Privacy Policy
1. Who we are
Cardano Foundation (Cardano Stiftung) is a not for profit organisation based in Zug, Switzerland that is dedicated to act as an objective, supervisory and educational body for the Cardano Protocol and its associated ecosystem. Its registered address is: Cardano Stiftung, Dammstrasse 16, 6300 Zug, Switzerland.
Morgan Travel Limited t/a First Event is a company registered at Ghyll Beck House, Gill Lane, Yeadon, Leeds, West Yorkshire, LS19 7SE (“First Event”). First Event is the organiser of the Cardano Summit 2024 and related events, and is the official seller of tickets for the Event.
2. Scope of this Privacy Policy
This privacy policy (“Policy”) explains and sets out the basis for why and when we collect personal information about the people who visit our website summit.cardano.org and it’s related subdomains, use our related services, use related applications or website applications (including https://voting.summit.cardano.org), and/or interact with us in any other way. It explains and sets out how we use personal data, the conditions under which we may disclose it to others and the measures we take to keep it secure.
If you transmit or disclose data about other persons such as family members, employees, work colleagues, etc., we assume that you are authorized to do so, that this data is correct and that we may process it as described here. By transmitting such data, you confirm this. Please also ensure that these third parties have been informed of this Policy.
We may amend this Policy from time to time so please check it occasionally to ensure that you are aware of any changes.
3. How you can contact us
Please use the provided contact information to report any concerns related to data protection:
FAO: Cardano Stiftung, Rykestraße 26, 10405 Berlin, Germany
4. How we collect information about you
We obtain information about you when you use our website, when you contact us by e-mail, web form, live chat or other means of communication, or if you register to receive one of our newsletters, participate in optional surveys, register to attend an event, register for or use any website applications, or use any other of our services.
You are not obliged to disclose your personal data to us. However, we may need certain information in order to interact with each other. For example, we may not be able to provide certain contractual services or respond to inquiries if we do not receive the necessary information.
We may collect and process the following types of information about you:
1. Information you provide us
You may provide us with personal information by filling in forms on our website(s), registering for or using any website applications, or by corresponding with us by e-mail, web form, live chat, phone, letter or other means of communication. We collect the data exchanged between you and us, including your contact details and the marginal data of the communication. We may also collect information from you when you attend a live event. The personal information you provide may include, in particular, your name, date of birth, profile picture, workplace, job title, email, messages, address, phone number, IP address, stake address or identity (in the case of voting using our website applications), payment and credit card information in the case of purchase transactions, language preference and information regarding the pages you access. We may also give you the option to provide additional information.
When you register an account on any of our services, including website applications, you are responsible for the information you provide to us and ensuring the correctness of this information when you provide it to us.
2. Information we collect about you
When you visit our website(s) we may collect information about your IP address, information about your visit, your browsing activity, and how you use our website(s), including log files, date and time at the time of access, URL, amount of data sent in bytes, source/reference from which you reached the page, browser used, operating system used. This information may be combined with other information you provide.
3. Information we receive from other sources
We may receive information about you if you use any other websites we, or our partners, operate. We also work with third parties (including, contractors, project partners, service providers, analytics providers) and may receive information about you from them. This may be combined with other information you provide to us.
5. How your information is used
We may use personal information about you for the following purposes:
- to process orders and purchase transactions, to create an account on the website or website applications, allow you to use website applications, run events and to register attendees, manage relationships with customers and suppliers and fulfil contractual obligations (Article 6 para 1 letters a and b GDPR if applicable);
- to send you personalised communications which you have requested and that may be of interest to you, which may be based on your activity on our website(s) or the websites of our partners. These may include information, suggestions and recommendations about new offers, campaigns, activities and events (Article 6 para 1 letters a and b GDPR if applicable);
- to understand and measure the effectiveness of how we serve you and others (Article 6 para 1 letters b and f GDPR if applicable);
- to ensure compliance with legal obligations and official orders, including communication with authorities and courts; enforcement of and defence against legal claim (Article 6 para 1 letter f GDPR if applicable).
