LEGAL_FRAMEWORK

Privacy Protocols

Effective Date: December 26, 2024Last Updated: December 26, 2024

The Utility Foundation ("Foundation," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with our websites, applications, services, and blockchain-based protocols (collectively, the "Services").

1. Information We Collect

1.1 Information You Provide Directly

We collect information you voluntarily provide when interacting with our Services, including:

  • Contact Information: Name, email address, phone number, mailing address, and organizational affiliation.
  • Account Information: Username, password, and account preferences.
  • Transaction Information: Wallet addresses, transaction histories, and payment details for donations or purchases.
  • Communications: Correspondence with our team, feedback, survey responses, and support inquiries.
  • Professional Information: Company name, job title, and industry sector for partnership inquiries.

1.2 Information Collected Automatically

When you access our Services, we automatically collect certain technical information:

  • Device Information: Hardware model, operating system, unique device identifiers, and mobile network information.
  • Log Data: IP address, browser type, access times, pages viewed, referring URL, and click-stream data.
  • Blockchain Data: Public wallet addresses and on-chain transaction data when interacting with our protocols.
  • Cookies and Tracking Technologies: Information collected via cookies, web beacons, and similar technologies (see Section 6).

1.3 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Identity verification services for compliance purposes.
  • Analytics providers and advertising networks.
  • Public blockchain networks and on-chain data aggregators.
  • Social media platforms when you interact with our social presence.

2. How We Use Your Information

We use collected information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our Services, process transactions, and fulfill your requests.
  • Communications: To send administrative notices, respond to inquiries, and provide customer support.
  • Personalization: To customize your experience and deliver relevant content and recommendations.
  • Analytics: To analyze usage patterns, monitor performance, and improve our Services.
  • Security: To detect, prevent, and address fraud, abuse, and security incidents.
  • Compliance: To comply with legal obligations, including anti-money laundering (AML) and know-your-customer (KYC) requirements.
  • Marketing: To send promotional communications (with your consent where required).
  • Research: To conduct research and development for new products and services.

3. Legal Basis for Processing (EEA/UK Users)

For users in the European Economic Area and United Kingdom, we process personal data based on:

  • Contract Performance: Processing necessary to fulfill our contractual obligations to you.
  • Legitimate Interests: Processing for our legitimate business interests, such as fraud prevention, security, and service improvement.
  • Legal Compliance: Processing required to comply with applicable laws and regulations.
  • Consent: Processing based on your explicit consent, which you may withdraw at any time.

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Service Providers

We engage third-party vendors to perform services on our behalf, including cloud hosting, analytics, payment processing, and customer support. These providers are contractually bound to protect your information and use it only for specified purposes.

4.2 Legal Requirements

We may disclose information when required by law, subpoena, court order, or government request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change in ownership or control.

4.4 With Your Consent

We may share information with third parties when you provide explicit consent or direct us to do so.

4.5 Aggregated or De-identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you for research, analytics, or marketing purposes.

5. Data Retention

We retain personal information for as long as necessary to:

  • Provide our Services and fulfill the purposes described in this Policy.
  • Comply with legal, regulatory, and contractual obligations.
  • Resolve disputes and enforce our agreements.
  • Maintain security and prevent fraud.

Blockchain-based transaction data is immutable and cannot be deleted from public ledgers. However, we will delete or anonymize any personal information we control upon request, subject to legal retention requirements.

6. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to:

  • Authenticate users and maintain session security.
  • Remember user preferences and settings.
  • Analyze website traffic and usage patterns.
  • Deliver targeted advertising (where permitted).

You can manage cookie preferences through your browser settings. Note that disabling cookies may affect Service functionality.

7. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit (TLS 1.3) and at rest (AES-256).
  • Multi-factor authentication for administrative access.
  • Regular security audits and penetration testing.
  • Access controls and employee training programs.
  • Incident response and breach notification procedures.

While we strive to protect your information, no method of transmission or storage is 100% secure. You are responsible for maintaining the security of your wallet private keys and account credentials.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information (subject to legal exceptions).
  • Portability: Request your data in a structured, machine-readable format.
  • Restriction: Request restriction of processing in certain circumstances.
  • Objection: Object to processing based on legitimate interests or for direct marketing.
  • Withdraw Consent: Withdraw previously given consent at any time.

To exercise these rights, contact us at privacy@theutilityfoundation.org.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission.
  • Adequacy decisions for approved jurisdictions.
  • Binding Corporate Rules where applicable.

10. Children's Privacy

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child, we will delete it promptly. If you believe a child has provided us with personal information, please contact us immediately.

11. California Privacy Rights (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including:

  • The right to know what personal information is collected, used, and shared.
  • The right to delete personal information.
  • The right to opt-out of the sale or sharing of personal information.
  • The right to non-discrimination for exercising privacy rights.
  • The right to correct inaccurate personal information.
  • The right to limit use of sensitive personal information.

We do not sell personal information as defined by the CCPA/CPRA.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated Policy on our website and updating the "Last Updated" date. Your continued use of our Services after changes become effective constitutes acceptance of the revised Policy.

13. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

The Utility Foundation

Privacy Office

Email: privacy@theutilityfoundation.org

For EEA/UK residents, you also have the right to lodge a complaint with your local data protection authority.