Privacy Policy
Privacy and the protection of your personal data are very important for GRAPHSCAN.IO which has always processed the collection, use, consulting and treatment of the data in strict compliance with the applicable legislation regarding personal data protection. With the application of EU Regulation 2016/679 of the European Parliament and of the Council of of 27 April 2016, also called the General Data Protection Regulation (GDPR), and other legislation applicable to the subject in question, GRAPHSCAN.IO is committed to providing its customers, and others, with detailed information about the use and protection of their personal data, the reasons why it is processed and their rights regarding this processing, among others, in compliance, namely, with the provisions in articles 13 and 14 of the GDPR.
- Data Controller
- Graphscan.io, owner of GRAPHSCAN.IO´s website (hereinafter also referred to as “Website”), is the entity responsible for processing the personal data of Website´s users or others (data controller).
- Website´s users, or others, can contact the data controller, to raise any questions or get clarification regarding personal data protection, by Telegram, to the following Telegram account: https://t.me/graphscan.
- Principles applicable to the protection of your personal data
Graphscan.io processes your personal data in accordance with the general principles laid down in the General Data Protection Regulation (GDPR) and in other legislation applicable to the protection of personal data, namely:
- Principle of lawfulness, fairness and transparency: Graphscan.io guarantees that your personal data is subject to lawful, fair and transparent processing.
- Principle of purpose limitation: Personal data are processed by Graphscan.io for specified, explicit and legitimate purposes, and are not further processed in a manner incompatible with those purposes.
- Data minimisation principle: In the interests of minimal and limited data collection, Graphscan.io only processes data that is strictly necessary, appropriate and relevant to the purposes for which it is processed.
- Principle of accuracy: Graphscan.io undertakes to delete or rectify any personal data that is found to be inaccurate or imprecise as soon as possible.
- Principle of conservation: personal data shall be stored by Graphscan.io for the period of time strictly necessary to fulfil the purposes for which they were collected.
- Principle of integrity and confidentiality: personal data shall be stored by Graphscan.io for the period of time strictly necessary to fulfill the purposes for which they were collected.
- Concepts/definitions
- Personal data: any information that, whatever its medium, directly or indirectly identifies or is likely to identify a natural person, in particular by reference to an identifier, such as a name, an identification number, location data, an electronic identifier, or other specific elements of that natural person's physical, physiological, genetic, mental, economic, cultural or social identity.
- Personal data subject: any natural person to whom the personal data refer. Within the scope of the activities pursued by Graphscan.io, the following are data subjects: the users of Website or other related pages, its clients, employees, service providers and suppliers.
- Processing of personal data: operation or set of operations performed on personal data, by automated or non-automated means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction. In short, the concept of Processing of Personal Data is comprehensive and shall apply to all operations or set of operations carried out by Graphscan.io with reference to your personal data.
- Controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
- Processor: the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
- Third party: the natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
- Supervisory authority: the independent public authority which is established by a Member State pursuant to Article 51 of the General Data Protection Regulation (GDPR).
- Grounds for lawfulness
- Graphscan.io, in accordance with the "lawfulness principle", only processes personal data when there are legitimate grounds for doing so.
- The processing of the personal data of data subjects is essentially carried out on the following grounds:
- Consent: when the data subject has given his/her consent to the processing of his/her personal data, for one or more specific purposes, through a declaration or positive act that expresses a free, specific, informed and explicit expression of will that the data subject authorizes the processing of his or her data.
- Performance of pre-contractual diligence: when the processing is carried out with a view to the performance of steps or procedures preceding the conclusion of a certain contract (pre-contractual diligence).
- Execution/performance of a contract: when the processing of the data is assumed as necessary for the conclusion, performance or development of a contractual instrument to which the holder of the personal data is a party.
- Compliance with a legal obligation: when the processing is necessary to comply with a legal obligation incumbent upon the controller, that is, to comply with a legal imposition to which the controller is bound.
- Pursuit of legitimate interests: where the personal data are processed to pursue the legitimate interests of the controller, particularly marketing, except where the interests or fundamental rights and freedoms of the data subject require protection of the personal data.
- Personal data category
- Graphscan.io, and/or its third party partners, processes personal data of varying nature and sensitivity, depending on how the user interacts on the Website and the purpose underlying the processing of such data.
- Graphscan.io, and/or its third party partners, depending on the purpose, may process different categories of data, such as:
- Identification data (e.g. the user´s telegram first name, last name, username, photo_url and id; the user's discord id; the user's twitter id).
- Address and contact details (e.g. telephone number, e-mail address).
