We will process your personal data in accordance with the Swiss Federal Data Protection Act (the “FDAP”). The GDPR would apply to processing of your personal data as well if you are residing in the EU and such processing is done in connection with us offering you goods or services, irrespective of whether a payment of the data subject is required, or if your behaviour is anyhow monitored. The GDPR would apply also, if any of the third-party service providers we use for processing of your personal data is based in the EU (e.g. Lightcurve GmbH).
a) your use of our website under the domain lisk.com (the “Website”) and Lisk Foundation’s website under the domain lisk.foundation;
b) your use of our newsletter (the “Newsletter”);
c) your use of our tools:
- Lisk Mainnet;
- Lisk Testnet;
- Lisk Betanet;
- Lisk Desktop;
- Lisk Mobile;
- Lisk Explorer;
- Lisk Commander
- Lisk Service
- Lisk Faucet (https://testnet-faucet.lisk.com/);
(collectively: “Lisk Products”);
d) your participation in the following Lisk Programs:
- Lisk Grant Program (https://lisk.com/grant-program);
- Bug Bounty Program (https://lisk.com/bug-bounty-program);
(collectively: “Lisk Programs”);
e) and your participation in events and activities organized by Lisk, such as conferences, meetups, trainings etc. (collectively: “Lisk Events”).
For every processing activity we provide you with information on the legitimate basis for such processing under the GDPR. The Swiss FDAP, on the other hand, does not require us to do so.
Changes and updates
Representative and Joint-controllership
Lightcurve GmbH, postal address: Eichhornstraße 3, 10785 Berlin, Germany; email: firstname.lastname@example.org, (“Lightcurve”) is our representative in the European Economic Area (the “EEA”) for the purpose of communications and all issues related to data processing under the GDPR. In regards to some of the processing activities, Lisk and Lightcurve act as joint-controllers since they jointly determine the purposes and means of processing of your personal data. Regarding any issues related to such processing of your personal data or the execution of your rights (see section Your rights), feel free to contact either Lisk or Lightcurve. (“Joint-controllership”). Appropropriate information is provided in the description of the processing activities in this Policy whenever Joint-controllership occurs.
Lightcurve may also act as a sole data controller for particular processing activities. Each situation of that kind is always clearly specified in this Policy. Should that be the case, your personal data would be processed in accordance with this Policy and you will have the same rights and obligations as stated in this Policy.
Therefore, regarding any issues related to the processing of your personal data by Lisk or jointly by Lisk and Lightcurve, issues related this Policy or execution of your rights (see: Your rights), feel free to contact either Lisk (email@example.com) or Lightcurve (firstname.lastname@example.org).
Please be informed, however, that Lisk Dev Forum (https://dev.lisk.com/) and Lisk Research Forum (https://research.lisk.com/) that are managed for Lisk by Lightcurve which acts as data controller are exceptions and they are not subject to this Policy.
How do we process your personal data
1. Personal data you give to us
What is collected:
Our Website collects certain information automatically and stores it in log files. The information may include:
- IP addresses,
- the region or general location where your computer or device is accessing the internet,
- browser type,
- operating system, and
- model of your CPU and GPU.
In general, the above mentioned information is necessary to enter any website on the Internet with Hypertext Transfer Protocol (http); the applicable legal basis is the performance of the contract under GDPR Art.6.1(b) (terms and conditions of using the website).
We also use this information to help us design our Website to improve the user experience; the applicable legal basis for this is our legitimate interests under GDPR Art.6.1(f). As for the log files - we keep the haproxy logs for 52 days and cloudfront logs for a year.
Social media sharing buttons:
You can share different content from our Website on your social media accounts by simply clicking on sharing buttons. For that purpose we use services provided by AddToAny (www.addtoany.com) which is both GDPR and CCPA compliant. Therefore, when clicking on the sharing buttons no personal data would be collected from you and shared with the social media providers.
When entering for the first time any of the websites we host (the Website, Lisk Explorer, Lisk Faucet) you will be provided with a cookie notice. It will explain what type of cookies we use and will allow you to grant us consent on using them.
