Privacy Policy – MetaMask: The Leading Crypto Wallet Platform, Blockchain Wallet

Privacy Notice

CONSENSYS SOFTWARE INC. GLOBAL PRIVACY NOTICE

Date of Last Revision: 20 Sep 2024
Effective: 18 June 2024

Consensys Software Inc. is the leading blockchain and web3 software company which provides services to users, creators and developers under brands such as MetaMask, MetaMask Institutional, MetaMask Developer, Infura, Diligence, Linea, Consensys Staking, Teku, Besu and Phosphor.

Consensys Software Inc. (“Consensys,” “we,” “us,” or “our”) knows your personal information is important. As a result, we process your personal information responsibly and in accordance with applicable laws and regulations.

We appreciate the trust you place in us when you use our products and services, and when you visit our websites, https://consensys.io/, https://metamask.io/, https://metamask.io/institutions/, https://metamask.io/developer/, https://infura.io/, https://consensys.io/diligence/, https://linea.build/, https://consensys.io/staking, https://consensys.io/teku, https://besu.hyperledger.org and https://phosphor.xyz (“Sites”). This Privacy Notice (“Privacy Notice”) applies to the Sites (including subdomains), applications, products and services (collectively, “Services”) on or in which it is posted, linked, or referenced.

This Privacy Notice describes how we process the personal information collected when you access the Services. When you leave the Services, this Privacy Notice no longer applies. Any subsequent website, application, or service you access is subject to its own terms of service and privacy notice (if any) and not this Privacy Notice.

This Privacy Notice tells you about your rights and choices with respect to your personal information, including how you can contact us if you have any questions or concerns. In this Privacy Notice “Personal Information” means any information relating to an identified or identifiable natural living individual.

Please read this Privacy Notice carefully. If you do not agree with this Privacy Notice or any part thereof, you should not access or use any part of the Services. If you change your mind in the future, you must stop using the Services. You may exercise your rights in relation to your Personal Information as set out in this Privacy Notice and you may contact us at any time regarding those rights using the methods described in the “Contact Us” section below.

MetaMask privacy tl;dr

MetaMask users – what does this mean for you?

We take great care to protect the safety, security and privacy of MetaMask users, and to give users the ability to control and configure their wallet to meet their personal needs. We provide a detailed overview of the settings that we allow users to configure based on their individual experience and privacy preferences. This overview can be found at our MetaMask News site (here).

We have updated our Privacy Notice to continue providing transparency on our processing activities. In summary, for MetaMask users this means that we:

do not collect your private keys.
do not sell your Personal Information.
do not collect or retain Personal Information unless necessary to provide you the Services and a great user experience (see below for details).
for IP addresses in particular, we may temporarily process your IP address only where required for some of our Services (depending on your MetaMask settings) to provide the best possible experience for MetaMask users. This includes, for example, the prevention of DDoS attacks (see below for more details).
do not collect financial payment or banking information, however, when you use our on- or off-ramp features these services may necessitate you submitting this information to third-party providers.

We may temporarily process IP addresses, only where necessary and to provide the best possible experience for MetaMask users. This includes the following purposes:

for the basic functionality of our Services where you make requests from your device in relation to the Services. This is a necessary feature of offering our Services on the internet;
to run third-party requests through proxy infrastructure, thereby eliminating your individual device details and IP address from the request that is ultimately received by third-parties. For example, instead of MetaMask sending traffic directly from your device to multiple third-party services, we may run the request through a proxy to improve performance and/or privacy for you;
for providing you with the best experience when using the Services (e.g. to measure latency, volume of requests per region and to route your requests to servers close to your region to improve your experience of the Services) or where interactions with Third Party Platforms are required (depending on your MetaMask settings);
where we are required to do so to comply with our legal obligations (e.g. to help us avoid providing services to regions prohibited by sanctions laws); and
to ensure the safety, security and integrity of the Services (e.g. for the prevention of DDoS attacks).

If users wish to further limit the collection of their device and usage information, users could consider the use of virtual private networks, or ‘VPNs’.

