Page last updated: June 1, 2021
Lido Privacy Notice
This Privacy Notice (the “Privacy Notice”) explains how DeFi handles the personal data of individuals – the“Data Subjects” or the “Data Subject”, or “you”, “your”, in connection with accessing and using the website and any services available at https://lido.fi (together referred to as the “Services”).
DeFi located at: Address: Genesis Building, 5th Floor, Genesis Close, PO Box 446, Cayman Islands, KY1 1106 (the “Company” or“we”, “our”, “us”) is the controller for your personal data within the scope of this Privacy Notice. The Company decides “why” and “how” your personal data is processed in connection with the Services.
Categories of Personal Data Collected, Purposes of and Bases for the Processing
When providing the Services, the Company may process certain personal data for the following purposes:
|Purpose of processing||Personal data||Legal ground (basis)|
|Communicating with you regarding your inquiries, questions or support tickets||Email address, subject of inquiry and its content, attachments and any other information you voluntarily provide to us||Our legitimate interests / contractual obligations|
|Sending email newsletters||Email address||Your consent|
|Analyzing our website visitors’ actions to improve our Services||See section “Cookies and Automatically Collected Data”||Your consent|
We collect your personal data directly from you or from other parties whom you have authorized such collection. We do not process special categories of personal data about you unless you voluntarily provide such data to us.
If you would like to learn more about the definitions used throughout this document such as the “legal grounds”, “legitimate interests” or “, please visit the Information Commissioner’s Office’s website.
Cookies and Automatically Collected Data
The data automatically collected from cookies and web beacons may include information from your web browser (such as browser type and browser language) and details of your visits to our website, including traffic data, location data and logs, page views, length of visit and website navigation paths as well as information about your device and internet connection, including your IP address and how you interact with the Services. We collect this data in order to help us improve our website and the Services.
The information we collect automatically may also include statistical and performance information arising from your use of our Services and website. This type of data will only be used by us in an aggregated and anonymized manner.
You can disable/delete the cookies set by our website - please find the appropriate instructions by following these links on how to implement the deletion in different browsers:
Personal Data of Children
If you are a resident of the US and you are under the age of 13, please do not submit any personal data through the website. If you have reason to believe that a child under the age of 13 has provided personal data to us through the Services, please contact us, and we will endeavour to delete that information from our databases.
If you are a resident of the European Economic Area and you are under the age of 16, please do not submit any personal data through the Services and the website. We do not collect or process Personal Information pertaining to a child, where a child under the GDPR is defined as an individual below the age of 16 years old.
Your Rights With Regard to the Personal Data Processing
In connection with the accessing, browsing of the website and using the Services, you shall be entitled to exercise certain rights laid down by the GDPR and outlined herein below, however exercise of some of those rights may not be possible in relation to the website and Services taking account of the Services’ nature, manner, form and other applicable circumstances. In some cases we may ask you to provide us additional evidence and information confirming your identity.
Right to Access: you may request all personal data being processed about you by sending the right to access request to us.
Right to Rectification: exercise of the given right directly depends on the data category concerned: if it concerns online identifiers obtained by the Company automatically, then their rectification isn’t possible, but such categories of personal data as email address may be rectified by sending us the respective request.
Right to Erasure (Right to be Forgotten): you can send us the request to delete the personal data we are currently processing about you.
Restriction of Processing: you shall be entitled to request restriction of processing from us if you contest the personal data accuracy or object to processing of the personal data for direct marketing.
Objection to Processing: under certain circumstances you may exercise this right with respect to the personal data we process about you.
Right to Data Portability: under certain circumstances you may exercise this right respect to the personal data we process about you. Please be aware the Services may not provide for the technical ability for us to to help you exercise this right.
Consent Withdrawal Right: you shall be entitled to withdraw consent to the processing of the personal data to which you provided your consent. In particular, you can change your cookie choices by using our cookie consent tool built in the website. You can exercise your right to withdraw consent by unsubscribing from our email newsletter.
Automated Decision-Making, Profiling: neither is being carried out by the Company as for now, your consent will be sought before carrying out any such activities.
You shall have the right to lodge a complaint with a competent data protection supervisory authority.
Personal Data Storage Period or Criteria for Such Storage
Your Personal data will be stored till:
In any event, we will not store your personal data for periods longer than it is necessary for the purposes of the processing.
Personal Data Recipients and Transfer of Personal Data
For the purposes of rendering the Services to you and operating the website, the Company may share your personal data with certain categories of recipients and under circumstances mentioned below:
providers, consultants, advisors, vendors and partners acting as data processors (meaning they process your personal data on our behalf and according to your instructions), which may supply hosting services, web analytics services, email marketing and automation services to run and operate the website, maintain, deliver and improve the Services. With all such parties we enter into data processing agreements required to be concluded by the applicable laws between controllers and processors to protect and secure the personal data by using appropriate technical and organizational measures;
only in strict compliance with the applicable provisions, the Company also may share the personal data with governmental authorities upon their decision, receipt of court orders mandating the Company to disclose the personal data. In any such case, the Company will strive to disclose only a portion of the personal data which is definitely required to be disclosed, while continuing to treat the rest of the data in confidence;
with any other third parties, if we have been explicitly requested to do so by you and as long as it doesn’t infringe the applicable laws.
Transfers to third countries, shall be made subject to appropriate safeguards, namely standard contractual clauses adopted by a supervisory authority and approved by the Commission. Copy of the foregoing appropriate safeguards may be obtained by you upon a prior written request sent. We may instruct you on further steps to be taken with a purpose of obtaining such a copy, including your obligation to assume confidentiality commitments in connection with being disclosed the Company’s proprietary and personal information of third parties as well as terms of their relationships with the Company.
Keep in mind that the use of services based on public blockchains intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of personal data, in particular when blockchain data is combined with other data. Because blockchains are decentralized or third-party networks which are not controlled or operated by us, we are not able to erase, modify, or alter personal data from such networks.
Security of Processing
We take information security very seriously. We work hard to protect the personal data you give us from loss, misuse, or unauthorized access. We utilize a variety of safeguards to protect the personal data submitted to us, both during transmission and once it is received.
Contacts and Requests; Changes to the Privacy Notice
Please send all your requests and queries in connection with your rights and freedoms relating to the personal data protection and processing conducted by the Company as part of providing the website and rendering the Services to you to: [email protected].
Changes to the Privacy Notice will be displayed in the form of the updated document published on the website. We also can arrange the updates introduced to the Privacy Notice by archiving the previous versions of the document accessible in the electronic form on the website.