From 07bf37bcf5ff27a876bd0dfc0b81ddaf2126444f Mon Sep 17 00:00:00 2001 From: amir houieh Date: Thu, 19 Jan 2023 13:53:17 +0100 Subject: [PATCH] Create privacy-policy.md --- privacy-policy.md | 232 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 232 insertions(+) create mode 100644 privacy-policy.md diff --git a/privacy-policy.md b/privacy-policy.md new file mode 100644 index 00000000..036d2204 --- /dev/null +++ b/privacy-policy.md @@ -0,0 +1,232 @@ +**Waku's website Privacy Policy** + +The goal of Waku is widespread adoption of the decentralized web. Our +challenge is achieving mass adoption while staying true to our +principles, which include privacy and transparency. + +We believe privacy is the power to selectively reveal oneself to the +world. For us, it’s essential to protect privacy in communications. + +Guided by our principles, Waku is designed to be a tool that allows you +to protect your privacy and to process as little personal data as +possible for the network to thrive. + +In this Privacy Policy, we explain how Waku strives to only request data +that’s useful and required, not to hold that data longer than necessary, +and to give you as much control as possible over your data. + +**1** + +**Who we are** + +Whenever “Waku” or “we” is used in this Privacy Policy, we’re referring +to Status Research & Development GmbH, a Swiss company. Our contact +information can be found on our website and at the end of this Privacy +Policy. + +**2** + +**Our role in your privacy** + +Waku is the communication layer for Web3. Decentralized communication +that scales. Private, secure, and it runs anywhere. Waku is being used +by (i) Waku Connect: The communication layer for Ethereum. A tech stack +enabling decentralized communication between DApps and people; (ii) +Status: Status is a secure messaging app, crypto wallet, and Web3 +browser built with state of the art technology; and (iii) WalletConnect: +WalletConnect v2 is using Waku v2 for decentralized messaging +infrastructure. + +If you decide to run a node or implement Waku, or submitting any +questions or comments through e-mail or on our social networks, or just +visiting our website, this Privacy Policy applies to you. + +When Waku collects and processes personal data for our own purposes +(which we don’t do often), such as Community support or to process your +input and/or feedback left on our (social media) pages, Waku acts as the +‘data controller’ of information. This means we determine how and why +your data are processed. + +This means we process these data strictly on your behalf, and we will +never process the data for our own purposes. + +Personal data means all information by which a person can be directly or +indirectly identified, in line with the definitions of the General Data +Protection Regulation (GDPR), the Swiss Federal Act on Data Protection +of June 19, 1992 (DPA) and its ordinances, and other relevant +legislation on the protection of personal data. When we refer to privacy +legislation in this Privacy Policy, we mean GDPR and all such relevant +legislation. + +**3** + +**How and why we use your data** + +Under relevant privacy legislation, Waku can only use your data for +certain reasons and where we have a legal basis to do so. Beyond the +law, it’s our policy to store and process only those data that are +essential for community support and to respond to your input on our +social media pages and if necessary. Waku won’t process or store any +data that we don’t need, and in such case, we only store personal data +for the least amount of time needed for these purposes. + +Here are the reasons why we process your data: + +- Ethereum is a public blockchain + +Ethereum is the community-run technology powering the cryptocurrency +ether (ETH) and thousands of decentralized applications (DApps). Waku is +the communication layer for Web3. Decentralized communication that +scales. Private, secure, and it runs anywhere. + +The Ethereum public network is accessible to anyone in the world with an +internet connection. Anyone can read or create transactions on a public +blockchain and validate the transactions being executed. Therefore, +information you share on the Ethereum blockchain is public. + +Please be aware that when sharing information on the ETH network it is +stored publicly and immutably. + +- When you you decide to run a node or implement Waku, you are the + sole owner and possessor of your private keys and therefore + responsible for their storage or loss. This means that Waku doesn’t + know which keys belong to you and doesn’t process any personal data + in this respect. + +This means, that your private keys are stored by you in the way you +decide, and Waku has no access to such private keys and doesn’t process +any personal data in this respect. + +- Data processed through external (social media) pages: +| Personal Data | Purpose(s) | Legal basis | Stored | +|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------| +| - Information you make publicwhen you leave a comment orotherwise post something onour external (social media) pages- For example, Waku has pages onthe following (social media) platforms:Facebook, Twitter, Instagram, YouTube,Reddit, GitHub, Discuss and Discord. | We may use these data to:- Contact you via our (social media) pages- Process your input and/or feedbackleft on our (social media) pagesWe will explicitly not gatherany more information about youor link your social media accountto your chat name, ENS name, or IP-address. | Legitimate Interest:- Necessary to get in touch with you regarding your message- Process your input, respond to feedbackOur external (social media) pages are also controlled bythe platform itself.Please check the social media privacy policies,to see how each platform handles your personal data. | As long as your messageis available on the pages concerned,in accordance with the page’s privacy policy,or until you delete the message. | + +- Community support + +Waku is an open-source project made by people all over the world. We +have many ways to stay in touch, including via email and social media +platforms. + +Data processed when you contact us: + +| Personal Data | Purpose(s) | Legal basis | Stored | +|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------| +| - Your chat name or ENS name andall (personal) data you share with usin your message on social media platforms.