We do not collect other Personal Information that we do not need. Personal Information that we may process is set out below at Section 2 (including information that you may provide to us and information that is collected automatically). For MetaMask users, this includes:

Wallet related information, including your wallet address which is temporarily processed as part of API requests (in URL parameters or bodies) when making API calls required to support the user experience. Please note that this applies where you utilise MetaMask’s default settings and configurations, which you may disable or opt-out of at any time.
Your MetaMask preferences and settings, only as necessary to provide the Service. Generally this information is stored locally on your device. To the extent that we process this information to facilitate cross-device functionality, it is encrypted such that it can only be decrypted by you on your device(s).
Feedback and survey responses, where you choose to provide this information.
User event information, where you opt-in to analytics data collection (also known as MetaMetrics), to support continued improvement of the product experience. We store this data pseudonymously and we do not link it to other Personal Information unless you ask us to do so. You may disable this feature at any time.
Marketing related information, where you opt-in to share this information (like information from cookies). This helps us to learn how you interact with our marketing communications and personalize what we share with you, such as latest developments and product features. You may disable this feature at any time.
Device related information, where you opt-in to receive notifications from your MetaMask wallet. For example, if you opt-in and ask us to provide push notifications to your mobile device, we will retain your device identifier to facilitate such notifications for as long as you remain opted-in. You may disable this feature at any time.

Please note that the use of data described above applies when you utilise MetaMask’s default settings and configurations (which you may disable or opt-out of at any time), such as using Infura as the default Remote Procedure Call (RPC) provider. See a detailed overview of the settings that we allow users to configure based on their individual experience and privacy preferences at our MetaMask News site (here).

1. Our Relationship With You

Our relationship with you is described in this section. Consensys is the entity that provides the Services and determines the purpose and the means of processing for your Personal Information.

You are subject to the Terms of Use of the Services. This means that Consensys is the entity that provides the Services and determines the purpose and the means of processing for your Personal Information, or other similar designation under law. The Services can be used by organizations or by individual Users. If you’re using the Services on behalf of your organization, your organization owns the associated accounts and may take certain actions in respect to your access or abilities to use the Services.

2. Personal Information We Collect

We collect Personal Information about you as described in this section. In summary, some information you provide to us. We also collect certain information automatically. All information we collect is subject to the use limitations described in section 3.

For example, when you use the Services we must collect certain data for the Services to work. This may include information like your email address which we may require for setting up an account for certain Services (such as MetaMask Institutional, Infura or Diligence) or your IP address (which we have to collect automatically for certain functionality). Please note that when creating a wallet with MetaMask, no email address is required.We collect Personal Information about you as described in this section. In summary, some information you provide to us. We also collect certain information automatically. All information we collect is subject to the use limitations described in section 3.

When you visit the Services, we collect: (1) technical information that is used to deliver the contents and Services and for other purposes as described below, and (2) information that you provide to us.

Personal Information You Provide to Us
We collect a variety of information that you provide to us. The specific types of information we collect will depend upon your engagement with the Services. Some Personal Information that you provide to us is required for the use of the Services. However other Personal Information is optional.

Account and Profile Information. Certain Services require you to create an account or profile (for example, MetaMask Institutional, Infura and Diligence). If you create an account or profile to use the Services, we collect Personal Information to allow you to use these Services. When you sign up, you may provide us with your name, password, email address, mobile phone number, job title, account history, or other information necessary to create and maintain your account or profile.
Contact Information and Other Information You Choose to Provide to Us. You can provide a variety of information during your interactions with us, such as through emails or other communications. When you contact us via a website contact form, email, or other means, you provide us with Personal Information, such as your name and contact details, and the content of your communications with us.
Support Information. When you request technical support services, we will process your Personal Information such as your name and the contact details you use to contact us, as well as information regarding the reasons for your support request, the support that was provided, and any additional information you may provide in that context. We may also process Personal Information about how you engage with our Services so that we can improve the support services that we provide to users.
Financial Information. If you purchase our Services, you will need to provide payment information. We will use that information solely for the purpose of fulfilling your purchase request.
Other Information. You may provide us with additional information associated with your use of the Services, such as your wallet address. If you decide to use the Services offered, we may collect and store the content and information you create or upload to the Services. Where relevant, this includes information relating to your preferences and settings when using the Services.This also includes additional information you may choose to provide to us, such as feedback and survey responses.For certain Services we may require you to provide additional Personal Information in order to verify your identity or to provide the Service. We will inform you if this is the case.