6. Events
In addition to the types of personal information collected above, we may collect further types of personal information from you when you attend a virtual or live event. If you register for an event, you consent to our processing of your personal data in accordance with this Policy and/or any event-specific terms. Personal data which is collected at our events may include photographs, your name, social media domain, your employer and your contact information. We may also make and store a recording of your voice and likeness in certain instances (e.g. should you also be a presenter at our events). Our events may also enable you to share your personal information with attendees and exhibitors for networking purposes via a mobile application and a scannable QR code, use of these is voluntary. We may share your personal information with third-parties and sponsors for our marketing or business-related purposes, subject to any applicable event terms. By participating in our events, you consent to our collection of your image, likeness and/or voice recording, and use thereof in our marketing materials. Should you wish to withdraw your consent to our collection of your personal data for this purpose, you may do so at any time during a live or virtual event by alerting event organisers and emailing privacy@cardanofoundation.org
7. Cardano Ballot
The Cardano Ballot website application provides a facility for users to generate ballots and submit votes for the Cardano Summit. Voting will be anonymously recorded on the Cardano blockchain. Users may register using a wallet address or Discord account, and they may be authenticated via an SMS one-time pin. We will not store any personal information from your Discord account. Where you provide a phone number to register for our Cardano Ballot website application, this information is encrypted. Any information you provide to us in connection with the Cardano Ballot website application is processed to enable you to access the Cardano Ballot website application and submit votes.
8. Newsletters
The provisions of this Policy also apply to the request for and sending of our newsletter.
The newsletter will only be sent after a prior request by the user in the so-called “double opt-in procedure” (request on our website and confirmation of a corresponding request email).
Users of the newsletter are also assigned a UserID, which allows Cardano Foundation to determine when the relevant newsletter was opened and which links or functions from the relevant newsletter were activated. This tracking is done for internal optimization of the newsletter. The legal basis for processing is Art. 6 para. 1 a GDPR (if applicable), whereby Cardano Foundation’s authorization arises from the fact that, on the one hand, a concerned person can reasonably foresee at the time when the personal data is collected and in view of the circumstances under which it is carried out that it will possibly be processed for this purpose. The user has the right to withdraw his or her consent at any time. If the user of the newsletter does not wish to receive this tracking, he/she can unsubscribe from the newsletter. To do so, simply unsubscribe via the link in the newsletter or send an e-mail to [email protected]. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
9. Use of cookies
Our website uses cookies to distinguish you from other visitors of our website. Cookies are small text files that may be stored on your computer (or other internet enabled devices, such as a smartphone or tablet). They are sent by a
Our website uses cookies to distinguish you from other visitors of our website. Cookies are small text files that may be stored on your computer (or other internet enabled devices, such as a smartphone or tablet). They are sent by a server to your computer and stored on your hard drive to allow a website to recognise you when you visit.
Cookies can be used by website to optimize the user’s experience. Our website uses different types of cookies. Some cookies are placed by third party services that appear on our pages. We use cookies to personalize content, to provide social media features and to analyse our traffic. This improves your experience when you browse our website(s) and allows us to improve the service we provide.
We also use cookies to create statistical evaluations of the use of our website. For this purpose, we use third party services (such as Google Analytics or similar services) that measure and evaluate the use of the website. For this purpose, aggregated information is used that does not allow the individual user to be identified. However, the third-party provider (e.g. Google) may track your use of the website, combine this data with data from other websites that are also tracked by this third-party provider, and use this information for its own purposes and, if necessary, assign it to you. This third-party provider is responsible for the processing of your personal data by this third-party provider and its data protection provisions apply.
We also share information about your use of our website with our social media and analytics partners (such as Google Analytics, HotJar or similar services). Aggregated information is used that does not allow the individual user to be identified. However, the third-party provider (e.g. Google) may track your use of the website, combine this data with data from other websites that are also tracked by this third-party provider, and use this information for its own purposes and, if necessary, assign it to you. This third-party provider is responsible for the processing of your personal data by this third-party provider and its data protection provisions apply.