Cookies are text files placed on your device to collect standard Internet log information and visitor behavior information.
More information about the cookies we use and how we process information collected with their use may be found in our Cookie Notice & Settings.
We use Google Analytics as a third party analytics service, and to track our advertising campaigns on third party websites and services. We use Google Analytics to collect information about how our Website performs and how our users, in general, navigate through it. Types of information which may be collected from you vary and may include:
- your device and browser information;
- user ID (given to you by Google Analytics);,
- anonymized IP-address;
- geolocation data;
- date, time, and duration of use of the Website;
- links you visited;
- links, by which you were addressed to the Website;
This helps us evaluate our users' use of the Website; compile statistical reports on activity; and improve our content and Website performance; the applicable legal basis is your consent under GDPR Art.6.1(a). Google provides further information about its own privacy practices and offers a browser add-on to opt out of Google Analytics tracking.
Your personal data will be processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards of this processing activity, since Lightcurve helps us to manage the Website.
b. Foundation's website
Apart from the Website which is the main communication channel for the Lisk project, we also operate the website dedicated to the Foundation under the following domain name: lisk.foundation.
As with any other websites, when you enter the Foundation’s website, certain personal data is being collected from you (see Website above for the types of personal data being collected). This information is necessary for connecting to servers where the Foundation’s website is hosted and for browsing the website; the applicable legal basis is the performance of the contract under GDPR Art.6.1(b) (terms and conditions of using the website). No additional personal data is being collected from you.
Your personal data will be processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity, since Lightcurve helps us to manage and host the Foundation’s website.
c. Contact form
In order to do that, apart from writing your message or request, it is necessary that you provide us with your email address so we can contact you back. Your email address will be processed solely for the purpose of communicating with you in regards to your message or request; the applicable legal basis for this is our legitimate interests under GDPR Art.6.1(f).
Your personal data will be processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity
CAUTION! We do not advise you to send us any data that is considered to be sensitive personal data in the meaning of Art. 9 GDPR, i.e. information on your racial or ethnic origin, sexual orientation, marital status, political affiliation, religion or any other beliefs, health, criminal records or a trade union membership.
You can subscribe to our Newsletter if you want to receive general updates on Lisk projects and regular updates on the development of various Lisk tools. In order to do so, you will need to provide us with your email address to which the Newsletter will be sent.
By subscribing to the Newsletter, you consent to processing of your email address. We will not use these personal data for any other purpose than circulating the Newsletter.
You may unsubscribe at any time by clicking the following link: https://lisk.us12.list-manage.com/unsubscribe?u=201693389b5cea4883858163e&id=14c69eecc3.
In order to circulate Lisk Newsletter, we use the services provided by Mailchimp with which we will share your email address.
Your personal data will be processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity, since Lightcurve helps us to provide content for and manage the Newsletter.
e. Lisk Mainnet
Lisk Mainnet is a decentralized network that consists of many different servers (or nodes) and which follows the Lisk protocol. It is where the true Lisk economy exists. Within this network Lisk users can transfer LSK tokens from one account to another, register accounts as delegates, vote for other delegates or register dApps. It was launched in May 2016.
Node operators are required to set up Lisk Core on a server, and then connect it to the desired network. Lisk Core is the program that actually implements the Lisk protocol. In order to run a node which will participate in the network Lisk Core must be installed. Furthermore, this also applies to every additional machine that is required to run a node.
If you decide to create an account or run a node at Lisk Mainnet, the following personal data will be collected from you and processed by the network as well as by every other node participating in it:
- Address of your Lisk account;
- Your public key;
- LSK balance of your Lisk account;
Processing of the abovementioned personal data is indispensable for Lisk Mainnet to operate and for every node to participate in this decentralized blockchain network; the applicable legal basis is the performance of the contract under GDPR Art.6.1(b) (Terms and Conditions).