Information Collected Automatically
We may automatically collect certain information due to your use of the Services. We use this information to enable the basic functionality of the Services. We strive where possible to ensure that the collected information is de-identified, aggregated and/or anonymized.

Single Sign-On Through Internet Service Providers. When you decide to use single sign-in servers to connect to our Services, we may collect Personal Information from internet service providers. Your interactions with these tools are governed by the privacy notices of the corresponding platform.
Device and Usage Information. When you access and use the Services, including in limited circumstances when you engage with our relevant support platforms to make a request or where you require support from us, we may receive and store information about your interactions. This may include information such as date/time stamps, usage information and statistics, your internet protocol (IP) address, location (eg, city or state), hardware and software information (including operating system version and type), browser type, device identifiers, device event information, crash data, cookie data, and your interactions with the Services. This information could be used to identify you or your device.
Cookies and Similar Technologies. When you access the Service, we may collect Personal Information via cookies, pixel tags, or similar technologies on the Services (collectively referred to as “Cookies”). For more information on our use of Cookies, please read our Cookie Notice here.
Location Information. When you use the Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners (for example, when you engage with our marketing campaigns) and researchers (for example, when you engage with our user experience research activities). We may combine this information with information we collect from you and use it as described in this Privacy Notice.

3. How We Use the Personal Information We Collect?

Our use of your Personal Information is described below. In summary, we only use your information for the purposes for which it is collected.

We use the Personal Information we receive or collect for the following purposes:

To create your account or profile, if required, for your use of the Services.
To provide our Services, including to allow access to, operate and support our Services. Your Personal Information is required for the basic functionality of the Services, such as addressing and responding to your requests for the Services.
For personalization to customize our Services to meet your specific needs, such as identifying your requests for regionality to improve your experience with the Service, and enabling you to interact with Third Party Platforms (as defined in Section 10).
For product improvement to improve the Services and to develop new products, services, and features.
To communicate with you, by phone, text, email, or chat. This may include contacting you for administrative purposes such as security or support and maintenance advisories, to provide services and information that you request, to respond to comments and questions, to contact you regarding issues concerning your use of our Services, including changes to this Privacy Notice, and to otherwise provide customer support.
Subject to any consent requirements, to send marketing materials, alerts about the latest developments and features or other promotional materials, and to develop new promotional materials that can be useful or relevant to you. You will always be provided with an opportunity to opt out of receiving marketing communications. For example, you can opt out by following the instructions located at the bottom of any commercial emails you may receive or by contacting us as described in the “Contact Us” section in this Privacy Notice.
For customer and third-party relationship management including to track emails, phone calls, and other actions you have taken as a prospective customer or our customer or other third-parties.
For aggregation or de-identifying of Personal Information which is a format that does not allow you to be personally identified. We use the resulting information for statistical analysis regarding the use of the Services, such as to better understand our customer base, or for other purposes.
For administrative and legal purposes, such as for compliance purposes. This includes enforcing our Terms of Use or enforcing or defending other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency, and to comply with our legal obligations and internal policies as permitted by law, such as preventing the Services to be accessed by individuals in sanctioned territories, or by sanctioned individuals.
For safety, security and integrity focused on investigating in good faith alleged violations of our Terms of Use, including unauthorized access and use. In order to protect the Services, and ensure your continued access to the Services, your Personal Information is collected to prevent malicious actors from attacking and disrupting the Services.

PLEASE NOTE: We may use AI enhanced tooling and systems in the course of our day-to-day business. For example, when you engage with our customer support team, our support agents may use AI tooling to summarize content and to respond to your queries as efficiently as possible. Consensys always uses AI tools and systems in a responsible and ethical way.

