Effective Date: September 4, 2023
In compliance with applicable laws and regulations in Dubai regarding data protection and with a commitment to protect our users in the European Union, DATAVAULT BLOCK TECHNOLOGY (hereinafter, "METARY") also adheres to the provisions of the General Data Protection Regulation (GDPR) of the European Union and Organic Law 3/2018 on Data Protection and Digital Rights Guarantee, concerning users within the European Union.
Identity of the data controller
The company responsible for processing personal data collected through the METARY platform is DATAVAULT BLOCK TECHNOLOGY, a duly constituted and in force company under the laws of Dubai, with a registered address at Dubai Silicon Oasis, DDP, Building A1, Dubai, United Arab Emirates, License number 28891.
Purpose of processing
- Enable users to register on the METARY platform: Personal data provided during registration is necessary for creating a user account and accessing the services offered by METARY.
- Offer personalized services and enhance the user experience: The collected personal data can be used to improve the user experience and customize the services offered on the platform.
- Send promotional emails about the services offered by METARY: With the user's consent, METARY may use the collected personal data to send promotional emails about the services offered.
Types of personal data collected
- First and last name: For account identification and service customization.
- Country of residence: To comply with regulations and determine the services and products available to users based on their country of residence.
- Email address: For account identification and sending platform-related information and services.
- IP address: For fraud prevention, detection, and platform security improvement.
- Registration and platform access information: To enhance the user experience and customize the services offered.
- Date of birth: To comply with regulations and customize services based on the user's age. Also, to ensure that all users are of legal age.
- Sworn statement: METARY may require users to provide a sworn statement to comply with regulations and verify the user's identity and financial information.
Legal Basis for Processing
Consent must be freely given, specific, informed, and unambiguous. This means that the user must be clearly informed about the purposes of processing their personal data, as well as any other relevant information, before giving their consent.
In the event that the user withdraws their consent at any time, METARY will cease processing the user's personal data, provided there is no separate legal basis that justifies it, such as compliance with a legal or contractual obligation.
Recipients of Data
- Web hosting service providers: For storing the collected personal data.
- Web analytics service providers: To enhance the user experience and customize the services offered on the platform.
International Data Transfers
METARY ensures that any transfer of data outside the territory of Dubai will be carried out in accordance with international standards and the data protection laws of the European Union.
In the event of an international data transfer, METARY will inform the user and obtain their prior consent when necessary, in accordance with applicable regulations.
Users who have provided their personal data through the METARY platform have the right to exercise the following rights:
- Access: Obtain information about the personal data that METARY has collected about them and how it is being processed.
- Rectification: Request the correction of inaccurate or incomplete personal data.
- Erasure: Request the deletion of personal data when it is no longer necessary for the purposes for which it was collected.
- Limitation: Request the restriction of the processing of their personal data in certain circumstances.
- Portability: Receive personal data in a structured, commonly used, and machine-readable format and transmit it to another entity.
- Objection: Object to the processing of their personal data in certain circumstances, such as when processing is carried out for direct marketing purposes.
To exercise these rights, users can send an email to email@example.com. METARY will respond to their request within a maximum of one month from the date of receipt.
METARY is committed to retaining the personal data collected for the time necessary to fulfill the purposes for which it was collected. Once this period has ended, the data will be securely and permanently deleted unless there is a legal or contractual obligation that justifies its retention.
METARY has implemented technical and organizational security measures to ensure the protection of personal data, including:
- Use of secure connections (HTTPS).
- Data encryption.
- Implementation of firewalls and intrusion detection systems.
- Regular backups.
- Audits and periodic assessments to ensure compliance with data protection standards.
In the event of a security breach affecting personal data, METARY will notify the affected user and the relevant authorities within a maximum of 72 hours from the time of becoming aware of it.
Tracking Technologies and Cookies
Transparency in Artificial Intelligence Algorithms
METARY uses Artificial Intelligence (AI) algorithms to provide personalized recommendations, optimize service efficiency, and enhance the overall user experience. These algorithms process data anonymously and always in full compliance with current data protection regulations. We are committed to maintaining a high level of transparency in the use of AI and conducting periodic audits to ensure the ethics and impartiality of our algorithms.
METARY refrains from collecting sensitive data, such as financial information, biometric data, sexual orientation, or religious beliefs unless absolutely necessary for the provision of our services. In such cases, explicit user consent will be obtained, and additional security measures will be implemented to protect this data.
Users have the right to withdraw their consent for data processing at any time. Consent withdrawal can be done by sending an email to firstname.lastname@example.org. Please note that the withdrawal of consent will not affect the legality of processing carried out before the withdrawal.
Contact Information for the DPO
For any questions related to data protection, you can contact our Data Protection Officer (DPO) by sending an email to email@example.com.
Impact of Not Providing Data
Failure to provide certain personal data may result in the inability to access some of our services or a less personalized user experience.
Handling of Minors
Our platform is not designed for individuals under the age of 18. We do not knowingly collect information from minors and take measures to delete such information if brought to our attention.
Additional Rights by Jurisdiction
You may have additional data protection rights based on your local jurisdiction. We commit to complying with all applicable laws and regulations.
Dispute Resolution Mechanisms
For data privacy-related disputes, we offer a dispute resolution mechanism through an impartial third party, in addition to the option to file a complaint with relevant data protection authorities.
Our blockchain-based platform has unique features that may have privacy implications, such as the irreversibility of transactions and a level of transparency that may differ from conventional platforms. It is crucial for users to understand these particularities before interacting with our platform.
Information about Third Parties
We use third-party services for various functions, such as data analysis and web hosting. These third parties are subject to their own privacy policies, and while we strive to partner with entities that respect privacy, we are not responsible for their practices.
Actions in Case of Data Breach
In the unlikely event of a data security breach, we commit to informing affected users and relevant regulatory authorities within 72 hours of becoming aware of the breach, in accordance with applicable laws and regulations.
Users have the right to withdraw their consent for data processing at any time. Consent withdrawal can be done by sending an email to firstname.lastname@example.org or through a specific user interface on our platform, if available. Please note that the withdrawal of consent will not affect the legality of processing conducted before the withdrawal.
Revisions and Updates