“personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
“controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
“processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
“consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. Who is the person determining the purposes and means of the processing?
3. Why do we process your data?
We collect, process, and use personal data on our Site in order to offer you better products and services, best adapt our business processes to the users’ needs, and steer you to the most suitable product information and online applications.
In particular, data is processed in order to:
- provide our services efficiently and effectively;
- develop, enhance, market and deliver products and services to you; find bugs;
- understand your needs and your eligibility for products and services;
- conduct surveys.
Moreover, we may directly or indirectly collect and temporarily store personally identifiable information for operational purposes, including for the purpose of identifying blockchain addresses or IP addresses that may indicate use of the Site from prohibited jurisdictions or by sanctioned persons or other prohibited uses.
4. Which personal data do we process?
When using the Site, we usually only collect the personal data that your browser transmits to our server. When you view our Site, we collect the following data:
- IP address;
- Browser type (e.g. Google Chrome, Firefox);
- Device resolution;
- Type of device;
- Device name (e.g. iPhone 12 Pro Max);
- Device brand;
- Operating system and version (e.g. Windows 10);
- Returning visitor or not;
- The origin point of traffic (Direct link or search engine);
- Geographic location.
6. Retention of Personal Data
Please be aware that public blockchains provide transparency into transactions and Delphi is not responsible for preventing or managing information broadcasted on a blockchain.
7. Security, Protection and Use of Personal Data
Delphi constantly implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
- the pseudonymization and encryption of personal Data;
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
- a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
The security measures in place will, from time to time, be reviewed in line with legal and technical developments.
8. Recipients of Personal Data
We also reserve the right to disclose personal data that Delphi believes, in good faith, is appropriate or necessary to enforce our Terms of Service, take precautions against liability or harm, to investigate and respond to third-party claims or allegations, to respond to a court order or official requests, to protect security or integrity of Delphi and to protect the rights, property or safety of Delphi, our users or others.
9. Data Subjects’ Rights
The user has the right to obtain confirmation as to whether the personal data concerning him or her are being processed, but only to the extent that we are able to match the pieces of personal data provided by the user with data that is stored and accessible in our systems. If we are able to make a match, we will provide access to the personal data and all the relevant information. Otherwise, we will notify the user that we were not able to match the personal data provided with data in our systems.
With respect to other categories of rights that might be exercised depending on the place where you are located, please consider Section 14 below.
10. Users Under Age
According to the Site’s Terms of Service users must be at least eighteen years of age, of sound mental capacity and have all technical knowledge necessary or advisable to understand and evaluate the risks of the Site
Delphi does not knowingly collect or store any personal information about users under 16. If you believe such information has been inadvertently processed, we will take necessary steps to remove such information from our database.
11. Social Plugins
The Site uses social plugins from the social networking sites Twitter. If you access the Site using such a plugin, your browser will contact the server of the underlying social networking site, load the visual presentation of the plugin, and present it to you.
While this is happening, the social networking site receives information concerning your visit to our Site, as well as further data such as your IP address. This means that we may use your personal information to facilitate your sharing of information between us and your social media service.
13. Contact details
14. Additional information for users located in the European Economic Area and in the United Kingdom
B. Lawful Basis for the Processing of Personal Data
The GDPR requires a “lawful basis” for processing personal data. In principle, our lawful basis is established by Art. 6(1)(b) GDPR as the processing is necessary for accessing the services of the Site. Moreover, pursuant to Art. 6(1)(f), the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, in matters related to crimes and legal compliance and in order to ameliorate the efficiency and the user experience of the Site.
C. Data Subjects’ Rights
According to the GDPR, the user has also the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her (Art. 16 GDPR); the right to obtain the erasure of personal data concerning him or her without undue delay in one of the situations outlined in Art. 17 GDPR; the right to obtain from the controller restriction of processing in accordance with Art. 18 GDPR; the right to data portability in accordance with Art. 20 GDPR.
The user has further the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (Art. 21 GDPR).
Please consider that data committed to blockchains cannot be altered or eliminated. If you want to know more about the potential application of GDPR provisions to public blockchains and distributed ledgers please consult the study commissioned by the European Parliament.
Your personal information may be stored, transferred to, and processed in any country where we have facilities or in which we engage service providers. These countries may be outside your country of residence, including the United States, and may have different data protection laws than in your country.
If you are located in the EEA, we will implement appropriate safeguards to protect your personal information as required if we transfer it outside the EEA.