Last Update: January 17th, 2023

Please, read the following information.
Complying with privacy law is particularly dear to us.
“Processing of Personal Data”, in plain words, means any operation concerning any information relating to an identified or identifiable natural person. For example, first and last name, or an email address with a “user name” that identifies You (e.g. johndoe@….) is considered “Personal Data”, and the actions of collection, registration with us and use of Your Personal Data to send You a communication are considered “Processing” operations; same applies to communication of Data to other organisations and storage.

Our organisation is defined as the “Data Controller”, meaning that We are the entity that establishes how and for what purposes information relating to natural persons are processed.

You, as an individual whose Personal Data We process, are referred to as “Data Subject” and are entitled to receive the following information about who We are, what Personal Data We process, why, how and for how long We process it, and what obligations and rights You have in this regard.

If You are a natural person or a sole proprietorship, You are the Data Subject; if You are a private or public organisation (e.g. a corporation, association, public body), the Data Subjects are the natural persons who administer the organisation itself or who operate under its authority (e.g. its employees); information strictly related to the organisation (e.g. tax code number or VAT number) is not considered Personal Data.

When You decide to subscribe and use the Services, we collect and/or we require You to provide us with Data, necessary to permit You to use our Services. Definitions of terms and expressions used within this Privacy Policy are contained in the Glossary. For anything not expressly defined therein, please refer to the definitions set forth in our General Terms and Conditions as available on the Site from time to time (“GTCs”); in the event of any conflict between definitions, for the purposes of this Privacy Policy, the definitions in the Glossary (at the bottom of the page) shall prevail over those contained in the GTCs.

PLEASE NOTE THAT the GTCs may sometimes mention certain services that are not yet available on our Platform. Our Privacy Policy for the time being in force never deals with Personal Data processing that arises from the provision of services that are not yet available because precisely such processing does not take place yet. When the services will actually be available and the processing methods finalised, you will be promptly informed about the update to our policy.

