that incorporates a name). If we can reasonably infer a connection between a wallet and a person’s public online persona, we might mention that persona. For example, if wallet 0xABC... is known to correspond to X (formerly Twitter) user @CryptoFan (because that user has publicly declared their wallet or is using it in a public way), we might say “Congrats to @CryptoFan (wallet 0xABC...)* for winning!” in a tweet. We emphasize that we will only make such connections if they are public knowledge or self-disclosed by the user – we will not “dox” anyone or reveal information that isn’t already shared publicly by that person.

Limited Scope and Respect: Any use of public information for marketing will be done tastefully and in a way that respects our users. We use public data primarily to celebrate winners, share success stories, and promote transparency (for example, proving that prizes were indeed delivered on-chain). We will not use public data to embarrass or target users negatively. If your public information is used in a way that you are uncomfortable with, please reach out to us and we will consider your request (for example, if you win but prefer to remain totally anonymous, we can discuss alternative announcement approaches).

No Private Data in Marketing: We will never expose your private personal data (anything not already public) in our marketing without your explicit consent. For instance, we won’t reveal your real name, email, physical address, or any KYC details in public communications. Even if you have completed KYC for us, we will keep that information confidential and separate from any marketing content. Our marketing team typically only has access to pseudonymous data (like wallet IDs or social handles) and not to sensitive personal details.

Examples of Marketing Use Cases:

  • Announcing winners on our website or social media by wallet address or username.

  • Publishing statistics about the contest (e.g., “Top 10 referrers and their referral counts”) using pseudonyms or wallet fragments.

  • Retweeting or sharing user-generated content such as a tweet from a participant who is excited about winning or a YouTube video of someone’s contest experience.

  • Showcasing public blockchain data as proof of fair play (e.g., linking to the transaction hash on Etherscan for the prize distribution so that the community can verify it).

  • Citing an interesting public fact, like “The winner’s wallet had participated in 3 other NFT drops – a true enthusiast!” without connecting it to any real-world identity.

By participating in the contest, you acknowledge that if you win or achieve notable status, your pseudonymous identity (wallet address or username) could be highlighted publicly. We believe this is in the spirit of transparency and community recognition common in the crypto space. That said, if you strongly prefer that we do not use even your public identifiers in this way, please notify us. We will consider such requests on a case-by-case basis and try to accommodate reasonable privacy concerns while still maintaining the integrity of our announcements.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us:

  • Email: contact@snakedevs.com (Please include “Privacy Inquiry” in the subject line for faster routing.)

We are committed to resolving any issues or questions you may have about your privacy. When you contact us, please provide sufficient detail about your question or request, including any relevant account or participation information, so we can efficiently address your inquiry. For security and confidentiality reasons, we may need to verify your identity before sharing or modifying any data in response to a request (for example, if you are asking about data associated with a wallet address, we might ask you to sign a message with that wallet to prove ownership).

If you have a concern about how we have handled your personal data, we would appreciate the opportunity to make it right. Most issues can be resolved through our support team. If you feel we have not adequately addressed your privacy questions, depending on your jurisdiction, you may also have the right to contact your local data protection authority (for example, in the EU you can reach out to your country’s supervisory authority).

Updates to the Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. If we make changes, we will notify you by updating the “Last Updated” date at the top of this Policy. In the case of material changes (for instance, if we start collecting new types of personal data or significantly change how we use data), we will provide a more prominent notice of the update. This could include a post on our website, a message via our community channels, or even a direct notification (such as an email or dashboard alert) when feasible.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued participation in the contest or use of our website after any changes to this Policy will be deemed acceptance of those changes. If you do not agree with a change, you should discontinue use of our services and contact us with any concerns.

In the event we ever want to use personal data in a manner materially different from what was stated at the time of collection, we will seek your consent where required or provide an opt-out opportunity before the new use takes effect.

Thank you for reading our Privacy Policy. We value your privacy and are excited to have you as part of our Web3/NFT community. If you have any questions or need clarifications about this Policy, please reach out to us at the contact information provided above.

Privacy PolicyTerms & Conditions