Version 1.1

Last updated: 05.02.2025

1. Introduction and purpose

This Privacy Policy ("Policy") describes the privacy practices of Sociogram ("Sociogram," "we," "us," or "our") in connection with the Sociogram Platform (the "Platform"). The Sociogram Platform is a Web3 multichain social network platform designed to enable users to create, share, and interact with Content, and to facilitate the creation, trading, and engagement with Digital Assets. This Privacy Policy explains how we collect, use, process, disclose, and safeguard your Personal Data, and outlines the rights and choices available to you with respect to your information. Please read this Privacy Policy carefully to understand our policies and practices. By accessing or using the Sociogram Platform, you acknowledge and agree to the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use the Sociogram Platform.

2. Definitions

2.1. Personal Data: As used in this Policy, "Personal Data" refers to any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal Data does not include information that has been aggregated or anonymized in such a manner that an individual is no longer identifiable.

2.2. "Processing" Means any operation or set of operations that is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

2.3. Data Controller: A Data Controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data. This includes the entity that controls the collection, holding, processing, or use of Personal Data, and that may instruct another person or organization to collect, hold, process, use, transfer, or disclose Personal Data on its behalf. For clarity regarding the Data Controller specific to Sociogram, please refer to Section 18 of this Privacy Policy, where the contact details of the Sociogram Data Controller are provided.

2.4. "Blockchain Data" Refers to data immutably recorded on decentralized ledgers, including but not limited to wallet addresses and transaction histories, which are inherently public and transparent.

3. Types of Personal Data Collected

The types of Personal Data we collect depend on your interactions with the Sociogram Platform and may include:

3.1. Account and Identification Data: Usernames, profile pictures, display names, and contact details such as email addresses provided during account registration or profile updates.

3.2. Blockchain and Financial Data:

• Blockchain wallet addresses.
• Records of blockchain transactions related to your activity on the Sociogram Platform, including digital asset creation, trading, deposits, and withdrawals.
• Data regarding your digital asset holdings and balances.
• Note: Due to the nature of blockchain technology, Blockchain Data is immutable and cannot be modified or deleted after being recorded on the blockchain.
• Information about your usage of the Sociogram Platform, including pages visited, features used, and session durations.

3.4. Communication Data: Content of messages and communications exchanged via our secure Web3 messenger, including text, images, and emojis.

3.5. Transactional and Interaction Data: Details of your engagement on the Sociogram Platform, such as participation in Reward Post activities, Giveaways, referral programs, and customer support communications.

3.6. Compliance and Commercial Data: Additional commercial or identification information that we, in our sole discretion, deem necessary to comply with legal and regulatory obligations, such as anti-money laundering (AML) laws, and to ensure platform security and performance.

We may also collect Personal Data about you from third-party sources, including publicly available sources and blockchain networks.

4. Methods of Personal Data Collection

We collect Personal Data through the following means:

4.1. Directly from You: When you actively provide information on the Sociogram Platform, such as during registration, profile updates, transactions, or when communicating with our support team.

4.2. Automatically: As you interact with the Sociogram Platform, we automatically collect certain information about your device and usage, including data from blockchain interactions, cookies, web beacons, and analytics tools.

4.3. From Third Parties: We may receive Personal Data from third-party service providers who assist us in operating the Sociogram Platform, as well as from blockchain networks and publicly accessible sources, as permitted by law.

5. Legal Basis for Processing Personal Data

We process Personal Data for the following legal bases:

5.1. Consent: Where you have freely given your explicit consent for specific processing activities. You have the right to withdraw your consent at any time.

5.2. Contractual Necessity: When processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract. This includes providing you with access to the Sociogram Platform and its features.

5.3. Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of third parties, provided your interests and fundamental rights do not override those interests. Our legitimate interests include ensuring the security and proper functioning of the Sociogram Platform, preventing fraud, and improving our services and user experience.

5.4. Legal Obligations: When processing is required to comply with applicable laws and regulations, such as those related to financial transactions, user verification, and data protection.

6. How We Use Personal Data

We use the Personal Data we collect to:

6.1. Operate and Provide the Sociogram Platform: To enable account management, facilitate blockchain wallet integration, process transactions, and provide access to social features like Reward Posts and Giveaways.

6.2. Process Transactions: To facilitate digital asset trades, record digital asset creation and trading activity, and manage deposits and withdrawals on the Sociogram Platform.

6.3. Ensure Security and Prevent Fraud: To monitor for unauthorized access, detect and prevent bot activity, and mitigate fraud and security risks.

6.4. Communicate with You and Provide Support: To operate our secure messaging service, send essential notifications and platform updates, and respond to customer support requests.

6.5. Analyze and Improve the Platform: To analyze user behavior and usage patterns to enhance the Sociogram Platform's performance, functionality, and user experience.

6.6. Comply with Legal and Regulatory Requirements: To fulfill legal obligations, support audits, and respond to requests from governmental authorities and law enforcement.

6.7. Foster User Engagement and Community: To facilitate community building, promote content, and reward positive interactions on the Sociogram Platform.

