BlogWhat are NFTs?

COCONFT TECHNOLOGY INC. | PRIVACY POLICY

Last Updated: May 11, 2021

This privacy policy (the “Privacy Policy”) describes how CocoNFT Technology Inc. (“we”, “us”, “our”) collects, uses, shares and stores Personal Data from your (“you,” “your”) use of our website and its features (collectively, the “Services”). Please read this Privacy Policy before using our Services. By using our Services, you consent to the processing of your Personal Data in accordance with this Privacy Policy.

1. Definitions

“Personal Data” means any information relating to an identifiable individual and includes information that, while on its own may not identify an individual, may identify an individual when combined with other information. Some examples of Personal Data include names, addresses, e-mail addresses, phone numbers, photographs and online identifiers.

“Process” or “Processing” means any action that a person can take with respect to Personal Data, including collecting, using, sharing, and altering Personal Data.

2. Why We Collect Personal Data

We may collect Personal Data in order to fulfill the following purposes (the “Purposes”):

(a) to provide our Services to you, including without limitation:

(i) setting up a cryptocurrency wallet;

(ii) sharing your social media posts that you upload to our website (collectively, the “Content”) with third parties in order to attract purchasers for NFT Content (defined below);

(iii) sharing your Content with third parties in order to convert it into an NFT (the “NFT Content”) upon receipt of a purchase order; and

(iv) marketing, promoting and selling the NFT Content on NFT marketplaces and other platforms;

(b) to collect payments in connection with our Services;

(c) to respond to your communications with us;

(d) to contact you about updates to the Services, marketing and promotional offers, and service-related communications;

(e) for internal statistical and operational purposes to better understand how our Services are used;

(f) to improve our Services; and

(g) to carry out any other purpose which is disclosed to you and for which you consent, or as is otherwise permitted by applicable law.

3. What Personal Data We Collect

(a) General. Personal Data that we may collect through your use of the Services and/or any of your communications with us includes, without limitation:

(i) your Content;

(ii) information from your Google Account, Instagram Account and/or other social account that you use to register for the Services;

(iii) information about how you use the Services (e.g., your length of visits to our website, and the time and frequency of your visits to our website), so that we can improve the effectiveness and function of our Services; and

(iv) information about your computer or mobile device, such as your Internet protocol (IP) address, device ID, browser and operating system type, resolution of your screen, language settings in your browser, referring URLs, and other technical information so that we can secure our Services and improve effectiveness and function.

4. How We Collect Personal Data

(a) Collection through Services. We may collect Personal Data from you and any devices that you use when you:

(i) use our Services (e.g., you access our website through your Google Account; you access our website and we automatically collect data on your activity on our website through the use of cookies);

(ii) communicate with us; and

(iii) subscribe to our mailing lists.

(b) Cookies. We may use cookies and similar technologies to track and analyze user activity in order to improve our Services and improve your experience. A cookie is a tiny element of data sent to your browser from a website. The cookie is stored on your hard drive so that your computer or other device may be recognized while you interact with the website.

Most web browsers allow you to modify your settings to notify you when you receive a cookie or to reject cookies entirely. Your computer also provides you with the ability to clear all cookies that have been stored onto your hard drive, should you wish to do so. However, please be aware that you may be unable to access certain parts of the Services if you block or disable our cookies. For more information about cookies, please see: https://www.allaboutcookies.org/.

(c) Web Analytics. We may use web analytics services (e.g., Google Analytics) in order to better understand the user experience on our website, including without limitation:

(i) how you reached our website;

(ii) the website you came from;

(iii) how long you stayed on our website;

(iv) what pages you looked at;

(v) how many pages you looked at;

(vi) what buttons you clicked;

(vii) what browser you are using; and

(viii) what device you are using.

Any use of analytics services by us will result in analytics providers collecting your Personal Data when you access and use our website. These third parties may set and access their own tracking technologies (including cookies and web beacons) and may otherwise collect or have access to your device identifier, site usage information, and related information about you.