Who are we (“Data Controller”)?
Public Pressure Ltd., a company duly existing and incorporated under the laws of Ireland, with registered office in 3rd Floor, Ulysses House, Foley Street, Dublin 1, Ireland, D01 W2T2 registered at the Registrar of Companies of Dublin with Number 701750, VAT no. IE-3929949FH.
What categories of Personal Data do we process?
Personal data that you provide through the registration page, your personal profile page, payout information, at the minimum extent needed to fulfil each of the Purposes shown below.
In order to allow You to use our Platform, we also process Browsing Data. For further information on the processing of Browsing Data You can consult the general Privacy Policy of our website.
In addition, remember that in order to enable NFT-related transactions on the Marketplace, the Platform uses a public blockchain. As a result, the website (the “Site”) collects and publicly displays information relating to the ownership transfer history of each of the NFTs transacted on the Marketplace, including information on which Wallets have owned/own a given NFT. If you do not wish to make this information (and in particular the movements on Your Wallets) publicly available, we recommend that You do not transact NFTs on the Site. You can learn more about the blockchain in use on the Site at the following link: https://moonbeam.network/
Why do we process Personal Data (Purpose) and what is the basis for the Processing (Legal Basis) of each category of Data?
n. Purpose Categories of Personal Data Legal basis
1 Provide the Services and perform all the activities related and subsequent, including the possibility of registering your own profile, publishing Artistic Content, transacting NFT on the marketplace, in accordance with the GTCs. Common Personal Data (Name, Last name, email address, phone, date of birth, gender, Display name, Username, Country, wallet address, bank details, your Artistic Content, profile information, and any optional information added by you, (description of your activity, link to your website address and link to your social media profiles) The necessity to perform the contract (art. 6 § 1.b of the GDPR and the UK GDPR)
2 Ensure the security of the Platform and your account Usage data (log data, IP address) Our legitimate interest in keeping our systems secure
3 Compliance with obligations under Applicable Law and/or orders issued by Authorities. Common Personal Data The performance of the contract (art. 6 § 1.b of the GDPR and the UK GDPR) or the need to comply with legal obligations (art. 6 § 1.c of the GDPR and the UK GDPR).
4 Establish, exercise and/or defend legal claims. Common Personal Data Our legitimate interest in exercising or defending our rights (art. 6 § 1.f of the GDPR and the UK GDPR).
To whom do we communicate the Data (Categories of Recipients)?
To the minimum extent necessary to achieve each of the Purposes, to:
  1. persons/entities who provide us with services and process data on our behalf as Data Processors (e.g. software and hardware providers, email service providers, other IT service providers, accountants, other consultants, etc.);
  2. our personnel committed to confidentiality or subject to a legal obligation to confidentiality;
  3. public or private entities to whom we are required to communicate the data in accordance with the law;
  4. to the blockchain used by the Platform, and therefore, indirectly, to decentralised nodes managing such a blockchain, for the sole purpose of enabling NFT-related transactions.
Do we transfer Personal Data outside the European Economic Area?
Some of our IT service providers are based in countries that may not have equivalent privacy and data protection laws to the country in which You reside.
We ensure that when we transfer information of users in the EEA, the UK or Switzerland to third countries the transfer will take place only in presence of an adequacy decision or on the basis of the Standard Contractual Clauses (SCCs) which have been approved by the European Commission and other appropriate measures to safeguard the transfer. We invite the Visitor/ User to contact us for further information about the transferral of Personal Data outside the European Economic Area, the UK and Switzerland.
How long do we retain the Data?
The maximum extent of storage time is related to the provisions of the Applicable Law which allow us to (or obliged us to) retain the Data to protect our rights or until You exercise your right to object to the processing (if and to the extent that it is applicable).
Usage data is processed for a maximum of six months.
Please note that the information relating to your NFTs transactions on the Platform will be permanently and immutably recorded on the blockchain used by the Site and will therefore always be viewable through the Site; this being due to immutability, decentralised management, public nature, and transparency policies of the blockchain that we have chosen for the benefit of the Site and its users, which will never allow us to delete such information. In other words, if you decide to transact NFTs on the Marketplace, you are consciously deciding to waive some of your confidentiality in the name of transparency, security and public proof of transactions. You can learn more about the blockchain in use on the Site at the following link: https://moonbeam.network/
Are You obliged to provide us with Personal Data?
Of course You are not obliged to benefit from our Services, but if You intend to do it, then You will have to provide us with the Personal Data we need.
What happens if You refuse to communicate your Data?
If You refuse to provide us with your Data for the contractual purpose, we will not be able to provide you with the Services.
Refusal to provide data for the other purposes is not possible.
What rights do You have as a “Data Subject”?
You, as the person to whom the data refer (“Data Subject”) have the right to:
  1. access the data held by the Controller, and to ask for a copy, unless the exercise of the right violates the rights and freedoms of other natural persons;
  2. request the rectification of incomplete or inaccurate data;
  3. request the erasure of the data, subject to the exclusions or limitations established by the Applicable Law;
  4. request the restriction of processing, if the conditions are met and subject to the exclusions established by the Applicable Law request
  5. data portability (i.e. commonly used and machine-readable format, so that they can be transmitted to another Data Controller without hindrance), to the extent that the processing is based on consent or on the need to perform a contract, where technically possible and except where the exercise of the right infringes the rights and freedoms of other natural persons;
  6. lodge a complaint with the Data Protection Authority of your country, or of the place where the alleged violation occurred.
Right to withdraw the consent
Remember that You can withdraw the consent given at any time, but the withdrawal will not affect the lawfulness of the data processing carried out in the period prior to such revocation.