7. Sharing and Disclosure of Personal Data

We may share your Personal Data in the following situations:

7.1. With Service Providers: We share Personal Data with third-party service providers who assist us in operating, delivering, and improving the Sociogram Platform. These services include hosting, data analytics, security, customer support, and payment processing. We require these service providers to protect your Personal Data in accordance with this Privacy Policy and applicable laws.

7.2. Within Our Corporate Group and with Affiliates: We may share Personal Data within the Sociogram corporate group and with affiliated entities for purposes consistent with this Privacy Policy.

7.3. For Legal Compliance: We may disclose Personal Data to legal and regulatory authorities when required by law, legal process, or governmental request, including to comply with subpoenas and court orders.

7.4. In Business Transfers: Personal Data may be transferred to a third party in connection with a business transaction (or potential transaction) such as a merger, acquisition, restructuring, or sale of assets.

7.5. Public Blockchain Networks: Information related to digital asset transactions and wallet addresses will be recorded on public blockchain networks and will be publicly accessible and immutable.

7.6. Data Sharing Limitations: We do not sell your Personal Data to third parties for marketing purposes. We limit data sharing to the purposes outlined in this Privacy Policy, unless we obtain your further consent.

8. International Data Transfers

8.1. Your Personal Data may be transferred to, processed in, and stored in countries outside your country of residence, which may have different data protection laws. When we transfer Personal Data from regions with strict data protection laws, such as the European Economic Area (EEA) and the United Kingdom (UK), we comply with the General Data Protection Regulation (GDPR), ensuring your data is handled lawfully and transparently. By using the Sociogram Platform, you acknowledge that your Personal Data may be processed in locations globally.

8.2. For residents of California, we adhere to the California Consumer Privacy Act (CCPA), granting you rights like access to your personal data, deletion requests, and opting out of data sales.

9. Data Retention

We will retain your Personal Data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of: providing you with the Sociogram Platform, complying with legal, regulatory, accounting, or reporting requirements, and resolving disputes.

Data retention periods are determined based on the nature and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your Personal Data, and applicable legal requirements.

Personal Data related to your account and contractual obligations will be retained while your account is active and as needed thereafter to provide you with the Services, or to comply with our legal obligations.

We may retain Personal Data for a longer period if you have given your consent to such processing, or when required to fulfill legal obligations or by order of a competent authority.

Once the retention period expires, Personal Data will be securely deleted or de-identified in accordance with applicable law, unless it is Blockchain Data, which remains immutable. After the retention period, rights to access, erasure, rectification, and data portability may not be enforceable.

However, please note that Blockchain Data, once recorded on public blockchains, is immutable and may persist indefinitely. We are not able to erase, modify, or alter Personal Data on blockchain networks.

10. Data Security

We implement and maintain reasonable administrative, technical, and physical safeguards designed to protect your Personal Data from unauthorized access, use, alteration, disclosure, or destruction. These measures include encryption during transmission and at rest, access controls, and regular security audits.

The security of your Personal Data is also dependent on you. Please do not share your account credentials or any sensitive security information.

While we strive to protect your Personal Data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee the absolute security of your Personal Data, and any transmission of Personal Data is at your own risk.

11. Cookies and Similar Technologies

We use cookies and similar technologies, such as web beacons and local storage, to collect information about your activity on the Sociogram Platform and to enhance your user experience.

• Cookies: Cookies are small text files placed on your device that help us to recognize you, remember your preferences, and analyze how you use the Sociogram Platform. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device for a set period or until you delete them).
• How We Use Cookies: We use cookies for various purposes, including:
  • Strictly Necessary Cookies: These cookies are essential for the operation of the Sociogram Platform and to provide you with core functionalities.
  • Functionality Cookies: These cookies allow us to remember your choices and preferences to provide a more personalized experience.
  • Performance/Analytical Cookies: These cookies help us analyze website traffic and user behavior to improve the Sociogram Platform.
  • Targeting Cookies: These cookies may be used to deliver relevant information about the Sociogram Platform to you on other websites and platforms.
• Controlling Cookies: You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies, or to be notified when cookies are set. However, please note that disabling cookies may affect the functionality of the Sociogram Platform and you may not be able to access all features. For more information about cookies and how to manage them, please visit websites such as https://www.allaboutcookies.org.
• Google Analytics: We may use Google Analytics, a web analytics service provided by Google, to collect and analyze information about your use of the Sociogram Platform. Google Analytics uses cookies to collect information such as your IP address, browser type, pages visited, and time spent on the website. This information is used to create reports about website usage and helps us improve the Sociogram Platform. To learn more about Google Analytics and how to opt-out, please visit https://policies.google.com/privacy and https://adssettings.google.com.

We do not combine data collected through cookies with third-party data for targeted advertising or share data with data brokers.

12. Blockchain and Immutable Data Considerations

12.1. You acknowledge and understand that data related to transactions, wallet addresses, and certain other activities on the Sociogram Platform may be recorded on blockchain networks. This Blockchain Data is immutable and cannot be altered, erased, or modified by Sociogram or any other party once it is confirmed and recorded on the blockchain.

