Zenrock Foundation Privacy Notice
Last Updated: January 30, 2025
This Privacy Notice applies to the processing of personal information by Zenrock Foundation (“Zenrock
Foundation,” “we,” “us,” or “our”) including on our website available at https://www.zenrockfoundation.io/ and
our other online or offline offerings which link to, or are otherwise subject to, this Privacy Notice (collectively, the
Services”).
1. UPDATES TO THIS PRIVACY NOTICE
2. PERSONAL INFORMATION WE COLLECT
3. HOW WE USE PERSONAL INFORMATION
4. HOW WE DISCLOSE PERSONAL INFORMATION
5. YOUR PRIVACY CHOICES AND RIGHTS
6. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
7. RETENTION OF PERSONAL INFORMATION
8. SUPPLEMENTAL NOTICE FOR EU/UK GDPR
9. CHILDREN’S PERSONAL INFORMATION
10. THIRD-PARTY WEBSITES/APPLICATIONS
11. CONTACT US
1. UPDATES TO THIS PRIVACY NOTICE
We may update this Privacy Notice from time to time in our sole discretion. If we do, we’ll let you know by posting
the updated Privacy Notice on our website, and/or we may also send other communications.
2. PERSONAL INFORMATION WE COLLECT
We collect personal information that you provide to us, personal information we collect automatically when you
use the Services, and personal information from third-party sources, as described below.
A. Personal Information You Provide to Us Directly
We may collect personal information that you provide to us.
Wallet Information. In order to use the Services, you will need to connect your Digital Wallet. Note that
your interactions with third-party wallet services are subject to each wallet provider’s respective privacy
policy, not this Privacy Policy.
Your Communications with Us. We, and our service providers, may collect the information you
communicate to us, such as through email or our “Contact Us” page.
Surveys. We may contact you to participate in surveys. If you decide to participate, we may collect
personal information from you in connection with the survey.
Interactive Features. We and others who use our Services may collect personal information that you
submit or make available through our interactive features (e.g., Workspaces, digital newsletter, messaging
features, commenting functionalities, forums, blogs, and social media pages). Any information you
42640/00350/FW/20147880.3
provide using the public sharing features of the Services will be considered “public.
Sweepstakes or Contests. We may collect personal information you provide for any sweepstakes or
contests that we offer. In some jurisdictions, we are required to publicly share information of sweepstakes
and contest winners.
Conferences, Trade Shows, and Other Events. We may collect personal information from individuals when
we attend or host conferences, trade shows, and other events.
Business Development and Strategic Partnerships. We may collect personal information from individuals
and third parties to assess and pursue potential business opportunities.
Job Applications. If you apply for a job with us, we will collect any personal information you provide in
connection with your application, such as your contact information and CV.
B. Personal Information Collected Automatically
We may collect personal information automatically when you use the Services.
Device Information. We may collect personal information about your device, such as your Internet
protocol (IP) address, user settings, cookie identifiers, other unique identifiers, browser or device
information, Internet service provider, and location information (including, as applicable, approximate
location derived from IP address and precise geo-location information).
Usage Information. We may collect personal information about your use of the Services, such as the pages
that you visit, items that you search for, the types of content you interact with, information about the links
you click, the frequency and duration of your activities, and other information about how you use the
Services.
C. Personal Information Collected from Third Parties
We may collect personal information about you from third parties. For example, if you access the Services using a
Third-Party Service (defined below), we may collect personal information about you from that Third-Party Service
that you have made available via your privacy settings. In addition, users of the Services may upload or otherwise
provide personal information about others.
3. HOW WE USE PERSONAL INFORMATION
We use personal information for a variety of business purposes, including to provide the Services, for
administrative purposes, and to provide you with marketing materials, as described below.
A. Provide the Services
We use personal information to fulfill our contract with you and provide the Services, such as:
Managing your information;
Providing access to certain areas, functionalities, and features of the Services;
Answering requests for support;
Communicating with you;
Sharing personal information with third parties as needed to provide the Services;
[Processing your financial information and other payment methods for products and Services purchased];
Processing applications if you apply for a job we post on our Services; and
Allowing you to register for events.