- Your email address when you send us an emailPlease note: as a rule, your chat nameis generated by you or on your own devices.Your chat name will only beKnown by us if you decide to contact us. | We use these data to:Contact you about your messageProvide you information and/or support. | Consent and Legitimate Interest :- Necessary to contact you aboutyour message to provide youthe support you requested- You give your consentto being contacted by reaching out to us. | As long as needed to resolve your concern. | + + + +**4** + +**How we work with third party processors** + +Waku won’t share your personal data with third parties. + +However, Waku may engage (sub) processors that we trust to carry out the +processing of personal data on our behalf. We only provide personal data +to (sub) processors when necessary for them to execute the services they +provide to us. We’ve established contractual agreements with all our +(sub) processors ensuring that they may only process the personal data +collected and processed by us within the scope of the contractual +agreement and under no circumstances for other purposes. + +As Data Controller: Waku may use (sub) processors to assist us in our +services provided as data controller. Our use of processors is under +contractual agreement and in accordance with privacy legislation. + +As Data Processor: Waku may also use sub-processors to assist us in our +services. Our use of sub-processors is under contractual agreement and +in accordance with privacy legislation. + +**5** + +**Exporting data outside the European Union** + +Waku may transmit personal data to parties outside the European Union, +if one of our (sub) processors is established outside the European +Union. Personal data will only be processed in countries or by parties +that provide an adequate level of protection in accordance with European +standards. The transmission of data outside the European Union will +always happen in conformity with privacy legislation. + +**6** + +**We’re serious about data security** + +Waku protects the personal data we process from unauthorized and +unlawful access, change, disclosure, use, and destruction. For example, +we take the following technical and organizational security: + +We encrypt many of our services using SSL and other security measures. + +We review our information collection, storage, and processing practices +and handbooks, from time to time, to guard our systems against +unauthorized access. + +We restrict access to personal data to our contributors and all other +parties we work with on a need-to-know basis, subject to strict +contractual confidentiality obligations. + +We perform periodic internal security audits. + +**7** + +**A quick bite on cookies** + +Cookies are necessary for the technical operation of our website. When +we have to use cookies, we choose cookies that don’t hold any +user-specific information and are essential for the operation of the +website. + +**8** + +**This Privacy Policy might change** + +We might modify or replace any part of this Privacy Policy. Please check +our website periodically for any changes. The new Privacy Policy will be +effective immediately upon posting to our website. + +Your choices and rights + +As explained throughout this Privacy Policy, Waku collects very little +information about our users. As a result, it might be difficult to +verify whether a request regarding privacy rights has actually been +submitted by the person concerned. + +As laid out in relevant privacy legislation, you have the right to: + +- Ask us to correct or update your personal data (where possible); + +- Ask us to remove your personal data from our systems; + +- Ask us for a copy of your Data processed, which may also be + transferred to another data controller at your request; + +- Withdraw your consent to process your personal data (only if consent + was asked for a processing activity), which only affects processing + activities that are based on your consent and doesn’t affect the + validity of such processing activities before you have withdrawn + your consent; + +- Object to the processing of your personal data; + +- File a complaint with the Federal Data Protection and Information + Commissioner (FDPIC), if you believe that your personal data has + been processed unlawfully. + +Status Research & Development GmbH + +> Baarerstrasse 10 +> +> 6302 Zug +> +> Switzerland + +You can message us directly in any of our social media platforms. Keep +in mind, any information shared in the public channels or as a comment +or post in any of our social networks won’t be private. When personal +data is shared in this way, it will not be protected by Waku or covered +by this Privacy Policy. To contact us privately, please email us at +legal@status.im. + +This document is: Waku\_PP\_June2022.