Privacy Notice for ICN User Interface

Last updated: Janurary 08, 2025

This privacy notice (“Privacy Notice”) explains the basis for our collection of personal data when you access and use the user interface (“ICN User Interface”) for connecting your wallets to the Impossible Cloud Network (“ICN”), and sets out how we use your personal data, the conditions under which we disclose it to others and the measures we take to keep it   secure.   In   addition,   we   may   inform   you   about   the   processing   of   your   personal   data separately, for example in consent forms, terms and conditions, additional privacy notices, forms, and other notices. We use the word “data” here interchangeably with “personal data”.

If you provide information to us about you or any person other than yourself, you must ensure that the data is accurate and that these other people understand how their data will be used, that they have given their permission for you to disclose it to us and for you to allow us, and our service providers, to use it. You are welcome to provide them with a copy of this Privacy Notice.

  1. Controller

The responsible person for processing your data under this Privacy Notice (“Controller”) unless we tell you otherwise in an individual case is:

Impossible Cloud Network Foundation

Dammstrasse 16

6300 Zug

legal@icn.global

You may contact us regarding data protection matters and to exercise your rights at the email addresses listed above.

Our Data Protection Representative in the EU under the GDPR is:

Jörg Kahler

GSK Stockmann

Mohrenstraße 42

10117 Berlin

joerg.kahler@gsk.de

2. Data Collection and Purpose of Data Processing

We process the following data about you for the purposes outlined below:

2.1   ICN User Interface

When you access and use the ICN User Interface, we collect data that is necessary for the functionality and security of the ICN User Interface.

The data collected includes: IP address; information about the operating system of your end device; location data and geographical information; cookies; referrer URL; amount of data transferred; date, region, and time of the server request; name of your Internet provider; protocols; information regarding your consent to the GTC; your acknowledgement of this Privacy Notice; etc.

2.2   Wallets

To access the ICN, a wallet must be connected via the ICN User Interface. These wallets are provided by third-party providers, meaning we have no control over the wallets, the tokens held within them, or the associated private keys. When you use the functionalities of these wallets through the ICN User Interface, transactions and data are processed directly on-chain, as described in Section 7 of this Privacy Notice. This means that your transaction data and wallet addresses, are recorded on the public blockchain, and we do not have the ability to alter, intercept, or reverse these transactions. Furthermore, we cannot recover lost private keys or access funds stored in your wallet.

2.3   Registration and KYC

Certain  purchases  on  specific  blockchains  require  completion  of  a  registration  process, including Know Your Customer (KYC) verification. After connecting your wallet, you will need to identify yourself by providing, among other information, a face scan, identification documents, and proof of address. The data collected during this process is used to provide our services and to ensure their functionality and security.

The data collected includes: surname; first name; address; phone number; email address; nationality;   date   of   birth;   gender;   legally   required   information   regarding   anti-money laundering   and   terrorist   financing;   photographs   of   your   face;   identification   documents; information regarding your agreement to the terms and conditions; acknowledgement of this data protection declaration and the AML and compliance guidelines; etc.

To comply with legal requirements and to prevent fraud, we collaborate with a third-party provider specializing in KYC checks. This provider acts on our behalf to verify your identity as part of the registration process. We are legally obligated to store the data collected in this context in accordance with applicable laws.

2.4   Contract and Services

We process your data for entering into a contract with you, perform and administer it and to provide our services to you.

The data collected includes: Information collected as part of the registration process; other information provided by you; information with regard to a possible conclusion of a contract and   about   the   conclusion   of   the   contract;   information   about   the   execution   and administration of the contracts; etc.

2.5   Innovation and Marketing

We process your data for marketing and business activities in relation to the ICN User Interface, in particular for the further development of the ICN User Interface, our services and any other platforms on which we operate. In addition, we and selected third parties may use your data to show you personalized content or advertising if and to the extent that you give us your consent, provided this is required by applicable law. You can object to such marketing activities or withdraw your consent at any time (see also Section 10 below).

All of the above data may be used for this purpose.

2.6   Communication

When you contact us by email, telephone, letter, or other means of communication, we collect the data exchanged between you and us for the purposes of communicating with you and providing our services related to the ICN User Interface to you, in particular to respond to your enquiries. By providing us with this data, you acknowledge that we use your data in accordance with this Privacy Notice.

