Privacy Notice
This privacy policy provides information on what personal data we collect from you, how we collect it, use it and share it. We apply this privacy policy in accordance with applicable laws where we operate. In some cases, we may provide additional information specific to certain features, activities or regions.
1. VOICE AND DATA PRIVACY
Accountability for and transparency about the way in which we handle your personal data are extremely important to us where we are acting as a data controller with respect to your data. This Privacy Notice is given by and on behalf of the relevant contracting Voice entity specified in the Terms of Use.
You should carefully review this Privacy Notice, as well as the Terms of Use and all other Policies specified in the Terms of Use before proceeding.
Where law or regulation requires us to provide you with a notice, or other explanation of the information about you that we collect and process (or similar), this Privacy Notice shall be understood as fulfilling our obligation to provide you with such notice or explanation.
2. INFORMATION THAT VOICE COLLECTS
In addition to the personal data you make publicly accessible on Voice, we collect certain personal data which is not generally publicly accessible. As explained below, we only process your non-publicly accessible personal data to the extent required for platform administration and certain other limited uses which are necessary for the services we provide to you.
2.1 INFORMATION THAT IS PUBLICLY ACCESSIBLE
It is important to remember that most information on Voice is accessible to all, whether the person accessing the information is a registered user or a visitor to Voice.
Information that is publicly accessible includes the following:
- Certain information you give us when you sign-up for an account. This includes:
- Your full name.
- The photo you provide to us to use as your profile photo.
- Your place of residence.
- Information that you or others post on Voice. This may be text, images, videos or other material. This includes:
- Your posts.
- Your comments on your own posts and on other users’ posts.
- Responses to comments.
- Information about actions you take on Voice. This includes:
- The content that you engage with (for example, by liking or using Voice It).
- The features that you use.
- The actions you take in relation to content (for example, sharing or commenting).
- The actions you take in relation to other users (for example, following or unfollowing).
- The actions you take in relation to tokens (for example, using Voice It).
2.1.1 HOW IS PUBLICLY ACCESSIBLE DATA STORED AND PROCESSED
One key part of the operation of Voice is the blockchain maintained by us that we call the Voice Chain. Records of all posts made by users on Voice, as well as records of all actions taken by users on Voice, are published on the Voice Chain (but note that only a cryptographic hash of the content of posts is recorded on the Voice Chain – see next paragraph) and are associated only with a pseudonymized Voice ID. The Voice Chain forms a permanent, uneditable and auditable catalogue of all posts and actions which will persist even if we delete other information that we hold about you. The Voice Chain may also be accessible by persons who are not directly using or visiting Voice – for example, if someone carries out a search on a search engine.
The Voice Chain does not include a clear copy of the content of posts and comments. Anyone looking directly at the Voice Chain will instead see a “hash”, which is a shortened cryptographic representation of this content. We can use the hash to validate posts. Actions, such as when you ‘Like’ another user’s post, are recorded on the Voice Chain in a clear way, so that everyone can understand what actions have been taken. Hashed posts and comments, and recorded actions, are all associated only with a pseudonymized Voice ID and not with any personal identifiers such as your username or your actual name.
Please remember that it is possible for third parties to take information which is publicly accessible on Voice and use it without our knowledge. This is outside of our control and any such use is beyond the remit of this Privacy Notice. Depending on your place of residence, such third parties may be obliged to notify you if they have obtained your personal data in this way.
Please also remember that it is possible for other users to post information about you on Voice and this will be publicly accessible. This is outside of our control. If you believe another user has infringed the Ground Rules (or other Policies specified in the Terms of Use) by posting information about you, you may choose to report such post following the procedures set out in the Ground Rules.
2.2. INFORMATION THAT IS NOT PUBLICLY ACCESSIBLE
We process certain information about you which is not publicly accessible:
- Certain information that we collect as part of the sign-up process. This may include:
- Verification that you are over the age of 18.
- Your email address.
- Your preferred name.
- Your phone number.
- Human signup information, through a liveness and face detection software, that is used to verify that you are real and physically present. It makes this assessment based on the ‘selfie’ that you upload.
- Other identifying or contact information you provide to us.
- Information you otherwise provide to us. This includes:
- Information you provide when registering your interest in Voice.