In addition to the above, your following personal data may also be processed (see paragraphs below for more information in that regards):
- Delegate’s username;
- Votes casted on delegates;
- Transactional data (message);
Delegate’s username. Lisk’s consensus algorithm works as a Delegated Proof-of-Stake. Accounts registered as delegates store extra information related to block forging in this property, such as e.g. the delegate’s username.
Votes casted on delegates. In Lisk’s Delegated Proof-of-Stake, users can vote for accounts that are registered as delegate accounts. Votes issued by a user are stored in their account as a list of tuples, each with the voted-delegate address and the amount of voted tokens (in beddows).
Transactional data (message). Balance transfer transactions offer the possibility to send a message in the optional property data. Should the data included in the message constitute personal data, it will be saved on the blockchain permanently.
CAUTION! In general, blockchains are designed to be immutable. Any information stored on the blockchain at Lisk Mainnet will remain there forever. Thus, maximum caution should be exercised when storing any personal data on the blockchain at Lisk Mainnet both in a form of a plain text as well as pseudonymised.
All types of personal data mentioned above are stored on the blockchain at Lisk Mainnet which has to be downloaded and regularly updated by every node participating in the network. Thus, personal data stored on the blockchain is processed by every node participating in Lisk Mainnet.
It is therefore impossible to designate one data controller which determines the purposes and means of the processing of personal data within Lisk Mainnet. We have no means of controlling Lisk Mainnet which operates as a decentralized network. Furthermore, there are no means by which we could interfere with the already validated transactions or information stored on the blockchain at Lisk Mainnet. For this reason, when deciding to participate in Lisk Mainnet, you need to take into account that some of your rights concerning your personal data may be significantly limited or even impossible to execute.
We want you to know that your right to privacy is important to us. At Lisk Foundation we try to do whatever possible within the existing legal framework to protect your personal data.
There are ongoing discussions on how data protection regulations should apply to a processing of personal data which takes place on blockchains. Nevertheless, so far there has not been any official guidance released which addresses the issue of data controllership or the exercising of data subjects’ rights in blockchain architectures.
f. Lisk Testnet
Lisk Testnet is an independent replica of the Lisk Mainnet, whose main function is to test the new versions of Lisk Core before they are deployed on the Lisk Mainnet. Subsequently, this is where new/updated versions and fixes of the Lisk Core are tested.
When you decide to connect to Lisk Testnet, the same types of your personal data will be processed in the same manner as if you connected to Lisk Mainnet. Therefore, the same limitations apply and the same precautionary measures applicable to storing personal data on blockchain should be taken.
To start using the Testnet, you need to first get your free LSK Testnet from the Testnet Faucet.
g. Lisk Betanet
The Betanet is the place where the most recent releases of Lisk Core are tested, before moving to Testnet and Mainnet.
When you decide to connect to Lisk Betanet, the same types of your personal data will be processed in the same manner as if you connected to Lisk Mainnet. In general, the same limitations shall apply and the same precautionary measures should be taken as well. Here, however, to some extent we are able to interfere with the content of the blockchain and amend the data stored on it.
To start using the Betanet, you need to get your free Betanet LSK from the Betanet Faucet.
h. Lisk Desktop
Lisk Desktop is an all-in-one solution to manage your Lisk account, access & send tokens, and vote for delegates, among other functions. It combines the functionalities of a cryptocurrency wallet and a network dashboard.
In order to function properly, Lisk Desktop collects and processes following types of your personal data which are stored in log files:
- Client IP address;
- URL (path only);
- User-agent header.
Such log files are stored at our servers operated for us by Lightcurve. Processing of these data is necessary for the provision of the services for which Lisk Desktop is designed for; the applicable legal basis is the performance of the contract under GDPR Art.6.1(b) (Terms and Conditions).
As long as you connect to Lisk Mainnet, Lisk Testnet and Lisk Betanet, it will be us, to process the above mentioned data. In case you decide to connect to any other network, Lisk will not have access to any data you share when you use Lisk Desktop.
