Bitfly Privacy Policy

DATA PROTECTION DECLARATION


V1.4 – 11.AUG 2023

Data Protection Declaration of bitfly GmbH, Wiedner Gürtel 9, 1110 Vienna, Austria ("bitfly";"We")
concerning the websites beaconcha.in & gnosischa.in and all available subdomains.
Thank you for your interest in the services of bitfly. The protection of your privacy and thus the
protection of your (personal) data is Our highest priority. The following declaration is intended to
provide you with comprehensive information on (i) what data We collect, (ii) how We deal with it,
and (iii) what rights you have. At the same time, We therewith fulfil Our duties imposed by the
(Austrian) Data Protection Act 2000 and other statutory data protection regulations. This Data
Protection Declaration applies to the use of Our website beaconcha.in & gnosischa.in ("Websites").
Data protection laws are generally relevant in case any processing of personal data is concerned. The
terms used within the scope of this data protection declaration are defined in and by the General Data
Protection Regulation of the European Union. As such, the wide definition of "processing" of personal
data means any operation or set of operations performed on personal data, such as, but not excluded
to, recording, organization, storage, alteration, and transmission of personal data. Any information
allowing Us or third parties to potentially identify you in person can be considered personal data. This
terminology may also apply to IP addresses as long as they allow e.g. Internet Service Providers such
identification.


1. Processing of Data
By accessing Our Website the external IP address of your computer as well as http specific
information will be stored and logged for statistical, verification and organizational purposes
(Art 6 para 1 lit f GDPR, legitimate interests of bitfly: technical website review and market
research). Our services are designed to be used without indication of any additional personal
data. IP addresses are stored for a period of 1 year, after which the data shall be deleted
unless a longer time period is necessary for compliance with legal obligations.
Users may, however, sign up to our service and as such indicate their email addresses
voluntarily to get notifications in case of any potential technical problems. Such notifications
are sent automatically. At any point in time can the user delete their account over our
interface.
In case you need any support regarding Our services, you may also submit support tickets.
Therefore, you need to indicate your full name as well as your email address by sending an
email to support@beaconcha.in or support@gnosischa.in.


2. Rights of the Data Subject
A central aspect of data protection regulations is the implementation of adequate opportunities
to allow for the disposition of personal data, even after the processing of said personal data
has occurred. For this purpose, a series of rights of the data subject are set in place.

bitfly shall comply with your corresponding requests to exercise your rights without undue
delay and in any event within one month of receipt of the request. To ensure the exercise of
your rights, we maintain a dedicated Email contact address at privacy@bitfly.at where all
requests should be addressed to. Specifically, the following rights are entailed:

a) Right to information and access to personal data: should you exercise your right to
information, We shall provide you with all relevant information regarding the processing
of your personal data by bitfly, permitted to the extent of the law. As We are processing
very little personal data in order to provide Our services, We may not be able to identify
your person by any means. Thus, We may only be able to provide information by requesting
additional data to verify your status. This may apply to the other rights of the data subject
as well.

b) Right to rectification: with this right you may request the rectification of inaccurate or
incomplete personal data (e.g. email addresses).

c) Right to erasure: We are obliged to delete personal data (name, email address) upon your
request as you may withdraw your consent at any time.

d) Right to restriction of processing: restriction may be requested (i) for a verification period if
the accuracy of the data is contested, (ii) if the processing is unlawful.

e) Right to lodge a complaint with a supervisory authority.


3. Data Security
bitfly will protect processed data adequately against unauthorized access (of third parties) in
accordance with the provisions of the legal framework of Austria as well as the European Union.
We will only process data which are essential to provide Our services. Measures are taken with
regard to (i) the quantity of data collected, (ii) the extent of data processing, (iii) the storage
time as well as (iv) the accessibility of data. Data will not be used or stored by other means
than set out in this Data Protection Declaration and are made accessible only to a restricted
and necessary number of persons. All employees of bitfly have been informed about applicable
data protection provisions as well as data security measures and are bound to Our privacy
practices. Our web presence and other systems are adequately protected bya variety of
security mechanisms. We do not transfer any personal data to third parties without prior explicit
consent of the data subject.


4. Cookies
Cookies are small key-value text files that are stored by the users browser. These are used by Bitfly
to provide a more user-friendly and secure service. Cookies allow Bitfly to provide the user with more
functionality, and helps us communicate securely with the browser.
Cookies do not contain any personal information. The user has the option to refuse cookies at any
time by selecting the appropriate option in the browser settings. However, it should be noted that the
deactivation of cookies may reduce the services that we can offer and reduce user experience.
What different types of cookies are there?
To better understand why cookies are so important, we provide a brief overview of what types of
cookies exist:

● Cookies, which are absolutely necessary
help with the basic navigation on a website and the display of certain functions. Without this
type of cookie, the core functionality and security of a website is not available. No consent is
required for this type of cookie.