You can at any time change or withdraw your consent from the cookie declaration on our website. Your consent applies to the following domains: summit.cardano.org.If you do not want us to use cookies during your visit, you can deactivate their use in your browser settings. In this case, certain parts of our website (e.g. language selection) may not function or may not function fully.
We use the following type of cookies:
1. Strictly necessary cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. These cookies enable basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
2. Targeting cookies
These cookies may be set through our website by our advertising partners. Marketing cookies are used to track visitors across websites. They may be used by those companies to build a profile of your interests and show you relevant adverts on other websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
3. Performance cookies
These cookies are usually referred to as statistical cookies and allow us to count visits, traffic sources so we can measure and improve the performance of our website. They help us to know which pages are the most and least popular and see how visitors move around the website. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our website, and will not be able to monitor its performance.
10. Who has access to your information
We do not pass on personal data to third parties without the consent of the person concerned, unless this is necessary for the purposes described in this Policy and except to third parties such as service providers, agents, subcontractors and other associated organisations engaged by us for processing for the purposes of completing tasks and providing services to you on our behalf, or if we are legally obliged to do so or if it is necessary to protect our interests, e.g. to combat abuse or to protect the law, to authorities or other third parties and within the framework of tracking technologies as described in this Policy.
First Event may receive access to your personal information if you purchase tickets for an event through our website, or otherwise if you submit any information to us for the purposes of attending an event, sponsoring an event, or speaking at an event. This information is used to facilitate your attendance of events, respond to queries from you in relation to the event, or as otherwise required for organisation of the event.
If we use third party service providers, we disclose only the personal information that is necessary to deliver our website and services and we have a contract in place that requires them to keep your information secure. In particular, third party service providers may access your information for the provision of services related to any events which you register for or attend.
11. Where we store your personal information
The data that we collect from you may be transferred to, and stored in, a country outside the European Economic Area (EEA), i.e. worldwide, in particular Switzerland, the United Kingdom and the USA. The laws in some countries may not provide the same legal protection for your information as in the EEA. In these cases, we only transfer personal data after we have implemented the legally required measures, such as the conclusion of standard contractual clauses on data protection or obtaining the consent of the data subjects. If you are interested, the documentation on these measures can be obtained from the address mentioned above.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.
The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information; any transmission is at your own risk. Once we have received your information, we will use good procedures and strong security features to try to prevent unauthorised access.
12. How long will we keep your data
We will hold your personal information on our systems for as long as is necessary for the relevant activity. They are then either deleted or anonymized, unless we need them for longer in exceptional cases, e.g. due to statutory retention and documentation obligations or our legitimate interests, e.g. to protect rights to which we are entitled or to defend against claims.
13. Links to other websites
Our website may contain links to other websites run by other organisations. This Policy applies only to our website(s)‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be made responsible for the privacy policies and practices of other websites even if you access them using links from our websites.
If you linked to our website from a third-party website, we cannot be made responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that website.
14. Security measures to protect your information
We take appropriate administrative, technical and physical safeguards to protect the confidentiality, integrity and availability of personal data. We use strict procedures and security features, including encryption techniques, and take all steps reasonably necessary to ensure that personal data is processed securely and in accordance with this Policy.
Non-sensitive details such as your email address may be transmitted unencrypted over the Internet, and so may not be guaranteed to be 100% secure. While we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
15. Your choices and your rights
You have the right to request a copy of your personal data as well as the right to have your personal data corrected or deleted.
Under certain circumstances, you have the right to request that we restrict processing or hand over the data to you and the right to object to processing by us in general.
If our processing is based on your consent, you have the right to withdraw this consent at any time with effect for the future.
You may also have the right to receive a copy of the personal data in a machine-readable format or to send the personal data to another controller.
You can exercise your rights by contacting us (see above).
You have the right to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner. Competent data protection authorities of EU countries can be accessed through this link.
16. Review of this Policy
We keep this Policy under regular review. In case of a revised version, we will inform you of the change in a suitable form (e.g. by posting it on our website or sending you an e-mail) and the new version will become binding upon publication on our website.
Version 30 August 2024