- Updates you provide within the platform or via Help Center.
- Information you provide in any emails or other correspondence you send to us.
- Information you provide in submitting any question or comment or completing any survey, questionnaire or other form.
- Information that our platform and other systems collect about you.
- When you use or visit Voice, it will automatically collect some information about you and your visit, including Internet and network activity such as the Internet Protocol (IP) address (which may provide information about your location) used to connect your device to the Internet and some other information such as your browser type and version, website navigation patterns, the pages that you visit as well as the timing, length, frequency of each visit.
- We use third-party service providers to run data analytics. Voice may also download “cookies” to your device or place cookies onto your browser. For more information about these service providers and the nature of the services they provide and a description of the cookies we use, please refer to our separate Cookie Notice.
- If you exchange emails, telephone conversations or other electronic communications with our employees and other staff members, our information technology systems may record details of those conversations, sometimes including their content, which may include visual and audio information about you.
- Information that we collect from any identity and address verification third-party service provider.
- During the human signup process, a liveness check will be undertaken to establish that you are a living person and matched to the ‘selfie’ you have submitted. This is to ensure that you are a real person (not a bot) and also prevent duplicate accounts.
- Depending on the Voice services that you use, you may be asked to provide information as part of the identity verification process when you sign-up. It may include copies of the documents you submit to our service providers (for example, your passport or other ID document) and information our service providers derive from those documents for identity verification purposes.
- Please see the Terms of Use for further information about our relationship with our service providers and the identity verification process, including an explanation of why we verify the identity of users.
- When you are going through the identity verification process, you should refer to any separate privacy policy made available by the relevant service provider for further information about how they process your personal data.
- Other information.
- We may also collect certain information from other sources. For example, we sometimes collect information from third-party data providers or publicly available sources for anti-money-laundering, background checking and similar purposes, and to protect our business and comply with our legal and regulatory obligations.
- Such information may also be processed by our service providers (see Section 5 below).
- We do not market to and do not knowingly collect any Personal Data from or about a child under the age of 16 without the consent of the child’s parent or legal guardian. Voice is not intended for children under the age of 16. Children under the age of 16 must not use Voice for any purpose. If you believe we have any Personal Data from any children under the age of 16 without such parental/guardian consent, please contact us at the email address specified below.
- We do not sell any of your information to anyone, and we never will without your consent. We also impose strict restrictions on how our partners can use and disclose the data we provide.
3. HOW WE MAY USE YOUR INFORMATION AND BASIS OF PROCESSING
We only process certain types of your information as necessary to fulfil our Terms of Use and with your consent for specific purposes through enabling and disabling settings on the Voice platform. For users who live in the European Economic Area (EEA), it also identifies the legal basis under which we process your data:
Information | Lawful Basis | Purpose of Processing |
---|---|---|
Registration and Log-in Data | Contract | to create your user account; to login to your account; notify you of changes to Voice; provide user support; to enforce Voice terms, conditions and policies; to communicate with you; to develop new and improve existing services; administer the platform including troubleshooting; to enable you to share content and interact with others; to provide language and location customization; to detect abuse, fraud and illegal activity on Voice. |
Human signup process | Given that this involves collection of biometric data the lawful basis under article 6 of GDPR is Contract & under article 9 is explicit consent | use of face image and ‘selfie’ to authenticate user is human (prevent bot accounts); prevent duplicate accounts; ensure individual that has been removed from Voice due to non-adherence to Ground Rules is not readmitted. |
Shared Information | Contract | to manage the Voice platform in accordance with your instructions and requests (including posting, liking, sharing, commenting on content, whether yours or other users); to provide personalized help and instructions; to provide language and location customization; to develop new and improve existing services; administer the platform including troubleshooting; ensure content is presented is the most appropriate format for your device. |