Please take note that when you use Lisk Desktop for the first time, you must login first to enable the option to be able to use other servers/networks which are not Lisk Mainnet or Lisk Testnet. Therefore before you change the server/network, you will be connected to our Lisk Core public API servers by default.
You can also help us to improve Lisk Desktop by allowing us to gather your usage data for analytical purposes. Such data will be collected fully anonymously and will be used solely for analytical purposes. We will collect your data only upon your explicit consent, which can be withdrawn anytime in the Settings menu of Lisk Desktop. When collecting and processing such data we use the open-source analytics platform Matomo (www.matomo.org). The collected data is not shared with any third-party service provider but is analyzed by ourselves.
Your personal data will be processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity, since Lightcurve helps us to manage and develop Lisk Desktop as well as it which operates our API servers.
i. Lisk Mobile
Lisk Mobile is a mobile wallet app offering a limited feature-set, available on iPhone and Android devices. Consensus algorithm features such as registering a delegate and voting for delegates are currently limited to Lisk Desktop
In order to function properly, Lisk Mobile collects and processes following types of your personal data and stores them in log files:
- Client IP address;
- URL (path only);
- User-agent header.
Such log files are stored at our servers operated for us by Lightcurve. Your personal data will be therefore processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity, since Lightcurve also helps us to manage and develop Lisk Mobile. Processing of these data is necessary for the provision of the services for which Lisk Mobile is designed for; the applicable legal basis is the performance of the contract under GDPR Art.6.1(b) (Terms and Conditions).
j. Lisk Explorer
Lisk Explorer is a blockchain explorer for Lisk Mainnet, Lisk Testnet and Lisk Betanet. It allows users to browse all transactions, forged blocks, delegates and other network data. Lisk Explorer is possible to be entered under the following domains:
- for Lisk Mainnet https://explorer.lisk.com/;
- for Lisk Testnet https://testnet-explorer.lisk.com/;
- for Lisk Betanet https://betanet-explorer.lisk.com/.
When using Lisk Explorer we will process personal data collected from you on Lisk Mainnet, Lisk Testnet and Lisk Benanet. To see the particular categories of the personal data, see respective sections of the Policy above (Lisk Mainnet, Lisk Testnet and Lisk Benanet).
As with any other websites, when you enter Lisk Explorer, certain personal data is being collected from you (see Website above for the types of personal data being collected). These information are necessary for connecting to servers where Lisk Explorer is hosted and for browsing the website; the applicable legal basis is the performance of the contract under GDPR Art.6.1(b) (terms and conditions of using the website). No additional personal data is being collected from you.
Your personal data will be processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity, since Lightcurve helps us to manage and host Lisk Explorer.
In order to determine a geolocation of every node of a particular network (Lisk Mainnet, Lisk Testnet, Lisk Betanet) we share its IP address with a third-party service provider Maxmind (https://www.maxmind.com/en/home). Maxmind provides us with as accurate geolocation data as possible which is then displayed at Lisk Explorer’s Network Monitor (Home/Network Monitor). The data is processed as long as a node is connected to the network.
k. Lisk Commander
Lisk Commander is a command line interface tool designed to be a low-level entry point, and also the most convenient tool for developers who are looking for an efficient way of coding. Lisk Commander allows communication from the command line with a remote or local node in order to access and utilise Lisk-related functionalities. Lisk Commander requires Node.js as the underlying engine for code execution.
When you decide to use Lisk Commander for communication with a node connected to Lisk Mainnet, Lisk Testnet, Lisk Betanet, following personal data will be collected from you and stored in the log files:
- Client IP address;
- URL (path only);
- User-agent header.
The abovementioned personal data is necessary for running the service provided by Lisk Commander and is being processed only for this purpose; the applicable legal basis is the performance of the contract under GDPR Art.6.1(b) (Terms and Conditions). It will be us to process the above mentioned personal data.
Your personal data will be processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity, since Lightcurve helps us to develop and manage Lisk Commander.
l. Lisk Service;
Lisk Service is a web application that allows interaction with various blockchain networks based on Lisk and Bitcoin protocols.
