ARKHAM EXCHANGE
Privacy Policy
Effective Date: November 5th, 2024
About this Privacy Policy
Arkham Markets International, S.R.L. (“Arkham”, “Arkham Markets,” “we”, “us” or “our”) respects the privacy of our website visitors, users, customers, and members (referred to as “you” or “your”). This privacy policy (as posted on our website at www.arkm.com/privacy and as amended from time to time and effective as of the date posted) (“Privacy Policy”) describes the types of information we collect from you or that you may provide when you visit or use our arkm.com/exchange website (“Website”), purchase our products (“Products”), or use our data, services, information, tools, functionality, updates and similar materials and services (“Services”), and our practices for collecting, using, maintaining, protecting, disclosing, retaining, and transferring that information.
You should not use the Services if you have any objections to our Privacy Policy, which is binding upon all users of the Services. If you have a question about how your personal data is being used, you can contact us through the methods provided in the “Contact Us” section at the end of this Privacy Policy.
In all instances in this Privacy Policy, “our servers” means servers that we own or on which the Service is hosted, or which are otherwise utilized by the Service.
For avoidance of doubt, your user data collected by Arkham Markets is not shared with or supplied to the Arkham Intelligence service at [ARKHAM INTELLIGENCE URL] (“Arkham Intelligence”) for use in the blockchain analytics and/or deanonymization services offered by the Arkham Intelligence web application or platform. Your use of the Arkham Markets service is subject to Arkham Markets’ terms of service and this privacy policy. Your use of the Arkham Markets service is not subject to Arkham Intelligence’s terms of service or privacy policy.
Acknowledgement and Consent
By visiting our Website, or purchasing or using our Products or Services in any manner, you acknowledge that you accept the terms, practices and policies described in this Privacy Policy (and as updated from time to time), and you hereby consent that we may collect, use, process, share, retain, and transfer your information as described herein. If you do not agree with our policies and practices, your choice is not to use our Website or our Services. Your use of our Website and our Services is at all times subject to our Terms and Conditions (available at arkm.com/legal/privacy and as amended from time to time and effective as of the date posted (the “Terms”)), which is incorporated by reference herein. Any capitalized terms we use in this Privacy Policy without defining them have the definitions given to them in the Terms.
Changes to Our Privacy Policy
We are constantly working to improve our Website and Services, and we may need to change this Privacy Policy from time to time as well. Our current Privacy Policy will always be on our Website and any updates will be effective upon posting. You are responsible for periodically checking our Website for updates. Under certain circumstances, we also may elect to notify registered Users of changes or updates to this Privacy Policy by additional means, such as posting a notice on the Website or by sending you an email, but you should not rely on receiving such additional notice
What Information Does This Privacy Policy Cover?
This Privacy Policy covers our treatment of your personally identifiable information. “Personal Data” generally refers to any unencrypted or non-deidentified information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with a particular person. However, the definition of Personal Data may vary depending on the state or country in which you reside, and that state’s or country’s definition will apply to your Personal Data in the context of this Privacy Policy. Please see additional information below on the particular information we may collect.
If you are a citizen or resident of the European Economic Area (“EEA”), United Kingdom, or Switzerland, the definition of Personal Data is defined under the General Data Protection Regulation (“GDPR”), or its equivalent in the UK or Switzerland, and you have certain rights; therefore, please see the section below entitled “GDPR”.
Personal Data does not include information publicly available from government records or information excluded by applicable law. Personal Data also does not include your Personal Data that has been deidentified, pseudonymized, anonymized, aggregated, and/or otherwise processed so as to be unidentifiable in such a way that the data can no longer be attributed to a specific individual (by reasonable means) without the use of additional information, and where such additional information is kept separate and under adequate security to prevent unauthorized re-identification of a specific individual such that one could not, using reasonable efforts, link such information back to a specific individual (collectively, all of the foregoing in this sentence being referred to as “De-Identified Personal Data”).
What Personal Data Do We Collect and How Do We Collect It?
We may collect several categories of Personal Data from and about you as summarized in the following table:
| Category | Specific Items of Personal Data |
|---|---|
| Identifiers | first and last name, user name (which may include first and last name), email address, postal address, unique personal identifier (e.g., customer/account/user name or number), phone number, mobile device identifier, driver’s license or government-issued ID number, passport number |
| Demographic | birth date, national origin, country of residence |
| Characteristics of protected classifications under California or federal law | color, sex (i.e., male/female/nonbinary), gender, gender identity and expression, age, disability, political opinions |
| Biometric information based on characteristics | image and likeness, biometric data (such as facial recognition data) for the purpose of uniquely identifying a natural person |
| Commercial information | products/services purchasing history and tendencies |
| Internet or other electronic network activity; device information | type and manufacturer of device and its ID/UDID or similar device-specific code, Internet Protocol (IP) address, protocol, and/or sequence information, operating system and platform, Internet service provider or mobile carrier’s name, connection speed, and connection type, browsing, session, interaction, and search history related to our Website, cookies, pixel tags, browser type, language, and version, screen resolution, domain name system requests, Media Access Control (MAC) address, pages you have visited, material and pages viewed, time and date of access to our Website, number of bytes transferred, number of clicks per visit, date stamp and URL of the last webpage visited before visiting our Website, and URL of the first page visited after leaving our Website, pages viewed, time spent on a page, click-through and clickstream data, queries made, search results selected, comments made, type of service requested, hypertext transfer protocol headers, application client and server banners |
| Sensory information | voice and/or video recording |
| Professional or employment information | email address that identifies a person (e.g., [email protected] versus [email protected]), employer, employment status and history, work experience |
| Inferences drawn from any of the above to create a profile of a consumer | a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes |
| Education information that is not publicly available personally identifiable information (pursuant to FERPA) | education records directly related to a student maintained by an educational institution or party acting on its behalf (e.g., school name, grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records) |
| Other information | cryptocurrency (digital) wallet address, source of funds and source of income, adverse media and public records, other financial account information |
We may also collect the following Personal Data:
How We Collect Personal Data and from What Sources
Information You Provide Us. The Personal Data we collect through our Website, or from our representatives, business partners, Service Providers, affiliates, divisions, subsidiaries, exhibitors, and sponsors may include the following:
Information We Collect Through Automatic Data Collection Technologies. As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including the following:
Details of your visits to our Website, including, but not limited to, website traffic data, logs, and other communication data and the resources that you access and use on the Website.