Security and investigations | Legitimate Interest: Security and protection of data | To operate, administer, secure and improve Voice, the Voice Chain, and other aspects of the way in which we conduct our operations to promote safety and security; to communicate with you, on Service-related issues; verify accounts and activity (This includes processing data for identity verification purposes and in order to confirm that the same user does not have more than one account or prevent the user from signing up to the platform again if they have removed due to misuse); prevent harmful conduct or illegal content; detect spam; investigate suspicious activity in breach of our Terms of Use and Ground Rules; to protect our business from fraud, money-laundering, breach of confidence, theft of proprietary materials and other financial or business crimes; To administer the Terms of Use, Ground Rules and any other Policies specified in the Terms of Use, and any other policies and rules applicable to Voice. |
Customer Support | Legitimate interest: respond, resolve and investigate customers’ queries/complaints | to answer any users queries to resolve accounts issues. |
Sharing with law enforcement/legal requests | Legal Obligation | to comply with valid legal requests; to comply with our legal and regulatory obligations. |
Protection of interests of an individual | Vital Interests | protection of your life or physical integrity or that of others; to combat harmful conduct; to promote safety and security. |
Marketing Information | Consent | to provide you with personalized advertising; send emails with details about products/services that may be of interest to you. |
Data Analytics | Consent | provision of data analytics to third parties based on information available on the Voice Chain relating to your interactions with the platform and other information about your use of Voice. |
Verified user accounts | Consent | Use of other social media accounts to verify your account during sign up (optional). |
4. DISCLOSURE AND INTERNATIONAL TRANSFER OF YOUR INFORMATION
We may disclose personal data about you:
- To other members of the Block.one Group, as reasonably necessary for them to complete the processing activities and on the legal bases set out above;
- To our suppliers, subcontractors and service providers who need access to the data to assist us with operating Voice. They include service providers who host our websites, or other information technology systems, or otherwise hold or process your information on our behalf, under appropriate conditions of confidentiality and security. We endeavour to only share the minimum amount of Personal Data that these service providers need to perform their tasks;
- To a person who intends to or is taking over our business and assets, or relevant parts of them, due to a prospective or concluded merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy, or other change of ownership or control;
- To regulatory, prosecuting and other governmental agencies, courts or authorities or litigation counterparties, in any country or territory; and
- To comply with any applicable laws or regulations; protect our legitimate rights, privacy, property, vital interests, health and safety, as well as those of our customers, business partners, personnel, or the general public; seek professional advice, manage risk (including obtaining and managing insurance), pursue available remedies or limit damages; enforce our Terms of Use; or respond to an emergency.
These disclosures may involve transferring your personal data to any of our offices overseas for processing in accordance with this Privacy Notice and as permitted by the applicable laws. If you are dealing with us within the European Economic Area (EEA) or the United Kingdom (UK), you should be aware that this may include transfers to countries outside the EEA / UK. Such intra-organisational transfers are based on approved mechanisms.
Where we rely on our service providers located outside of your jurisdiction and acting as data processors, we ensure that they are subject to laws ensuring an adequate level of data protection as set out in an applicable adequacy decision of the relevant regulatory authority (which may include the EU-U.S. Privacy Shield) or will ensure that an adequate level of data protection will be available on the basis of standard contractual clauses that will allow you to directly enforce your rights as a third-party beneficiary.
5. RETENTION AND DELETION OF YOUR INFORMATION
We retain your personal information for the period of time necessary to fulfil the purposes outlined in this Privacy Notice and our record retention policies, unless a longer retention period is required by law. To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
We delete or anonymize the information that we hold about you after the retention period set in relation to your information. That being said, as explained above, certain anonymized information will be retained permanently in hash form on the Voice Chain.
Further information about our record retention policies is available on request. Please contact us through one of the communication methods set out below.
6. SECURITY OF YOUR INFORMATION
The security of your information is important to us. We have implemented appropriate technical, physical and administrative security measures intended to protect your Personal Data from unauthorized access, disclosure, alteration or destruction. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
7. Automated decision-making
We use personal data to make automated decisions relating to use of our services. This includes:
- Human signup through a software that will decide whether the user is physically present and is a unique human on the Voice platform. Where it is determined that the user is not, the account will be rejected. If rejected, users may request that Voice support perform a manual check to validate the accuracy of the decision made by the software and to assist them with the signup process.