4. Who We Share Personal Information With4. Who We Share Personal Information With

Our use of your Personal Information is described below. In summary, we only use your information for the purposes for which it is collected.

We may disclose Personal Information about you under the following circumstances:

Group Entities. We may disclose Personal Information about you to our Consensys affiliates and subsidiaries, if any, for the purpose of providing the Services and conducting business.
Service Providers. We work with third parties for the purpose of providing the Services such as hosting, maintenance, network management, cybersecurity and support. These third parties may have access to or process your Personal Information as part of providing those services to us. For example:
- When you use a credit card to pay for our Services, information such as your name, billing address, phone number, email address and credit card information will be submitted to service providers for verification and to manage any recurring payments.
- We use cloud service providers who we rely on for data storage, disaster recovery and to perform our obligations to you.
- We use service providers of business communication tools.
- We use service providers who manage the networks for the operation of the Services and to improve latency for our users.
- We use service providers to help us prevent malicious actors from threatening the Services and to comply with legal obligations, such as preventing individuals from sanctioned territories, or sanctioned individuals, from accessing the Services.
Native Integrations. You can use native integrations to share data with other applications. Consensys does not share data from integrated apps with any other services or clients.
Legal. Personal information about you may be disclosed to law enforcement agencies, regulatory bodies, public authorities or pursuant to the exercise of legal proceedings if we are legally required to do so, or if we believe, in good faith, that such disclosure is necessary to comply with a legal obligation or request, to enforce our terms and conditions, to prevent or resolve security or technical issues, or to protect the rights, property or safety of Consensys, our Users, a third party, or the public.
Strategic Business Partners. Where you have provided your consent, we may share your Personal Information with our strategic business partners in limited circumstances, for example for marketing and advertising purposes.
Third Party Platforms (as defined below). Your Personal Information may be disclosed to Third Party Platforms where you have requested to interact with a third-party service or platform. Please see Third Party Links and Websites (Section 10) for more information.

5. Service Providers

We engage Service Providers for the purposes described above in Section 4. These Services Providers include the unaffiliated entities listed here.

6. Your Rights

Your rights associated with the Services are described below. Please note these rights may only be available to you in specific regions, countries or states based on where you reside. In certain cases, we may be prevented from allowing you to exercise these rights but we will inform you if that is the case when you seek to exercise the rights.

You have the following rights associated with the processing of your Personal Information:

Right to Access or Right to Know. You have the right to obtain access to the Personal Information we hold about you and to request certain information about our processing. You have the right to receive an explanation of (i) why we process your Personal Information, (ii) the categories of Personal Information we have about you, (iii) who we share your Personal Information with, (iv) how long we store your Personal Information and (v) who we received your Personal Information from if it was not collected from you directly. We will also inform you about your privacy rights. We will notify you where we engage in automated decision making.
Right to Rectification or Correction. You have the right to correct, update or complete any Personal Information we hold about you that is inaccurate or incomplete. Please note that we may rectify or remove incomplete or inaccurate information, at any time and at our own discretion.
Right to Erasure or Deletion. You may request to have your Personal Information anonymized, erased, or deleted, as appropriate. In this case, if there is no overriding legitimate interest or requirement to continue processing your Personal Information, we will erase your data.
Right to Object to Processing. You have the right to object to our processing of your Personal Information where we are relying on a legitimate interest or if we are processing your Personal Information for direct marketing purposes.
Right to Restrict Processing. You have a right in certain circumstances to stop us processing your Personal Information other than for storage purposes.
Right to Portability. You have the right to receive, in a structured, commonly used, and machine-readable format, Personal Information that we hold about you, if we process it based on our contract with you, or with your consent, or to request that we transfer such Personal Information to a third party.
Right to Withdraw Consent. You may withdraw any consent you previously provided to us regarding the processing of your Personal Information at any time and free of charge. We will apply your preferences going forward. This will not affect the lawfulness of the processing before you withdraw your consent.
Right to Lodge a Complaint. You may lodge a complaint with a supervisory authority, including in your country of residence, place of work, or where you believe an incident took place.
Right Against Discrimination. We will not discriminate against you for exercising your rights.
Right to Opt Out of Targeted Advertising, Sale or Sharing. You can ask us to stop using your Personal Information for targeted advertising when required by law.

