Privacy Policy

General information

Golem Stiftung (opens new window), a Swiss Stiftung, located at Grafenauweg 8, 6300 Zug, Switzerland (the “Foundation”, “we”, or “us”), is the operator of any Website published by the Foundation, including, but not limited to, golem.foundation, octant.app and octant.build (the “Websites”).

As the operator of the Websites, we take the protection of your personal data very seriously. We collect, process, and use your personal data in accordance with this privacy policy and in compliance with the Swiss Federal Act on Data Protection (“FADP”), the Swiss Ordinance to the Federal Act on Data Protection (“OFADP”), and the General European Data Protection Regulation (“GDPR”). However, the application of these laws depends on each individual case.

This privacy policy (“Privacy Policy”) provides you with information about the collection, processing, and use of your personal data when using the Websites, the conditions under which we disclose personal data to others and the measures we take to keep it secure. In addition, we may inform you about the processing of your personal data separately, for example in consent forms, terms and conditions, additional privacy policies, forms, and other notices. We use the word “data” here interchangeably with “personal data”.

If you provide information to us about you or any person other than yourself, you must ensure that the personal data is accurate and that these other people understand how their personal data will be used, that they have given their permission for you to disclose it to us and for you to allow us, and our service providers, to use it.

Responsible Person

The responsible person for processing your personal data under this Privacy Policy (“Controller”) unless we tell you otherwise in an individual case is: Golem Stiftung, Grafenauweg 8, 6300 Zug, Switzerland.

For any matters, relating to data protection you may contact by e-mail at [email protected] or letter to the address above.

Data processing

Website

When you visit our Websites, we collect personal data that is necessary for the functionality and security of our Websites. This is, if required, our legitimate interest in the processing of data in the sense of Art. 6 Par. 1 lit. f GDPR.

The personal data collected may include: IP address; information about the operating system of your end device; cookies; referrer URL; amount of data transferred; date, region, and time of the server request; websites accessed or from which access is made; browser type and version; name of your Internet provider; protocols; etc.

Contact possibility via the Websites

You may contact us by e-mail to the following e-mail address: [email protected]. We use the data you provide, such as contact details, content of communication and place and time of communication, which you may give voluntarily, only in order to answer your contact question or to reply to your e-mail in the best possible manner. This is, if required, our legitimate interest in the processing of data.

Registration for our newsletter

The receipt of our newsletter requires registration. For this you must provide your e-mail address. By registering, you give us your consent to process the given data in order to periodically send the newsletter to the e-mail address you have given. This is, if required, our legitimate interest in the processing of data. All information gathered this way will never be passed on or sold to any third party.

At the end of each newsletter a link is provided by means of which you can unsubscribe at any time. After unsubscribing your personal data will be deleted.

Marketing and innovation

We process your personal data for marketing and business activities in relation to Octant, in particular to further develop Octant, our Websites, and other platforms on which we operate. You can object to such marketing activities or withdraw your consent at any time (see below). This is, if required, our legitimate interest in the processing of data.

Safety or security reasons

We process your personal data to protect our IT and other infrastructure. For example, we process data for monitoring, analysis and testing of our networks and IT infrastructures including access controls. This is, if required, our legitimate interest in the processing of data.

Compliance with law and legal procedures

We process your personal data to comply with legal requirements and we might have to request further information from you to comply with such requirements or as otherwise required by law and legal authorities. Furthermore, we may process your data for the enforcement of legal claims and for the defense in legal disputes and official proceedings. This is, if required, our legitimate interest in the processing of data.

Risk management, corporate governance and business development We process your personal data as part of our risk management and corporate government in order to protect us from criminal or abusive activity. As part of our business development, we might sell businesses, parts of businesses or companies to others or acquire them from others or enter into partnerships and this might result in the exchange and processing of personal data based on your consent, if necessary. This is, if required, our legitimate interest in the processing of data.

Third-Party Offerings

Our Websites may contain third-party offerings. Please note that when you use such link, your personal data such as IP address, personal browser settings, etc., are transmitted to these third parties. We have no control over, do not review and cannot be responsible for these third-party websites or their content.

Please be aware that the terms of this Privacy Policy do not apply to these third-party websites or their content, or to any collection of your personal data after you click on links to such third-party websites. We encourage you to read the privacy policies of every website you visit. Any links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.

Third-Party Platforms

We operate accounts on third-party platforms (Discord, Twitter/X, Figma, Farcaster). If you communicate with us via our accounts or otherwise interact with our accounts on these third-party platforms, your personal data will also be processed according to the privacy policies of the respective platform. Please find further information on the purpose and scope of data collection and processing by the third-party providers in their respective privacy policies.

Cookies

The octant.app website uses two third-party, non-tracking cookies set for every visitor. One is set by Cloudflare and the other by WalletConnect, both of which help protect the website against bots (opens new window). Additionally, users who have enabled the "Show help videos" setting will receive four cross-site cookies from Vimeo, where our video explainers are hosted. We have applied the Do Not Track parameter to the video player. The cookies set by Vimeo are also used exclusively for bot prevention, and no user is identified or tracked across the web (opens new window).

Matomo Analytics

The Websites may use Matomo, an open source web analytics platform ("Matomo Analytics"). We may receive the following information because of Matomo Analytics:

• Behavioral Analytics

  • How much time are users spending on each page / feature (e.g. where are users spending the most time
  • Where are the users exiting the app? (drop off point)
  • Which journeys/paths through the app are most/least utilized
  • Heat Maps
  • Time Per view
  • Button clicks (e.g. which buttons are being clicked the most)
  • Which pages/features are not being used

• User Journey Analytics

  • Conversion rate across individual Websites
  • Conversion/Entry from various social channels and campaigns
  • Visitors Per Day/Week/Month

• Content Analytics

  • Which links and campaigns users are most effectively converting from

We may use this technical data to analyze your use of the Websites by compiling reports on Website activity for the understanding and/or optimizing of our Websites and/or for internal statistical purposes. We do not use the information and personal data collected by Matomo to identify individuals unless we become aware of specific indications of illegal use.