2
DOCID
B. Administrative Purposes
We use personal information for various administrative purposes, such as:
Pursuing our legitimate interests such as direct marketing, research and development (including marketing
research), network and information security, and fraud prevention;
Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and
prosecuting those responsible for that activity;
Carrying out analytics;
Measuring interest and engagement in the Services;
Improving, upgrading, or enhancing the Services;
Developing new products and services;
Creating de-identified and/or aggregated information. If we create or receive de-identified information,
we will not attempt to reidentify such information, unless permitted by, or required to comply with,
applicable laws;
Ensuring internal quality control and safety;
Authenticating and verifying individual identities, including requests to exercise your rights under this
Privacy Notice;
Debugging to identify and repair errors with the Services;
Auditing relating to interactions, transactions, and other compliance activities;
Enforcing our agreements and policies; and
Carrying out activities that are required to comply with our legal obligations.
C. Marketing
We may use personal information to tailor and provide you with marketing and other content. We may provide you
with these materials as permitted by applicable law.
If you have any questions about our marketing practices, you may contact us at any time as set forth in Contact
Us” below.
D. With Your Consent or Direction
We may use personal information for other purposes that are clearly disclosed to you at the time you provide
personal information, with your consent, or as otherwise directed by you.
4. HOW WE DISCLOSE PERSONAL INFORMATION
We disclose personal information to third parties for a variety of business purposes, including to provide the
Services, to protect us or others, or in the event of a major business transaction such as a merger, sale, or asset
transfer, as described below.
A. Disclosures to Provide the Services
We may disclose any of the personal information we collect to the categories of third parties described below.
Disclosures to the Blockchain. Aspects of the Services may be hosted on or interact with the blockchain.
Where you use aspects of the Services that are hosted on or interact with the blockchain, information about
your interactions and/or transactions will be provided to the applicable blockchain network and may be
accessible to third parties due to the nature of the blockchain protocol.
3
DOCID
Service Providers. We may disclose personal information to third-party service providers that assist us with the
provision of the Services. This may include, but is not limited to, service providers that provide us with hosting,
customer service, analytics, marketing services, IT support, and related services. In addition, personal
information and chat communications may be disclosed to service providers that help provide our chat
features.
Other Users You Share or Interact With. The Services may allow Zenrock Foundation users to share personal
information or interact with other users of the Services.
Third-Party Services You Share or Interact With. The Services may link to or allow you to interface, interact,
share information with, direct us to share information with, access and/or use third-party websites,
applications, services, products, and technology (each a “Third-Party Service”).
Any personal information shared with a Third-Party Service will be subject to the Third- Party Service’s privacy
policy. We are not responsible for the processing of personal information by Third-Party Services.
Business Partners. We may share your personal information with business partners to provide you with a
product or service you have requested. We may also share your personal information with business partners
with whom we jointly offer products or services.
Once your personal information is shared with our business partner, it will also be subject to our business
partners privacy policy. We are not responsible for the processing of personal information by our business
partners.
Zenrock Foundation Customers (Authorized Users Only). In cases where you use our Services as an employee,
contractor, or other authorized user of a Zenrock Foundation customer, that customer may access information
associated with your use of the Services including usage data and the contents of the communications and files
associated with your account. Your personal information may also be subject to the Zenrock Foundation
customer’s privacy policy. We are not responsible for the Zenrock Foundation customers processing of your
personal information.
Affiliates. We may share your personal information with our corporate affiliates.
B. Disclosures to Protect Us or Others
We may access, preserve, and disclose any information we store associated with you to external parties if we, in
good faith, believe doing so is required or appropriate to: comply with law enforcement or national security
requests and legal process, such as a court order or subpoena; protect your, our, or others’ rights, property, or
safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution
of suspected or actual illegal activity.
C. Disclosure in the Event of Merger, Sale, or Other Asset Transfers
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, purchase or sale of
assets, transition of service to another provider, or other similar corporate transaction, your personal information
may be disclosed, sold, or transferred as part of such a transaction.
5. YOUR PRIVACY CHOICES AND RIGHTS
Your Privacy Choices. The privacy choices you may have about your personal information are described below.