The   data   collected   includes:   contact   details;   type,   manner,   place   and   time   of communication; content of communication; etc.

2.7   Safety or Security Reasons

We process your data to protect our IT and other infrastructure. For example, we process data for monitoring, analysis and testing of our networks and IT infrastructures including access controls.

All of the above data may be used for this purpose

2.8   Compliance with Law and Legal Procedures

We process your data to comply with legal requirements (e.g. to combat money laundering and terrorist financing (“Know Your Customer/KYC”), to fulfil tax obligations, etc.), and we might have to request further information from you to comply with such requirements or as otherwise required by law and legal authorities. Furthermore, we may process your data for the   enforcement   of   legal   claims   and   for   the   defense   in   legal   disputes   and   official proceedings.

All of the above data may be used for this purpose.

2.9   Risk Management, Corporate Governance and Business Development

We process your data as part of our risk management and corporate government in order to protect us from criminal or abusive activity. Subject to the limitations of our legal structure, we might sell businesses, parts of businesses or companies to others or acquire them from others or enter into partnerships as part of our business development. Such activities might result in the exchange and processing of data based on your consent, if necessary.

All of the above data may be used for this purpose.

2.10   Cookies

The ICN User Interface use cookies, and we may also allow certain third parties to do so(see   also   Section   2.11   below).   Cookies   are   text   files   that   are   stored   on   your   device(computer, laptop, smartphone, etc.) and that are necessary for the use of the ICN User Interface as such or certain functions or that enable the analysis of the use of the ICN User Interface.

Depending on the purpose of these cookies, we may ask for your express prior consent before cookies are used. You can access your current settings by opening the “[Cookies]”section in the ICN User Interface and you can withdraw your consent under the same link at any time.

2.11   Tools

We use the following tool(s) to ensure a tailored design and the continuous optimization of the   ICN   User   Interface:  “Know   Your   Customer”   and   “Know   Your   Business”   Solutions provided by Synaps SAS

2.12   Third-Party Offerings

The ICN User Interface may contain third-party offerings. Please note that when you use such link, your data such as IP address, etc. are transmitted to these third parties. We have no control over, do not review and cannot be responsible for these third-party websites or their content. Please be aware that the terms of this Privacy Notice do not apply to these third-party websites or their content, or to any collection of your data after you click on links to such third-party websites. We encourage you to read the privacy notices of every website you visit. Any links to third-party apps and websites are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.

2.13   Plug-Ins

We do not use plug-ins on the ICN User Interface. If the ICN User Interface contains icons from other third-party providers (e.g. Telegram, Discord, Twitter/X), we only use these for passive linking to the pages of the respective providers.

2.14   Third-Party Platforms

‍We operate accounts on third-party platforms (e.g. Telegram, Discord, Twitter/X). If you communicate with us via our accounts or otherwise interact with our accounts on these third-party platforms, your data will also be processed according to the privacy notices of the respective platform. Please find further information on the purpose and scope of data collection and processing by the third-party providers in their respective privacy policies.

3. Legal Basis for Data Processing

Where we asked for your consent, we process your data based on such consent. Where we did not ask for your consent and where required under applicable law, we process your data on other legal grounds, such as:

  • a contractual obligation;
  • a legal obligation;
  • a vital interest of the data subject or of another natural person;
  • to perform a public task;
  • our legitimate interest.

  1. Transfer of Data to Third Parties

As part of our data processing, we may share your data with third parties, in particular to the following categories of recipients:

Service Providers

We may share your information with service providers and business partners around the world with whom we collaborate to fulfil the above purposes (e.g. IT provider, KYC provider, advertising service provider, security companies, telecommunication companies, lawyers)or who we engage to process data for any of the purposes listed above on our behalf and in accordance with our instructions only.

Contractual Providers

If required by the respective contract, we will pass on your data to other contractual partners, dealers, subcontractors, etc.

Acquirers of Business

We may disclose your data to acquirers or parties interested in acquiring business units,
companies, or other parts of Impossible Cloud GmbH.

Contractual Providers

We may pass on data to offices, courts, and other authorities if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The authorities are responsible for processing data about you that they receive from us.