You may exercise these rights by contacting us as set out in the “Contact Us” section below.

Please note that, prior to any response to the exercise of such rights, we may require you to verify your identity. In addition, we may have valid legal reasons to refuse your request and will inform you if that is the case. Note that applicable laws contain certain exceptions and limitations to each of these rights. Subject to certain restrictions, you can ask an agent to exercise your rights for you. If you have an agent exercising your rights, that person must provide to us your written authorization allowing them to make such a request on your behalf. We reserve the right to deny the agent’s request if we are not reasonably able to confirm proper authorization and/or verify your identity as the requestor.

To appeal any refusal by us to act on a data subject rights request contact us by email at: privacy-requests@consensys.net.

7. Retention of Information

We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Notice, to make the Services available to you, or as instructed by you, unless a longer retention period is required or permitted by law. We may also keep your data for as long as it is needed in relation to a legal claim, complaint, litigation or regulatory proceedings.

8. Security and Storage

We implement a variety of security measures that are reasonably designed to protect the safety of your Personal Information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction when you enter or submit your Personal Information on the Services. However, no Internet or email transmission is ever fully secure or error free. Please keep this in mind when disclosing any information to us via the Internet. IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF THE SERVICES, PLEASE CONTACT US IMMEDIATELY.

For more information about how we secure your Personal Information when using the Services, please see our security page here.

When you use the Services, Personal Information about you will be stored in the United States.

9. Data Analytics & Advertising

Data Analytics are required to provide the Services, improve the Services or for marketing purposes. We collect your consent for these activities where required or where we believe it is correct to do so. This includes analytics completed by Consensys and third-party services that we use. We also describe how we advertise on third-party sites based on the analytics described here.Data Analytics are required to provide the Services, improve the Services or for marketing purposes. We collect your consent for these activities where required or where we believe it is correct to do so. This includes analytics completed by Consensys and third-party services that we use. We also describe how we advertise on third-party sites based on the analytics described here.

Subject to consent requirements, we may use first-party analytics to provide the Services, including analyzing the performance of the Services for product improvement, or for marketing purposes as described above. We may also use third-party web analytics services on the Services (subject to your consent), such as those of Google Analytics. These third-party services use the sort of technology described in the “Information Collected Automatically” section above to help us analyze how Users use the Services (such as our websites), including by noting a third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these third parties, who use the information to evaluate your use of the Services. We also use Google Analytics for certain purposes related to advertising, as described above. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.

Advertising. Subject to your consent, third-party services, which may include Google Analytics, Google Tag Manager, Hubspot, LivePerson, Segment or LinkedIn, may use cookies and web beacons to collect information about your activities on the Services (such as our websites) to provide you advertising based upon your interests. This means these third-party services may show our ads on sites across the Internet based upon your previous visits to the Services. Together with these third-party services, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to the Services.

The use of tracking technologies by third-parties, technology partners or other third-party assets (such as social media links) on the site is not covered by this Privacy Notice. We do not have access or control over these technologies.

If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at: www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at: http://aboutads.info/choices.

10. Third Party Links and Websites

The Services enable you to interact with certain third-party services, decentralized applications, and third-party platforms (collectively “Third Party Platforms”). However, this Privacy Notice does not address, and we are not responsible for, the privacy practices of any third parties, including but not limited to those that operate websites to which the Services links. The inclusion of a link on the Services does not imply that we or our affiliates endorse the practices of the linked website. Your use of such Third Party Platforms and those Third Party Platforms’ use of your Personal Information is subject to their respective terms of use and privacy notice (if any) and is not subject to this privacy notice.

Where you have sought to interact with a Third Party Platform through the Services and to share Personal Information as required for such interaction, we will seek, where permitted and where possible, to limit the Personal Information shared through the use of proxies.