If you do not wish to participate in web analytics, you may be able to download an opt-out browser add-on. Your web browser may also allow you to set a “Do Not Track” signal when you use online services. To learn more about “Do Not Track” signals, visit http://www.allaboutdnt.com/. You may also contact us at the “Contact Us” section below regarding any questions about web analytics services that we may use.

(d) Third Party Data. We may also obtain Personal Data from third parties. We protect such personal Data according to the practices described in this Privacy Policy, plus any additional restrictions imposed by the source of the data and applicable laws.

Grounds for Processing Personal Data

(a) General. We will not process your Personal Data without your consent, unless we are permitted or required to do so by applicable law. Your consent may be express or implied. The type of consent we may rely on in processing your Personal Data will vary based on your reasonable expectations, the sensitivity of your Personal Data, and the circumstances surrounding the collection of your Personal Data. Express consent is when you willingly agree (e.g., orally, in writing, or electronic agreement) to the processing of your Personal Data for particular purposes. Implied consent is when: (a) you do not expressly give consent, but you rather volunteer Personal Data for obvious purposes that a reasonable person would consider appropriate in the circumstances; or (b) you are given notice and a reasonable opportunity to opt-out of your Personal Data being processed for specified purposes, and you do not opt-out.

(b) European Union. For individuals to whom the General Data Protection Regulation (“GDPR”) applies, we may process your Personal Data on the following grounds, in addition to any other grounds that may be available pursuant to applicable law:

(i) Consent. Where you have given us consent through a statement or clear affirmative action agreeing to the processing of your Personal Data. For instance, by submitting your Personal Data on a form on our website for a specified purpose.

(ii) Contract. Where processing of Personal Data is necessary to perform a contract to which you are a party with us, or which you have agreed to enter with us.

(iii) Legal Obligation. To comply with a legal obligation to which we are subject.

(iv) Legitimate Interests. Where the processing of Personal Data is based on our legitimate interests, provided that these do not override your own interests and fundamental rights. We have legitimate interests in the following:

(A) to properly operate and deliver our Services to you;

(B) to understand how users engage with our Services;

(C) to improve our Services;

(D) to market our Services; and

(E) to provide customer service, including but not limited to, responding to inquiries and feedback.

(c) Consent. For certainty, by using our Services, you hereby consent to our processing of your Personal Data: (i) for the Purposes set out in this Privacy Policy; and (ii) as otherwise provided in this Privacy Policy.

Disclosure of Personal Data

(a) General. When we disclose your Personal Data to third parties, we take reasonable measures to ensure that these third parties implement appropriate technical and organizational measures in accordance with applicable privacy and data protection laws. We minimize the amount of Personal Data we disclose to what is directly relevant and necessary to accomplish the specified purpose.

(b) Service Providers. We may provide your Personal Data to third party service providers in order to help us achieve the Purposes. For example, we may use third party service providers to help us: (i) create and market your Content and our Services; (ii) create NFT Content; (iii) process payments; (iv) analyze usage of our Services; (v) track the effectiveness of our marketing strategies and communications; (vi) assist with the prevention, detection and investigation of potentially illegal acts and security breaches, and (vii) collect and process error and crash reports, and store data.

(c) Corporate Transactions. We may also disclose or transfer your Personal Data to affiliates or third parties in the event of a proposed reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or equity, subject in each case to customary confidentiality agreements.

(d) Legal Disclosure. We may disclose Personal Data if we reasonably believe disclosure is in accordance with or required by any applicable law. This includes the disclosure of Personal Data where necessary for the establishment, exercise, or defense of legal claims, or as otherwise permitted by applicable law. We will have no liability associated with any such disclosures made in good faith.

(e) International Transfer and Storage. Your Personal Data may be stored and processed in any country where we have facilities or in which we engage third party service providers. By using our Services and otherwise providing us your Personal Data, you consent to the transfer of your Personal Data to countries outside of your country of residence, which may have different data protection rules than in your country. While such information is outside of the Canada, it is subject to the laws of the country in which it is held, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country. If applicable, we will comply with the GDPR requirements providing adequate protection for the transfer of Personal Data from the European Economic Area to third country.