The main focus of Lisk Service is to provide data to the UI clients such as Lisk Desktop and Lisk Mobile. Lisk Service makes it possible to access all blockchain live data in a similar way to the regular Lisk SDK API, and in addition provides users with much more details and endpoints, such as geolocation and various statistics about network usage.
Once connected to Lisk Mainnet, Lisk Service will process the following data:
- Client IP address;
- URL (path only);
- User-agent header;
- Address of your Lisk account;
- Your public keys (Lisk);
- Current LSK balance of your Lisk account;
- Volume of transactions (Lisk);
- History of LSK account balance;
- Delegate’s username (if you are a delegate);
- Votes casted on delegates;
- Transactional data (Lisk).
If you hold a Bitcoin wallet in Lisk Desktop or Lisk Mobile, Lisk Service will process also:
- Bitcoin ID;
- Your Bitcoin address;
- Bitcoin balance of your account;
- Transactional data (Bitcoin);
Processing of the above mentioned data is necessary for the provision of the services for which Lisk Service is designed for; the applicable legal basis is the performance of the contract under GDPR Art.6.1(b) (Terms and Conditions).
In addition, we process nodes’ geolocation data in order to determine the regional spread of nodes participating in the network. We firmly believe that in decentralized networks based on trust such as Lisk information like that are especially important. This also allows us to monitor for potential dangers associated with disturbing the balance in regional representation of nodes participating in the network. We share the nodes’ IP addresses with a third-party service provider Maxmind (https://www.maxmind.com/en/home). Maxmind provides us with as accurate geolocation data as possible. The data is processed as long as a node is connected to the network.
All data processed by Lisk Service apart from Client IP address, URL (path only), User-agent header, delegate’s username and geolocation data, is derived from the information stored on publicly available blockchains of Lisk Mainnet and Bitcoin. The other data is stored by us only for the time necessary for safely running the services provided by Lisk Service.
Servers of Lisk Service for Lisk Mainnet are managed and operated by Lightcurve. Your personal data will be therefore processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity, since Lightcurve also helps us to manage and develop Lisk Service. Processing of these data is necessary for the provision of the services for which Lisk Mobile is designed for.
m. Lisk Faucet
Lisk Faucet is an online service which allows you to obtain free LSK tokens for Lisk Testnet and Lisk Betanet. It is available to be accessed under the following domains:
- for Lisk Testnet: https://testnet-faucet.lisk.com/;
- for Lisk Betanet: https://betanet-faucet.lisk.com.
As with any other website, Lisk Faucet websites collect certain information automatically and store it in log files (for more information see section: “Website”).
Your personal data will be processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity, since Lightcurve helps us to host and manage Lisk Faucet.
n. Lisk Programs
Lisk runs two programs which are open for anybody to apply to:
- Lisk Grant Program (https://lisk.com/builders-program);
- Lisk Bug Bounty Program (https://lisk.com/bug-bounty-program);
In order to participate in both programs, one needs to file a submission (an application for Lisk Grant Program; report a bug for Lisk Bug Bounty Program); the applicable legal basis is the performance of the contract or in order to take steps prior to entering into a contract under GDPR Art.6.1(b) (Terms and Conditions). For the purpose of reviewing the submission we will process the applicant’s:
- email address, and
- discord username.
Since both programs provide for potential monetary grants/bounties, we need to verify the identity of the recipients (KYC) beforehand in accordance with the applicable anti-money laundering as well as combating the financing of terrorism regulations (AML & CFT). In order to do that, we will ask for the following KYC information confirmed by a scan/photo of a valid passport or an ID:
- name and surname;
- date of birth,
- residential address,
Finally, we will ask for a Lisk wallet address to which the grant/bounty shall be transferred.