Any processing of this technical personal data helps us to identify what is working and what is not on our Websites and how we may improve our Websites. Without any personal data thus received, we may not be able to provide you the service we are currently offering to you. Your data will be used only to improve the user experience on our Websites and help you find the information you are looking for. This is, if required, our legitimate interest in the processing of data.

You may set your Internet browser to disable the tracking of you as a user (the 'Do not track' signal). If we receive this signal, we will not collect any data, and the analytics tool will ignore your visits to our Websites. You may use the links below to find out how to set the 'Do not track' signal in your browser: Mozilla Firefox (opens new window), Google Chrome (opens new window), Opera (opens new window), Safari (opens new window).

Wallet addresses and on-chain data

Some of the use of the Websites involves interactions with the underlying blockchain smart contracts with your crypto wallet. By nature of blockchain technologies, your wallet address and transaction data and history, are permanently recorded and publicly available on the blockchain. This data generally cannot be altered or erased by any party once it is published. If maintaining complete privacy is a concern, blockchain transactions may not fully protect such rights due to the inherent properties of the technology. We may use the on-chain data, including wallet addresses, for the purpose of providing and maintaining the functionality of our Websites. This is, if required, our legitimate interest in the processing of data. You hereby release and indemnify us of any liability associated with personal data that you transferred to the blockchain.

Legal basis for data processing

Where we asked for your consent (e.g. for receiving newsletters), we process your data based on such consent. Where we did not ask for your consent and where required under applicable law, we process your data on other legal grounds, such as - a contractual obligation - a legal obligation - a vital interest of the data subject or of another natural person - to perform a public task - our legitimate interest.

Other parties who have access to information we collect

With the exception of the provider(s) of our Websites, we do not make your personal data available to third parties unless you have expressly consented to it, if we are legally obligated to, or if this is necessary to enforce our rights concerning a contractual relationship.

Personal data collected via the Websites may be passed on to and/or accessed by the service providers (e.g. IT provider, advertising service provider, security companies, telecommunication companies, lawyers), contractual partners, acquirers of business and legal authorities.

International transfer of personal data

The personal data that we collect from you may be transferred to, processed, and stored in, a country outside the European Economic Area (EEA) or Switzerland. In view of the EEA or Switzerland the law in some of those countries may not offer an adequate level of data protection. We only transfer data to these countries when it is necessary for the performance of a contract or for the exercise or defense of legal claims, or if such transfer is based on your explicit consent or subject to safeguards that assure the protection of your data, such as the US-EU Data Privacy Framework, the US-CH Data Privacy Framework and/or the Standard Contractual Clauses approved by the European Commission (SCCs), adjusted according to Swiss law, all of the aforementioned if applicable and required.

Data security

We use appropriate technical and organizational security measures to protect your stored personal data against manipulation, partial or complete loss, and unauthorized access by third parties.

Please note that any data transmission on the Internet (e.g. communication by e-mail) is generally not secure and we accept no liability for data transmitted to us via the Internet. Unfortunately, absolute protection is not technically possible.

Also, we and your personal data can still become victims of cyber-attacks, cybercrime, brute force, hacker attacks and further fraudulent and malicious activity including but not limited to viruses, forgeries, malfunctions, and interruptions which is out of our control and responsibility. We have also put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

This information does not apply to the Websites of third parties and the corresponding links given on our Websites. The Foundation assumes no responsibility and liability for these. Automated individual decision-making, including profiling We might analyse aspects of your individual’s personality, behavior, interest and habits make predictions or decisions about them for the purposes laid out above, e.g. to perform statistical analysis or to prevent misuse and security risks. This analysis identifies correlations between different behaviors and characteristics to create profiles for individuals. We do not use profiling that can produce legal effects concerning you or similarly significantly affect you without human review.
In certain circumstances, automated decision taking might be necessary for reasons of efficiency and consistency. In such cases, we will inform you accordingly and take the measures required by applicable law.

Your Rights regarding your data

To the extent provided for by applicable law, you may request information free of charge about the data processed relating to you, its origin and recipients and the purpose of the data processing. You may also have the right to correction, deletion, restriction, or objection to processing, as well as to the transfer of the data to another controller.

Furthermore, you can revoke your consent at any time with effect for the future. All you need to do is send us an informal email to the above address.

Please note that the foregoing rights are subject to legal restrictions and may interfere with or make impossible the provision of our services.

Retention and storage of data

The Foundation will process and store the personal data of the data subject only for the period necessary to achieve the purposes we collected it for, or as far as this is granted by the applicable laws or regulations. If the storage purpose is not applicable, or if a storage period prescribed by the applicable laws expires, the personal data is securely destroyed in accordance with the legal requirements.

Minors

The use of our Websites by minors is not permitted. The Foundation does not knowingly collect or use any personal data from minors. We reserve the right to prohibit minors from using our Websites and to delete their personal data if we discover that they are using our Websites.

Updates to our Privacy Policy

The Foundation may update this Privacy Policy from time to time. The current version of this Privacy Policy, as published on our Websites, is applicable. With each update to our policies, we will note which sections have been updated.

Please do not hesitate to contact us if you have any questions regarding this Privacy Policy by contacting us at [email protected].

Last updated: November 6, 2024