- Device or browser related data (e.g. device information, screen information, browser information, operating system information, IP address).
- GRAPHSCAN.IO´s account information (e.g. access/login information).
- Digital wallet or account information (e.g. digital wallet address).
- Analytical or statistical data.
- Purposes of processing the data
- Website’s users, or others, personal data is processed in pursuit of specific, explicit and legitimate purposes and cannot later be processed in a way that is incompatible with these purposes.
- In order to ensure a minimum and limited collection of data, Graphscan.io only handles data that is strictly necessary, adequate and important for the purposes for which it is handled.
- Graphscan.io, or its third party partners, process personal data for the following purposes (non-exhaustive list):
- Users, accounts, products or services
- To manage access, usage or interaction on Website, i.e. if the user wants to access or use the Website, Graphscan.io needs to handle some data related to him/her to grant them access to various functions, products and Website´s services, as if Graphscan.io did not process the data this would not be possible.
- To facilitate the use of or interaction with the Website.
- To establish and/or verify identity, namely through message or e-mail verification or third-party provider services.
- To carry out Graphscan.io´s regular business activities related to the services.
- Provide the best possible experience to the user.
- Improve the Website and its services.
- To provide statistical data regarding the different blockchain networks, previously selected by the user.
- To provide information, of various kinds, associated with cryptocurrencies or other digital assets, related, inter alia, to their market capitalization (“market cap”), prices, charts and volume of transactions.
- To enable the tracking of accounts or wallets previously selected by the user.
- Customer support. Graphscan.io considers it legitimate to process users' data to respond to requests and/or questions raised regarding Website's products and services or others, namely through social networks or other means or channels of communication such as telegram, twitter, discord, riot.
- To communicate with Website´s users for any other reason and personalise their experience.
- To manage complaints, compliments and incidents.
- Marketing or related activities
- Graphscan.io handles data related with Website´s users to send them written notices, warnings, disclosures and announcements, by email and/or by other electronic communications, in order to advertise or promote a particular Website´s product or service.
- To send invitations to Website´s users, by email and/or by other electronic communications, in order them to participate in Graphscan.io´s events.
- To disseminate external communications.
- To award prizes or other gratuities.
- Users, accounts, products or services
- Graphscan.io, or its third party partners, may process the personal data in the pursuit of other purposes, not listed above. To learn more about the other purposes underlying the processing of personal data carried out by Graphscan.io, or its third party partners, please visit the following web page.
- Personal data recipients
For the purposes mentioned above and in compliance with its legal obligations, Graphscan.io may have to send the user’s, or others, personal data to external parties, namely:
- To entities that assume the quality of processors, to provide the contract enforcement services, information technologies, data storage, auditing, document management and litigation, namely with service providers in the security services, AML\CTF, accounting, information systems, auditing and litigation areas. Graphscan.io shall only use processors who act according to its instructions and as long as they present sufficient guarantees they can undertake the proper technical and organizational measures, so that the processing satisfies, among other things, the security, confidentiality and integrity requirements and these guarantees are formalized in an agreement signed by Graphscan.io and the processors.
- Entities that are considered to be third parties, such as the Tax and Customs Authority, Judicial Entities and Regulators.
- Storage period
- Graphscan.io will retain personal data for the period of time strictly necessary for the performance of the respective purposes or, as the case may be, until the data subject withdraws the consent given or exercises his/her right to object or erasure
- Graphscan.io may be required to retain some of the personal data for a longer period taking into account factors such as:
- Legal obligations, under the laws in force.
- Statute of limitations under applicable laws.
- (possible) litigation.
- Guidelines issued by competent data protection authorities.
- Data Subjects' Rights
Website´s users, or others, data subjects, through the collection and processing of their data, have the following rights:
- The right of access: whenever they request, they can access their personal data, get information about the processing of their data and get a copy of their personal data that is handled.
- The right of rectification: whenever they consider that their personal data is incomplete or inaccurate, they can request its rectification\modification.
- Right of data erasure: notwithstanding any legal obligations that may limit this right, the data subjects can request their data elimination when: the data no longer needs to be processed for the purpose that justified its collection or processing; the data subject withdraws its consent on which the data processing was grounded and there are no other legal grounds for it; they present opposition to the processing of the data and there are no prevailing legal interests, to be assessed on a case by case basis, that justify the processing; when the data has been processed illegally; the personal data has to be deleted to comply with a legal obligation that the data controller is subject to; the data has been collected in the context of the offer of services by the company mentioned in article 8(1) of the General Data Protection Regulation (GDPR).