12.2. Blockchain Data is inherently public and transparent, potentially accessible to anyone with blockchain explorer tools. You understand that Blockchain Data may be subject to forensic analysis and may be combined with other publicly or privately available data, potentially leading to the de-anonymization of blockchain addresses and the revelation of associated Personal Data, particularly when combined with off-chain information.

12.3. By using the Sociogram Platform and participating in blockchain-based activities, you expressly acknowledge and accept the immutable and public nature of Blockchain Data. You are responsible for understanding the implications of blockchain transparency for your privacy.

13. Your Rights Under GDPR

Under the General Data Protection Regulation ("GDPR"), you have the following rights regarding your Personal Data that we process:

13.1. Right to be informed: We are publishing this Privacy Policy to inform you what we do with your Personal Information. You have the right to ask us for information regarding any data of yours that we keep at any time. This information concerns, among other things, the data categories we process, for what purposes we process them, the origin of the data if we did not acquire them directly from you, and, if applicable, the recipients to whom we have sent your data.

13.2. Right of access: You have the right to ask us whether we process your Personal Information, and you have the right to request a copy of the Personal Information we hold about you.

13.3. Right to rectification: You have the right to request that we correct any inaccurate or incomplete Personal Data we hold about you.

13.4. Right to be forgotten (Right to Erasure): You have the right to ask for your Personal Information to be erased from our systems, and we will comply with this request unless we have a legitimate reason not to do so. Please note that this right is limited to off-chain Personal Data and does not extend to immutable Blockchain Data.

13.5. Right to restriction of processing: Where certain conditions apply, you have the right to ask us to restrict the processing of your Personal Data, to ‘block’ the processing of your data under specific circumstances.

13.6. Right to data portability: You have the right to request to receive your Personal Data in a structured, commonly used, and machine-readable format, and to have your Personal Data transferred to another organization or controller.

13.7. Right to object: You have the right to object to the processing of your Personal Data at any time for reasons arising from your particular situation, provided the data processing is based on your consent, our legitimate interest, or that of a third party. In this case, we will no longer process your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

13.8. Right to withdraw consent: You have the right to withdraw your consent at any time where we are relying on consent to process your Personal Information. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.

13.9. Right to complain: We take your privacy rights very seriously. However, if you are of the opinion that we have not dealt with your complaints adequately, you have the right to submit a complaint to the data privacy protection authorities responsible in your jurisdiction.

13.10. Exercising your rights: To exercise any of the rights listed above, please contact our Support team using the contact information provided in Section 24. We may require you to verify your identity before processing your request. We will respond to your request in accordance with applicable data protection laws.

14. Children's Privacy

14.1. The Sociogram Platform is not intended for use by individuals under the age of 18, and we do not knowingly solicit or collect Personal Data from children under this age.

14.2. If we become aware that we have inadvertently collected Personal Data from a child under the specified Minimum Age without verification of parental consent, we will take immediate steps to delete such information from our records.

14.3. If you are a parent or guardian and believe that your child has provided us with Personal Data, please contact us immediately using the details provided in Section 24.

14.4. We comply with applicable children's privacy laws, including the Children's Online Privacy Protection Act (COPPA) in the United States, the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada and provisions of the GDPR concerning children's data in the European Union, and implement parental gates where necessary to ensure compliance.

15. Marketing Communications and Consent

15.1. With your explicit consent, we may send you marketing communications about new features, promotions, updates, and other information related to the Sociogram Platform that may be of interest to you.

15.2. We will only use your Personal Data for marketing purposes if we have obtained your explicit consent to do so. You have the right to withdraw your consent to receive marketing communications at any time, free of charge, by using the opt-out mechanisms provided in our communications or by contacting us directly as specified in Section 24.

16. Changes to this Privacy Policy

16.1. We reserve the right to modify or update this Privacy Policy at any time to reflect changes in our data processing practices, services, legal requirements, or for other operational, legal, or regulatory reasons.

16.2. In the event of material changes to this Privacy Policy, we will provide reasonable notice, such as by email to your registered email address or by posting a prominent notice within the Sociogram application and on our website, prior to the changes becoming effective.

16.3. We encourage you to review this Privacy Policy periodically to stay informed about our data protection practices. The "Last Updated" date at the top of this Policy indicates when the latest revisions were made.

16.4. Your continued access to or use of the Sociogram Platform after the effective date of a revised Privacy Policy constitutes your acceptance of the updated Policy. If you do not agree to the revised Policy, you must discontinue using the Sociogram Platform.

17. Data Breach Notification

17.1. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authorities without undue delay, as required by applicable data protection laws.

17.2. Our data breach incident response plan is designed to promptly contain and investigate any data breach, mitigate potential harm, and fulfill our notification obligations to affected users and regulatory bodies.

18. Contact Information for Privacy Concerns

For any questions, concerns, requests, or complaints regarding this Privacy Policy or the Processing of your Personal Data by Sociogram, please contact us using the following email: support@sociogram.org