4
DOCID
Email Communications. If you receive an unwanted email from us, you can use the unsubscribe
functionality found at the bottom of the email to opt out of receiving future emails. Note that you will
continue to receive transaction-related emails. We may also send you certain non-promotional
communications regarding us and the Services, and you will not be able to opt out of those
communications (e.g., communications regarding the Services or updates to this Privacy Notice).
Mobile Devices. We may send you push notifications through our mobile application. You may opt out
from receiving these push notifications by changing the settings on your mobile device. With your
consent, we may also collect precise location-based information via our mobile application. You may opt
out of this collection by changing the settings on your mobile device.
“Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers.
Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web
browsers.
Your Privacy Rights. In accordance with applicable law, you may have the right to:
Confirm Whether We Are Processing Your Personal Information;
Request Access to or Portability of Your Personal Information;
Request Correction of Your Personal Information;
Request Deletion of Your Personal Information;
Request Restriction of or Object to our Processing of Your Personal Information; and
Withdraw Your Consent to our Processing of Your Personal Information. Please note that your
withdrawal will only take effect for future processing, and will not affect the lawfulness of processing
before the withdrawal.
If you would like to exercise any of these rights, please contact us as set forth in Contact Us below. We will
process such requests in accordance with applicable laws.
6. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
All personal information processed by us may be transferred, processed, and stored anywhere in the world,
including, but not limited to, the United States or other countries, which may have data protection laws that are
different from the laws where you live. These countries may or may not have adequate data protection laws as
defined by the data protection authority in your country.
If we transfer personal information from the European Economic Area, Switzerland, and/or the United Kingdom to
a country that does not provide an adequate level of protection under applicable data protection laws, one of the
safeguards we may use to support such transfer is the EU Standard Contractual Clauses.
For more information about the safeguards we use for international transfers of your personal information, please
contact us as set forth below.
7. RETENTION OF PERSONAL INFORMATION
We store the personal information we collect as described in this Privacy Notice for as long as you use the Services,
or as necessary to fulfill the purpose(s) for which it was collected, provide the Services, resolve disputes, establish
5
DOCID
legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with
applicable laws.
To determine the appropriate retention period for personal information, we may consider applicable legal
requirements, the amount, nature, and sensitivity of the personal information, certain risk factors, the purposes for
which we process your personal information, and whether we can achieve those purposes through other means.
8. SUPPLEMENTAL NOTICE FOR EU/UK GDPR
This Supplemental Notice for EU/UK GDPR only applies to our processing of personal information that is subject to
the EU or UK General Data Protection Regulation.
In some cases, providing personal information may be a requirement under applicable law, a contractual
requirement, or a requirement necessary to enter into a contract. If you choose not to provide personal
information in cases where it is required, we will inform you of the consequences at the time of your refusal to
provide the personal information.
Zenrock Foundation’s processing of your personal information may be supported by one or more of the following
lawful bases:
Privacy Notice
Section
Lawful Basis:
Performance of a
Contract (i.e., to
provide the Services
to you)
Lawful Basis:
Legitimate Interest
Lawful Basis:
Consent
Lawful Basis: For
Compliance with
Legal Obligations
Section 3A: Provide
the Services
Section 3B:
Administrative
Purposes
Section 3C:
Marketing
Section 3D: With
Your Consent or
Direction
9. CHILDREN’S PERSONAL INFORMATION
The Services are not directed to children under 18 (or other age as required by local law outside the United States),
and we do not knowingly collect personal information from children.
If you are a parent or guardian and believe your child has uploaded personal information to the Services in
violation of applicable law, you may contact us as described in “Contact Us” below.
10. THIRD-PARTY WEBSITES/APPLICATIONS
The Services may contain links to other websites/applications and other websites/applications may reference or
link to our Services. These third-party services are not controlled by us. We encourage our users to read the privacy
policies of each website and application with which they interact. We do not endorse, screen, or approve, and are
not responsible for, the privacy practices or content of such other websites or applications. Providing personal
information to third-party websites or applications is at your own risk.
6
DOCID
11. CONTACT US
Zenrock Foundation is the controller of the personal information we process under this Privacy Notice.
If you have any questions about our privacy practices or this Privacy Notice, or to exercise your rights as detailed in
this Privacy Notice, please contact us at: privacy@zenrockfoundation.io
7
DOCID