  1. Disclosure of Data Abroad

The data that we collect from you may be transferred to, processed, and stored in, a country outside   the   European   Economic   Area   (EEA)   or   Switzerland.   In   view   of   the   EEA   or Switzerland the law in some of those countries may not offer an adequate level of data protection.   We   only   transfer   data   to   these   countries   when   it   is   necessary   for   the performance of a contract or for the exercise or defense of legal claims, or if such transfer is based on your explicit consent or subject to safeguards that assure the protection of your data, such as the US-EU Data Privacy Framework, the US-CH Data Privacy Framework and/or the Standard Contractual Clauses approved by the European Commission (SCCs),adjusted according to Swiss law, all of the aforementioned if applicable and required.

  1. Profiling and Automated Decision Taking

We might analyze aspects of your individual’s personality, behavior, interest and habits make predictions or decisions about them for the purposes laid out in Section 2, e.g. to perform statistical analysis or to prevent misuse and security risks. This analysis identifies correlations   between   different   behaviors   and   characteristics   to   create   profiles   for individuals. For example, we may use profiling to determine in which products or services you might be interested. We may also use profiling to assess your creditworthiness. We do not   use   profiling   that   can   produce   legal   effects   concerning   you   or   similarly   significantly affect you without human review. In certain circumstances, automated decision taking might be necessary for reasons of efficiency   and   consistency.   In   such   cases,   we   will   inform   you   accordingly   and   take   the measures required by applicable law.

  1. On-Chain Data 

We might analyze aspects of your individual’s personality, behavior, interest and habits make predictions or decisions about them for the purposes laid out in Section 2, e.g. to perform statistical analysis or to prevent misuse and security risks. This analysis identifies correlations   between   different   behaviors   and   characteristics   to   create   profiles   for individuals. For example, we may use profiling to determine in which products or services you might be interested. We may also use profiling to assess your creditworthiness. We do not   use   profiling   that   can   produce   legal   effects   concerning   you   or   similarly   significantly affect you without human review. In certain circumstances, automated decision taking might be necessary for reasons of efficiency   and   consistency.   In   such   cases,   we   will   inform   you   accordingly   and   take   the measures required by applicable law.

8. Retention and Storage of Data

We might analyze aspects of your individual’s personality, behavior, interest and habits make predictions or decisions about them for the purposes laid out in Section 2, e.g. to perform statistical analysis or to prevent misuse and security risks. This analysis identifies correlations   between   different   behaviors   and   characteristics   to   create   profiles   for individuals. For example, we may use profiling to determine in which products or services you might be interested. We may also use profiling to assess your creditworthiness. We do not   use   profiling   that   can   produce   legal   effects   concerning   you   or   similarly   significantly affect you without human review. In certain circumstances, automated decision taking might be necessary for reasons of efficiency   and   consistency.   In   such   cases,   we   will   inform   you   accordingly   and   take   the measures required by applicable law.

  1. Data Security

We take appropriate organizational and technical security measures to prevent your data from   being   accidentally   lost,   used,   or   accessed   in   an   unauthorized   way,   altered,   or disclosed.   However,   we   and   your   data   can   still   become   victims   of   cyber-attacks, cybercrime,   brute   force,   hacker   attacks   and   further   fraudulent   and   malicious   activity including but not limited to viruses, forgeries, malfunctions, and interruptions which is out of our   control   and   responsibility.   We   have   also   put   in   place   procedures   to   deal   with   any suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. Your Rights

To the extent provided for by applicable law, you may request information free of charge about the data processed relating to you, its origin and recipients and the purpose of the data processing. You may also have the right to correction, deletion, restriction, or objection to processing, as well as to the transfer of the data to another controller. Furthermore, you can revoke your consent at any time with effect for the future. All you need to do is send us an informal email to the above address. Please note that the foregoing rights are subject to legal restrictions and may interfere with or make impossible the provision of our services.

11. Amendment of this Privacy Notice

Due   to   continuous   development   of   the   ICN   User   Interface   and   the   contents   there of, changes in law or regulatory requirements, we might need to change this Privacy Notice from time to time. Our current Privacy Notice can be found in the ICN User Interface

January 08, 2025