● Function and analysis cookies
are used primarily for learning and analysis purposes to improve the comfort and experience
of the website. This may also include the additional use of cookies from third parties such as
Google Analytics.

● Advertising and social media cookies
support the use of information collected on the website for the best possible user comfort and
also for additional marketing purposes. As a result, this type of cookie is also called a
"targeting cookie". The second type of cookie, which falls into this category, is suitable for
performance purposes as it makes use more enjoyable in general and improves marketing
messages. Finally, there are ways to share content with a community, such as blog posts, or
interact between a website and a social media channel. These cookies are called "interaction
cookies".

What cookies do we use?
Necessary Cookies: We use cookies to store settings made by the user, and to protect users from
malicious actors. To display the correct currency we use a cookie named currency. We set a
session cookie to authenticate users named auth. To prevent CSRF attacks we use a _gorilla_csrf
cookie that stores a token sent with any POST request.

Functional Cookies: We use functional cookies to improve our service over time. For statistics we
use google analytics and cloudflare that sets cookies such as _gid, _ga and _cfduid to
anonymously identify user behaviour.

Marketing: To understand user conversion we use google analytics cookies such as
_gat_gtag_UA_*. Further, we set cookies when users interact with our advertisements. The OAID
cookie is set by our revive server to measure our advertisement ratios. We do not share our
marketing data directly with third parties, only aggregated reports and ratios are shared.

5. Third Party Providers
The following section describes the third party software used by our website.


5.1 Google Analytics
This websites also uses Google Analytics, a web analysis service provided by Google Inc.
("Google"). Google Inc. is an enterprise of the holding company Alphabet Inc., domiciled in the
USA. The information generated by the cookie about your use of the websites (including your
IP address) will be transmitted to and stored by Google on servers in the United States. Google
will use this information for the purpose of evaluating your use of the website, compiling
reports on websites activity and providing other services relating to websitesactivity and
internet usage. Google may also transfer this information to third parties if this is required by
law or if third parties process this data on behalf of Google.
Generally, before the data is transmitted to the provider, the IP address will be abbreviated by
activating IP anonymization (anonymizeIP) on this website, within the member states ofthe
European Union or in other contracting states of the agreement on the European Economic
Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA
and abbreviated there. In these cases, we provide contractual guarantees to ensure that
Google Inc. maintains a sufficient level of data protection. According to Google Inc., under no
circumstances will the IP address be associated with any other user-related data. More
information about the web analytics service used is available at the websites of Google

Analytics: https://www.google.ch/policies/privacy/partners
We may receive the following information of Google Analytics:
● Navigation path
● Length of stay on the website
● Returning or new user
● End device
We do not use the information and personal data collected by Google Analytics to identify
individuals unless we become aware of specific indications of illegal use.

5.2 Payment Processing (Stripe)
When you make a purchase, any credit card information you provide as part of your Payment
Information is collected and processed directly by our payment processor Stripe through their
Stripe Checkout service. We at no time receive or store your full credit card information.
Stripe commits to complying with the Payment Card Industry Data Security Standard
(PCI-DSS) and using industry standard security. Stripe may use your Payment Information in
accordance with their own Privacy Policy here: https://stripe.com/checkout/legal.

5.3 Google Recaptcha
To protect our services from botsbitfly uses the reCAPTCHA service of Google Inc. (Google).
The IP address transmitted by your browser within the scope of reCaptcha and the data
required for this are transmitted to Google. The data protection regulations of google apply in
this case. http://www.google.com/policies/privacy/.

6. Links to websites of third parties
As far as the Websites contains external links, we hereby indicate that these third-party
websites are not subject to the influence and control of bitfly. We disclaim all liability for losses
or obligations related to the use of these third-party websites. We are not responsible for the
contents, availability, correctness, or accuracy of these websites, nor for their offerings, links,
or advertisements.

7. Contact Details Regarding Data Protection Issues
In case you have any questions concerning bitfly's Data Protection Declaration or if you would like
to exercise your right of information, rectification or deletion, please send us a written request outlining

your desire to:
bitfly gmbh
Wiedner Gürtel 9
1110 Vienna
Austria
E-mail: privacy@bitfly.at