11. Co-Branded Websites

If our website links to other websites that include our branding, this Privacy Notice does not apply to those other websites. Visitors to those websites are advised to carefully read the notices on those individual websites.

12. Eligibility

If you are under the age of majority in your jurisdiction of residence, you may use the Services only with the consent of or under the supervision of your parent or legal guardian. Consistent with the requirements of the Children’s Online Privacy Protection Act (COPPA), if we learn that we have received any information directly from a child under age 13 without first receiving his or her parent’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Sites and subsequently we will delete that information.

13. Change of Ownership

In the event of a change in ownership, or a merger with, acquisition by, or transfer or sale of all or a portion of our assets to another entity, we reserve the right to transfer all your Personal Information to that entity. We will use reasonable efforts to notify you of a transfer to an unaffiliated third party (by a posting on our homepage, or by email to your email address that you provided to us, as chosen by us at our discretion).

14. Changes to Our Privacy Notice

We reserve the right to amend this Privacy Notice at any time to reflect changes in the law, our data collection, use or sharing practices or advances in technology. We will make the revised Privacy Notice accessible throughout the Services. You should review this Privacy Notice periodically. The “Date of Last Revision” included at the beginning of this privacy notice will indicate when it was last updated.

By continuing to access or use the Services, you are confirming you have read and understand the latest version of this Privacy Notice.

15. Complaints

If you wish to lodge a complaint about how we process your Personal Information, please contact us as described in the “Contact Us” section below. We will endeavor to respond to your complaint as soon as possible. You may also lodge a claim with the applicable supervisory authority.

16. Contact Us

If you have any questions or comments about this Privacy Notice, our privacy practices, or if you would like to exercise your rights with respect to your Personal Information, please contact us using this form.

Alternatively, you can write to us at: 5049 Edwards Ranch Rd, Fort Worth, TX 76109, United States.

Supplemental Privacy Notice

(EU, Turkey, Switzerland, and the United Kingdom (EEA+))
Effective: 18 June 2024

This Supplemental Privacy Notice applies to you only if you are a natural living person and you are located in the European Union, a European Free Trade Association country, Turkey, Switzerland, or the United Kingdom (“EEA+”). If you are located in the EEA+ and engage with the Services, Consensys is the data controller with regard to the provision of the Services. This Supplemental Privacy Notice is incorporated into and forms part of the Consensys Global Privacy Notice.

This Supplemental Privacy Notice provides supplemental notices that are unique to the EEA+ region.

1. Legal Bases for the Processing of Personal Information

In accordance with our legal requirements in this region, we are required to identify and inform you of the legal basis that we use for the processing of your Personal Information. In this section we provide you with information about the legal bases we rely on when processing your Personal Information.

If you are located in EEA+ our legal basis for processing your Personal Information is described in this section. Please note that more than one legal basis may exist for the processing of your Personal Information:

Consent. This is the case where you have consented to the use of your Personal Information.
Contract.

The performance of the contract is used as the legal basis for the processing of your Personal Information for the purpose of providing the Services to you. For example, we need your Personal Information to provide you with our Services, to perform our obligations associated with our contract with you, such as to create and secure your account, to respond to your inquiries or to take steps that you request prior to signing up for the Services.

Legitimate Interest.

We have a legitimate business interest in processing your Personal Information to provide the Services to our Customers. We only rely on legitimate interest as a legal basis when the legitimate interests do not override your fundamental rights and freedoms associated with privacy and data protection on balance. We ensure we comply with any requests you make to exercise your associated rights. The processing of your Personal Information where legitimate interests are used as the legal basis for the processing of your Personal Information may include the following purposes: to communicate with you, to optimize our Services, for compliance, fraud and safety purposes and to provide the Services.

Legal Obligation.

We may have a legal obligation to process your Personal Information, for example to comply with tax and accounting obligations (which may include anti-money laundering (AML) laws and know-your-customer (KYC) requirements). We may process your Personal Information when necessary to establish, exercise, or defend legal claims.

2. Data Protection Officer

The Consensys Software, Inc. Data Protection Officer can be reached at: dpo@consensys.net.