We will store the aforementioned personal data in a secure manner for the period required by the applicable regulations in the area of AML & CFT. The personal data will be processed also by our main contractor Lightcurve which helps us to manage Lisk Programs and process the submissions. Lightcurve will then act as a data processor.
o. Lisk Events
Lisk organizes different types of events, both online and offline. In order to participate in some of the Lisk Events, you may be required to register beforehand and provide us with following personal data:
- Your name;
- Your email address;
- Your discord username;
The abovementioned personal data will be used only for the purpose of communicating with you in regards to that particular event you registered for and for verifying your identity when you join the event; the applicable legal basis is our legitimate interests under GDPR Art.6.1(f).
In addition to that, you may also be asked to provide your consent to reproducing your physical likeness for marketing purposes (in case the event will be filmed or photographed). In case you decide to refuse to grant such consent, this shall not harm your right to participate in any particular Lisk Event. All your personal data obtained in that form will be processed solely for the purpose you consented for.
Your personal data will be processed also by our main contractor Lightcurve. Lisk and Lightcurve act as Joint-controllers in regards to this processing activity, since Lightcurve helps us to organize and run Lisk Events.
2. Personal data we get from third parties
In exceptional cases, we may obtain your personal data from third parties. We will process it only if it was obtained in compliance with the applicable data protection regulation. Should the third party acquired it based on consent, the consent should’ve included the possibility to transmit the data to other recipients.
Whenever we will process personal data obtained from third parties, this Policy shall apply.
When and how we share your data
Depending on the processing activity, we may share your personal data with our third-party service providers working on our behalf. Every third party with which we will share your personal data comes from a jurisdiction which guarantees an adequate level of protection to the one provided for in the GDPR. What is more, before we share any personal data of our users with third parties, we conclude appropriate data processing agreements with the recipients that guarantee security of the data and the rights of the data subjects.
Other third-party service providers
We may also share your personal data with other third party service providers. When doing so, we make sure that your personal data is processed and transferred, if necessary, in accordance with the applicable data protection regulations (e.g. the GDPR and the Swiss Data Protection Act).
The following categories of third-party providers are used to enable the work of our website:
- Cloud storage providers,
- Web hosting providers;
- Email notification provider;
- CRM Software provider,
- Internal content management systems (CMS);
- Internal collaboration tools;
Should you wish to know more about the third party service providers with whom we share your personal data as well as to know the actual categories of the personal data, feel free to reach out to us at email@example.com.
Where do we store your data
The information that we collect from you will be transferred to, and stored at/processed within the European Economic Area (EEA), Switzerland, the United Kingdom, the United States and in other countries where our third party service providers are located. We will take all steps reasonably necessary to ensure that your personal data is treated securely, with a level of protection adequate to GDPR and in accordance with this policy. We have provided further details below regarding the steps taken to ensure adequacy of the processing of your personal data.
White Listed Countries:
Switzerland was found to have an adequate level of protection for personal data under European Commission Decision 2000/518/EC of 26 July 2000.
After Brexit, a transition period started allowing the United Kingdom time to negotiate a new relationship with the EU in regards to transfers of personal data and adequate levels of protection. During the transition period the existing rules on GDPR will continue to apply in the United Kingdom. This period runs until 31st December 2020.
Consequences of invalidation of Privacy Shield:
CAUTION! Taking into account the Court of Justice of the European Union’s decision in “Schrems II” C-311/18 in which the CJEU declared the EU-US Privacy Shield invalid, we undertake to ascertain the adequate level of protection of your personal data by entering into Model Clauses (described below) with our third-party service providers located in the US.
If we are transferring data to a third party located outside of the EEA who is not in a White Listed Country, we will enter into the European Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses pursuant to Decision 2010/87/EU - SCCs) with the relevant data importer. Prior to entering into SCCs we assess, on a case-by-case basis, as outlined in the CJEU decision in Schrems II case, whether an adequate level of data protection, comparably to the level of data protection within the EU is given in the country where the data will be transferred to. If the appropriate level of protection is not given, additional protection provisions and measures will be contractually agreed and/or implemented by us to ensure the protection of personal data.
How long do we store your data
We aim to always store your personal data for the minimal period of time thus for the time we actually need it. Exact retention periods are always specified in those sections of this Policy, which refer to particular processing activities.