7. Retention of Personal Data

Our data retention periods may vary depending on the country in which you receive Services and applicable law. We will retain your Personal Data only as long as necessary to: (a) fulfill the Purposes; (b) protect our legal rights; and (c) comply with applicable law. We will securely delete or anonymize the Personal Data once it is no longer necessary for us to hold it. We are not responsible for any liability or loss you experience as a result of such disposal of Personal Data.

8. Security of Personal Data

We protect your Personal Data using appropriate technical and organizational measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. However, no method of transmission over the Internet, or other method of storage, is 100% secure. Therefore, we cannot guarantee its absolute security. We encourage you to also take steps to protect Personal Data by, for example, closing all web browsers after using our website.

Rights Relating to Personal Data

(a) General. You have certain rights relating to your Personal Data, subject to applicable law in each instance:

(i) Right to be Informed. To know how your Personal Data is collected, how it is used, and how it is disclosed and stored. This further includes:

(A) Right to Withdraw Consent. To withdraw your consent to the processing of your Personal Data at any time. Please be advised that withdrawing your consent to the processing of Personal Data may impact the provision of Services. For further information on this, please contact our Privacy Officer as provided in the “Contact Us” section below.

(B) Right to Make a Complaint. To make a complaint about the processing of your Personal Data.

(ii) Right to Access. To receive a copy of your Personal Data.

(iii) Right to Rectification. To request correction of your Personal Data.

(b) European Union. If you are an individual to whom the GDPR applies, then you have the following additional rights relating to your Personal Data, subject to applicable law in each instance:

(i) Right to Erasure. To request the deletion of Personal Data when: (A) you believe it is no longer necessary for the purposes collected; (B) you withdraw your consent or object to the processing of your Personal Data; or (C) your Personal Data was unlawfully processed.

(ii) Right to Restriction of Processing. To restrict the processing of Personal Data if you dispute its accuracy or object to its processing.

(iii) Right to Portability. To request that your Personal Data be transferred to another organization.

(vi) Right to Information about Automated Decision Making. To receive information about the basis of any automatic decision making (e.g., algorithms).

(v) Right not to be Subject to Automated Decision Making. To not be subject to decisions based solely on automated processing, unless this is necessary pursuant to a contract between us.

(vi) Right to Object to Processing Activities. To object to the processing of your Personal Data based on our legitimate interests.

If you want to learn more about any rights under the GDPR, you can visit the European Commission’s page on Data Protection athttps://ec.europa.eu/info/law/law-topic/data-protection_en.

Exercising Your Rights.

If you would like to exercise your any of your Personal Data rights, please refer to our “Contact Us” section below. When doing so, please tell us which right you are exercising and provide us with contact information to direct our response. Response procedures may vary depending on the laws applicable to you.

Subject to applicable law: (i) we may verify your identity before fulfilling requests to exercise any rights; and (ii) we may request additional information if we cannot initially verify your identity, or if we require such additional information in order to properly assess your request. Any Personal Data you disclose to us for purposes of verifying your identity and/or exercising your rights will solely be used for the purpose of verification and processing of your request.

Communications with Us

To opt-out of receiving certain communications from us through your use of the Services (the “Communications”), you may either contact us as provided in the “Contact Us” section below, or, if applicable, click “Unsubscribe” if such function is supported in the particular Communication. Please note that certain Communications may be necessary for the proper functioning and use of the Services, and opting out of those Communications may prevent the proper use of the Services.

Personal Data About Other Individuals

Before providing any Personal Data on behalf of another person, you confirm that you have received all necessary authorizations to do so.

Changes to Our Privacy Policy

We may modify or update this Privacy Policy from time to time, so please review it periodically. Unless otherwise indicated, any changes to this Privacy Policy will apply immediately upon posting to our website. Your continued use of the Services after any changes to the Privacy Policy will be conclusively deemed as your acceptance of the Privacy Policy as amended.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise any applicable rights, you may contact our Privacy Officer at privacy@coconft.com.