Right to object
  1. You may object to the processing of data based on:
    the legitimate interest of the Controller, and specifically for the purpose of direct marketing upon simple request, initially (by writing to the e-mail address below) or subsequently in each communication;
  2. the legitimate interest of the Data Controller, at any time for reasons related to your particular situation (e.g. harm to your honour, reputation, decorum), unless the Data Controller demonstrates a compelling and overriding legitimate interest, and unless the processing is necessary for the establishment, exercise or defence of a legal claim.
Please note that, as already mentioned above, the Site uses a fully decentralised public blockchain to enable NFT transactions and therefore the information relating to your NFTs transactions on the Marketplace will be permanently and immutably recorded on the blockchain used by the Site and will therefore always be viewable through the Site.​​ At the present state of the art, there is no technical possibility for us to intervene on the blockchain (which is not managed by us, nor by one of our providers, but managed in a decentralised manner by multiple nodes scattered around the world and operating among themselves as peers) and to erase or modify such Data. Therefore, sometimes we might be unable to completely fulfil some of your requests pertaining to the Processing of your Personal Data (e.g. if you send us a request for complete erasure of your data, we will be able to erase your user profile, but we will not be able to erase from the transfer history of the NFTs you have owned or do own your Wallet address and other Data of yours related to the purchase of such NFTs. In other words, if you decide to transact NFTs on the Site you are consciously deciding to partially waive to some of the above-referred rights in the name of transparency, security and public proof of transactions. You can learn more about the blockchain in use on the Site at the following link: https://moonbeam.network/
Who can You contact for questions or to exercise your rights?
You may contact the Data Controller for questions concerning the processing of your Personal Data by sending an email to legal@publicpressure.io

PLEASE NOTE THAT:

  1. This Privacy Policy is in force from the date indicated in the header; we reserve the right to modify its content, in part or in full, even following changes to the Privacy Policy; we will proceed to the Publication of the updated version of the Privacy Policy on the Site and from that moment it will be binding: You are therefore invited to visit this section regularly.
  2. We do not intentionally collect personal information from individuals under the age of sixteen. In the event that information about children is recorded, we will delete it in a timely manner, at the request of the person concerned or of those exercising authority over them.

GLOSSARY

Agreement”: any agreement entered into by a Data Subject with our company.

Applicable Law”: any provision of laws and regulations, applicable to the processing of personal data through the Site.

“Browsing Data”: are the data that the computer systems and software procedures used to operate the Site acquire, during their normal operation, and whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Data Subjects, but given their very nature, this information could, through processing and association with data by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the Site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc..) and other parameters relating to the operating system and computer environment of the user. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and is deleted immediately after processing.

Contact Form”: means any online form provided by us through the Site, composed of one or more pages, through which the Visitor can send information or make requests.

Cookies“: short fragments of text (letters and/or numbers) that allow the web server to store information on the browser to be reused during the same visit to the Site (session cookies) or afterwards, even after days (persistent cookies). Cookies are stored, according to the user’s preferences, by the individual browser on the specific device used (computer, tablet, smartphone). The following categories are considered:

  • Technical cookies: these cookies are essential for the correct functioning of the Site and are used for the sole purpose of transmitting a communication over an electronic communication network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or User to provide such service.
  • Analytical cookies: these cookies are used to anonymously collect and analyse the Site’s traffic and usage. These cookies, while not identifying the user, allow, for example, to detect if the same user logs in again at different times. They also make it possible to monitor the system and improve its performance and usability. The deactivation of such cookies can be performed without any loss of functionality.
  • Profiling cookies: these cookies are persistent ones used to (anonymously or otherwise) identify your preferences and improve your browsing experience.
  • Third party cookies (analytical and/or profiling): these cookies are generated by organisations not part of the Site, but integrated into parts of the Site page. For example, Google widgets (e.g. Google Maps) or social plugins (Facebook, Twitter, LinkedIn, Google+, etc.).

Data Processor“: “a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller”, as defined in Article 4, sub-paragraph 1, no. 8, of the GDPR and the UK GDPR.

GDPR“: Regulation (EU) 2016/679 “on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)”.

Processing“: “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction”, as defined in Article 4, subparagraph 1, no. 2, of the GDPR.

Recipient“: means “a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not”, as defined in Article 4, sub-paragraph 1, no. 9, of the GDPR.

Restriction of processing“: “the marking of personal data stored with the aim of limiting their processing in the future”, as defined in Article 4, sub-paragraph 1, no. 3, of the GDPR and the UK GDPR.

Supervisory Authority”: the independent public authority in charge of monitoring the application of the privacy law).

UK GDPR“: the Regulation (EU) 2016/679 as transposed in the United Kingdom as a result of Brexit, in accordance with the update to the Data Protection Act 2018, with effect from the 1st Jan 2021.

Visitor“: the natural or legal person who uses a device and navigates, through the Internet, on the public pages of the Site.

Site“: the web pages displayed through publicpressure.io, subdomains included, as well as any other web page provided by Public Pressure that expressly refers to this policy.