We may, however, keep your personal data for a longer period of time. We will do that only in order to meet legal requirements imposed on us by the applicable laws and regulations (e.g.. AML & CFT for Lisk Programs).
We regularly review our information and erase or anonymise personal data when we no longer need it.
The security of your personal data
Unfortunately, the transmission of information via the Internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted through the Website, Lisk Products or over email; any transmission is at your own risk.
Nevertheless, once we have received your information, we will take appropriate technical and organisational measures to safeguard your personal data against loss, theft and unauthorised use, access or modification.
We will, from time to time, host links to and from the websites of our affiliates or third parties. If you follow a link to any of these websites, these websites will have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to those websites.
In certain circumstances you have rights in relation to the personal data we hold about you. We set out below an outline of those rights and how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights.
To exercise any of your rights, please send your request by an email to: firstname.lastname@example.org.
Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.
CAUTION! Please also bear in mind that we are not data controller in regards to any personal data stored on blockchains at Lisk Mainnet and Lisk Testnet. Therefore we will not be able to satisfy your requests if you decide to exercise your rights.
You have the right to know whether we process personal data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
You have the right to require us to correct any personal data held about you that is inaccurate and have incomplete data completed.
You may request that we erase the personal data we hold about you in the following circumstances:
- where you believe it is no longer necessary for us to hold the personal data,
- we are processing it on the basis of your consent and you wish to withdraw your consent,
- we are processing your data on the basis of our legitimate interest and you object to such processing,
- you no longer wish us to use your data to send you marketing or you believe we are unlawfully processing your data.
Please provide us with as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
Restriction of Processing to Storage Only:
You have a right to require us to stop processing the personal data we hold about you other than for storage purposes in the following circumstances:
- you believe the personal data is not accurate for the period it takes for us to verify whether the data is accurate,
- we wish to erase the personal data as the processing we are doing is unlawful but you want us to simply restrict the use of that data;
- we no longer need the personal data for the purposes of the processing but you require us to retain the data for the establishment,
- exercise or defence of legal claims; and
- you have objected to us processing personal data we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal data whilst we determine whether there is an overriding interest in us retaining such personal data.
You have the right to object at any time to our prospective processing of data about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.
Withdrawal of Consent:
Where you have provided your consent to us processing your personal data, you can withdraw your consent at any time.
Newsletter. You may unsubscribe at any time by clicking the following link:
Cookies: If you no longer want cookies to be stored on your device, you can withdraw your consent at any time (see Cookie Notice & Settings) and by adjusting your browser settings, so that your browser refuses all cookies or the cookies from third parties. You can also delete the cookies that have already been placed on your device.
The European Interactive Digital Advertising Alliance website Your Online Choices allows you to install opt-out cookies across different advertising networks.
Lisk Desktop. In case you consented on sharing your usage data for analytical purposes at Lisk Desktop, you can always change it by withdrawing your consent. You can do that directly in the Lisk Desktop application by simply entering the Settings/Privacy and changing your preferences.
Where you have provided information directly to us, you have the right to receive a copy of these data and require us to transfer it to a third party. This right, however, only applies to information you provided to us. Thus, not to information we collected about you.
Objection to Marketing:
At any time you have the right to object to our processing of data about you in order to send you marketing including where we build profiles for such purposes and we will stop processing the data for that purpose.
Complain to the authority:
At any time you have the right to lodge a complaint against the competent supervisory authority.
Lisk is established in Switzerland which is not a part of the EEA. Thus, there is no lead supervisory authority over processing activities described in this Policy. Therefore, you are free to contact any data protection authority which is competent for the place of your residence or for the place where you think we have infringed your rights within the EEA. Contact details for data protection authorities in the EEA are available here.
Nevertheless, for any processing activity where joint-controllership between Lisk and Lightcurve occurs, you can lodge a complaint against the Berlin Commissioner for Data Protection (Berliner Beauftragte für Datenschutz und Informationsfreiheit).
In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at email@example.com and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the EEA country in which you live or work or where you think we have infringed data protection laws.