- Right of limiting the processing: the data subjects can request to limit the processing of their data in the following situations: if the user challenges the accuracy of the data, during a period that allows the controller to check its accuracy; if the processing is illegal and the data subject opposes to their personal data being deleted and requests that its use be limited; if the data processor no longer needs the data to be processed but the data is still necessary for the purposes of declaration, exercise or defense of a right in a legal process; if the user opposes to the processing, until it is seen that the legitimate interests of the data processor prevails over theirs.
- The right of objection: the data subject has the right to oppose to the processing of their data when the processing is based on the legitimate interest of the controller or when the data is processed for other reasons than those for which it was collected, but that is compatible with it. If you oppose to the processing of the data, Graphscan.io shall stop processing your data unless it has legitimate reasons to conduct this processing and these prevail over your interests. You can also oppose the processing of your data at any time for direct marketing purposes.
- Right to portability: if the personal data of the data subjects are in a structured format that is in current use and of automatic reading, and the processing is based on the express consent or by contractual form and if it is done by automatic means, the users have the right to send them to another controller as long as if that is technically possible.
- Right to withdraw your consent: in situations where the processing in question is undertaken based on data subjects´ consent, the data subjects have the right to withdraw the consent they gave at any time. In this case, the controller will stop processing the data in question, unless there are other grounds that justify the processing.
- The right to lodge a complaint with the supervisory authority: the data subjects have the right to lodge a complaint, with the competent supervisory authority of the country where the controller (Graphscan.io) is based, regarding the matters concerning the processing of their personal data.
- Use of Cookies
- Graphscan.io collects cookies namely when the users visit the Website. A cookie is a small text file that is placed on users´ hard drive by a web page to improve performance and the users´ browsing experience, increasing the speed and efficiency of replies while eliminating the need to enter the same information several times.
- In particular, there are two main types of cookies:
- Permanent cookies - which are saved in the browser used on users´ equipment (e.g. PC, mobile and tablet) and that are used whenever users return to the Website. They are normally used to direct the browser according to the users´ interests, allowing the Website to provide a more personal service.
- Session cookies - these are temporary cookies that remain in the users' browser cookie folder until they leave the website. The information these cookies collect is used to analyze web traffic patterns, enabling the Website to identify problems and provide a better browser experience.
- The cookies are used, namely, for the following purposes:
- Strictly necessary cookies - allow the users to browse the website and use the applications as well as letting users access secure areas on the website. Without these cookies, the services the users request cannot be provided.
- Analytical cookies - these are cookies that collect information about the use of the website, allowing to improve the way it works. By way of example, cookies of this nature are likely to reveal which pages are most visited on the website and help to register any difficulties that users experience when navigating and interacting on the website, also having the virtuality to demonstrate whether or not the advertising is effective. This makes it possible to view and analyze overall patterns of website use, rather than the use of a single individual.
- Functional cookies - save the user's preferences regarding its use of the site so they do not need to be configured every time you visit it.
- Third-party cookies (e.g. Cloudflare and Google Analytics) - these measure the success of the applications and the effectiveness of third-party publicity. They can also be used to customize a widget with the user's details.
- Ads cookies - provide direct advertising, depending on each user's interests so as to give ads campaigns taking into account the user's preferences and they also limit the number of times an advert is seen, helping to measure the effectiveness of publicity and the success of the website organization.
- Depending on the users management of cookies on Website and their interaction with it, Graphscan.io uses some information collected by cookies in order to ensure proper functioning on the site, highlighting the appropriate display of content, adjust users´ screen resolution, to improve offers, among others. This information includes, among others, registration data, location data, session length, users´ equipment, users´ browser and user´s IP address. The Website uses, as a rule, session cookies, essentially for the following purposes:
- To enable users to navigate on the Website, use its applications and access secure areas of it;
- To collect analytical or statistical data/information to improve the presentation and navigation of the site and to record and store user´s actions (e.g., transitions, clicks, changes in subscriptions), authorization facts, service usage intervals, and other analytics based on user activity and data made available within the services. Third-party analytics providers (e.g. Cloudflare and Google Analytics) may supplement the aggregated data with demographic data and other information of interest, so that Graphscan.io can better understands the visitors/users of Website.
- When the users browse the Website and then later visit platforms or web pages where there is publicity format (social networks, Google and other partners of these networks), the users may be shown adverts about the Website and/or its services or products. The Website uses the data to reach new potential customers who may be interested in its products or services.
- In principle, cookies do not harm the users´ processor and do not contain viruses. Users can deactivate the use of cookies at any time, in the configuration of their browser or directly on the Website. However, if the users disable certain cookies this may stop some web services from working properly, partially or completely affecting the browsing on the Website.