3. International Data Transfers

As part of a global business, we need to transfer your Personal Information outside of the EEA +.In this section we describe how we ensure the protection of your Personal information, through the use of safeguards, when we transfer your Personal Information outside the EEA+.

If you provide us with your Personal Information when using the Services from the EEA, Turkey, Switzerland or the UK or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your Personal Information outside of those regions to the United States for storage and processing.

When we transfer your Personal Information internationally, we ensure that relevant safeguards are in place to afford adequate protection for your Personal Information and we will comply with applicable data protection laws, by relying on an EU Commission adequacy decision, or the current standard contractual protections for the transfer of your Personal Information or a derogation if one is available.

Please contact us using the methods described at Section 16 of the Global Privacy Notice if you want further information on the specific mechanism used by us when transferring your personal information out of EEA+.

4. Complaints

You have the right to contact the appropriate supervisory authority at any time to lodge a complaint regarding the processing of your data. The list of EU supervisory authorities is located here. All other supervisory authorities can be located via a search for their website homepage.

Supplemental Privacy Notice to Residents in States with Privacy-related Consumer Protection Laws

Effective: 18 June 2024

This Supplemental Privacy Notice applies to you only if you are a natural person and you are a resident of any state in the United States with a privacy-related Consumer Protection Law. This Supplemental Privacy Notice is incorporated into and forms part of the Consensys Global Privacy Notice.

Please note that the rules implementing some of these laws have not yet been finalized. We are continuously working to better comply with these laws, and we will update our processes, disclosures, and this notice as these implementing rules are finalized.

This Supplemental Privacy Notice provides supplemental notices that are unique to the US states referenced above.

1. Categories of Personal Information We Collect, and How We Use and Share that Information

The Personal Information we may collect, use and share over the next 12 months is set out above in the Global Privacy Notice. Specifically:

Personal Information we collect is set out at Section 2 of the Global Privacy Notice.
How we use Personal Information we collect is set out at Section 3 of the Global Privacy Notice.
Who we share Personal Information with is set out at Section 4 of the Global Privacy Notice.

2. Manage Cookies

Global Privacy Control (“GPC”) is a setting you can enable in your web browser to communicate your privacy preference for not having certain information about your webpage visits collected across websites. For all the details, including how to turn on GPC, visit https://globalprivacycontrol.org/.

3. Sharing of Personal Information

In the last 12 months, we have allowed third party ad providers to collect Personal Information from visitors to certain Services (for example, our websites) for the purposes of advertising and analytics. This practice may constitute the “sharing” (which is a term used to address the sharing of information for advertising purposes) of Personal Information. To the extent that our practices constitute the sharing of your Personal Information, you have the right to opt-out of the sharing of your Personal Information with the third parties in this Privacy Notice by contacting us using the methods described at Section 16 of the Global Privacy Notice. You can also opt-out by enabling Global Privacy Control (see Section 2 above).

4. We Do Not Sell Your Personal Information

You have the right to know whether your Personal Information is being sold. We do not sell your Personal Information. Your personal information is “sold” when it is provided to a third party for monetary or other valuable consideration for a purpose that is not a “business purpose” as set forth in the CCPA or other U.S. state data privacy laws. Please note a “sale” does not include when we disclose your personal information at your direction, or when otherwise permitted under law.

5. Right to Opt-out of Sharing

We do not sell your Personal Information, so we do not offer an opt out. We may “share” personal information with third parties for personalized advertising purposes as described above. You may indicate your choice to opt-out of the sharing of your personal data with third parties for personalized advertising on third party sites by contacting us using the methods described at Section 16 of the Global Privacy Notice. You can also opt-out by enabling Global Privacy Control (see Section 2 above).

Even if you turn off “sharing,” you may still see personalized ads based on information other companies and ad networks have collected about you, if you have not opted out of sharing with them.

6. Non-Discrimination

U.S. state privacy laws prohibit businesses from discriminating against you for exercising your rights under the law. Discrimination may include denying services, providing a different level or quality of service, or charging different prices. We do not discriminate.