8. RIGHTS OF INDIVIDUALS IN CERTAIN PLACES
If you are located in certain places, you may have some or all of the following rights pursuant to data protection or privacy laws that apply to you:
- A right of access to the personal data that we hold about you, and information related to how we process your data. Such related information include information on the categories of data, the sources from which it originated, the purpose and legal basis for the processing, the expected retention period, the recipients of your Personal Data, and the safeguards regarding data transfers to other jurisdictions, subject to the limitations set out in applicable laws and regulations. We will provide you with one copy of your personal data free of charge, but we may charge you a reasonable fee to cover our administrative expenses if you request further copies of the same information.
- A right to require any inaccurate personal data that we hold about you to be corrected or deleted.
- A right to ask us to delete your personal data. We will decline your request for deletion if processing your Personal Data is necessary: (i) to comply with our legal obligations such as fraud detection and monitoring; (ii) or being required to perform a task in the public interest; (iii) in pursuit of a legal action; (iv) for exercising the right of freedom of expression and information; and (v) for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing.
- A right to ask how your personal data has been shared, if at all, with third parties for the third parties’ direct marketing purposes, as well as to object to our use of your personal data for direct marketing purposes at any time.
- A right to object to our processing of some or all of your personal data – based on our legitimate interest (or that of a third party) – on the basis that it impacts on your fundamental rights and freedoms.
- A right to restrict our processing of some or all of your personal data if:
- you dispute the accuracy of your personal data;
- your Personal Data was processed unlawfully and you request a limitation on processing, rather than the deletion of your personal data;
- we no longer need to process your personal data, but you require your Personal Data in connection with a legal claim; or
- you object to the processing pending verification as to whether an overriding legitimate ground for such processing exists.
We may continue to store your personal data to the extent processing is required or based on one of the following bases: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
- A right to data portability, which means you may receive your personal data in a structured, commonly used and machine-readable format. However, you may only exercise this right if the processing of your data is based on your consent or carried out by automated means.
- A right to withdraw, at any time, any consent that you gave us to process your data. Your consent withdrawal will not affect the lawfulness of the processing done before the withdrawal.
If you wish to exercise any of these rights that apply to you, please contact us as set out below. When exercising any of these rights, you will have to prove your identity to our satisfaction so that we can be sure that they apply to you and to safeguard your information from unauthorized access by someone impersonating you.
In the event where you do not have the benefit of a particular right (whether stated above or not) or we do not have to comply with a particular obligation, we may nevertheless without obligation and in our sole discretion grant you the benefit of such right or choose to fulfil such obligation but are under no continuing obligation to do so.
You may also be able to lodge a complaint about our processing of your personal data with the body regulating data protection in your country, where you live or work, or the location where the data protection issue arose, but we would invite you to attempt to resolve the issue with us first.
9. DO NOT TRACK
Certain web browsers and other devices you may use to access Voice may permit you to submit your preference that you do not wish to be “tracked” online. We do not currently commit to responding to these submissions, in part, because no common industry standard for “do not track” has been adopted by industry groups, technology companies, or regulators. We will make efforts to monitor developments around “do not track” browser technology and the implementation of a standard.
10. Contact Us
We welcome questions, comments and requests regarding this Privacy Notice and our processing of personal data. Please be sure to review the Voice FAQ. Please use the following means to contact us:
- By mail to: 4001 Kennett Pike, Suite 302, Wilmington, Delaware 19807, United States
- By email to: [email protected]
- By phone at: +1 540 315 8111
f you are in the EEA, you may also contact our EU Representative, designated for the purposes of Article 27 of the GDPR:
- By mail to: Achieved Compliance Advocacy, Ltd., Attn: Ms. S. Ali re Voice, Princess House, Princess Way, Swansea, UK SA1 3LW
- By email to: [email protected]
Alternatively, you may contact our appointed data protection officer whose contact details are as follows:
- By mail to : HewardMills Ltd., 77 Farringdon Road, London, UK EC1M 3 JU.
- By email : [email protected]
Please also contact us using the method above if you have a disability and require this Privacy Notice in an alternate format.
11. CHANGES TO THIS PRIVACY NOTICE
Any changes we make to this Privacy Notice in the future will be made available on Voice and also available if you contact us as set out above. Please check back frequently to see any changes. To the extent permitted by law, by continuing to use Voice after changes have been posted, you are confirming that you have read and understood the latest version of this Notice.
If you do not agree with any of the statements set out in this Privacy Notice, you should stop using Voice in any way.