Information about your computer, mobile device, and internet connection, including your IP address, operating system, browser type, clickstream patterns, the URL of the most recent website you visited before coming to our Website, the amount of time you spent on our Website, and the pages you viewed while on our Website.
Behavioral Tracking. We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services, or associate Personal Data with other information collected in this manner.
Cookie Notice and Policy. The technologies we use for automatic data collection may include cookies, local storage cookies, web beacons, pixel tracking, GIF, IP address, and other technologies. Each of these is discussed below.
Browser Cookies
Browser cookies are small files placed on the hard drive of your computer or mobile device. They may contain certain data, including, but not limited to: the name of the server that has placed it there, an identifier in the form of a unique number, and, an expiration date (some cookies only). Browser cookies are managed by the web browser (Chrome, Microsoft Edge, Safari, etc.) on your computer or mobile device. Different types of cookies which have different purposes are used on our Website.
Essential Cookies
Essential cookies are essential to allow you to browse our Website and use its functions. Without them, services such as shopping baskets and electronic invoicing would not be able to work.
Performance Cookies
Performance cookies collect information on the use of our Website, such as which pages are consulted most often. This information enables us to optimize our Website and simplify browsing. Performance cookies also enable our affiliates and partners to find out whether you have accessed one of our Website pages from their site and whether your visit has led to the use or purchase of a Product or Service from our Website, including the references for the Product or Service purchased or used. These cookies do not collect any information which could be used to identify you. All the information collected is aggregated, and therefore anonymous.
Functionality Cookies
Functionality cookies enable our Website to remember the choices you have made when browsing. For example, we can store your general geographic area (but not precise geolocation) in a cookie so that the Website corresponding to your geographic area is shown. We can also remember your preferences, such as the text size, font, and other customizable aspects of the Website. Functionality cookies also may be able to keep track of the products, pages, or videos consulted to avoid repetition. The information collected by these cookies cannot be used to identify you and cannot monitor your browsing activity on sites which do not belong to us.
It is possible that you will come across third-party cookies on some pages of sites that are not under our control.
We also use cookies such as functionality cookies to implement tracking technology on our Website. This allows us to display advertising that is tailored to you on our Website, to understand which parts of our content interest you the most, and which Product or Service categories you request. This tracking uses De-Identified Personal Data. Some of our service providers are allowed to place cookies on our Website. Those companies also may provide you with the option of preventing the use of cookies in the future. For more information, contact the relevant third-party provider.
At any time, you can prevent the use of cookies in the future. You may activate the appropriate setting in your browser to refuse to accept browser cookies. However, if you do, your experience on our Website may be affected; e.g., you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
Local Storage Cookies
Certain features of our Website may use local stored objects to collect and store information about your preferences and navigation to, from and on our Website. Local storage cookies are not managed by the same browser settings as are used for browser cookies.
Web Beacons. Pages of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count visitors who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Pixel Tracking. In addition to using cookies, the Website may employ “pixel tracking,” a common process which may be used in connection with advertisements on other sites. Pixel tracking involves the use of pixel tags that are not visible to the user and consist of a few lines of computer code. Pixel tracking measures the effectiveness of advertisements and compiles aggregate and specific usage statistics. A “pixel tag” is an invisible tag placed on certain pages of websites that is used to track an individual user’s activity. We may access these pixel tags to identify activity and interests that may allow us to better match our Products, Services, and offers with your interests and needs. For example, if you visit our Website from an advertisement on another website, the pixel tag will allow the advertiser to track that its advertisement brought you to the Website. If you visit our Website, and we link you to another website, we also may be able to determine that you were sent to and/or transacted with a third-party website. This data is collected for use in our marketing, research, and other activities.
GIF. We may use tiny images known as clear GIFs to track behavior of users, including statistics on who opens our emails.
IP Address. Our servers (or those of our service providers) automatically record certain log file information reported from your browser when you access the Website. These server logs may include information such as which pages of the Website you visited, your internet protocol (“IP”) address, browser type, and other information on how you interact with the Website. These log files are generally deleted periodically.
Transmitting Personal Data from our Website (GPC Signal). We respond to the Global Privacy Control (“GPC”) signal. The GPC signal is a browser-level signal that can reflect the desire to opt-out of having Personal Data shared or sold. Some browsers allow transmission of GPC signal. By broadcasting this signal, we will not transmit your Personal Data to third parties who perform analytics services or who advertise to you based on this information. Please note that when your browser broadcasts the GPC signal, we will limit the functionality of our Website and prevent the Website from transmitting your Personal Data to third parties. We will also treat this GPC signal as a verified request to stop selling your Personal Data and stop processing your information for purposes of targeted advertising. However, the GPC signal does not fully identify you by name or email address. Therefore, we may not be able to honor this request for other interactions you may have or have had with us. You may also submit an opt-out privacy request with your email, phone number and other Personal Data for us to complete the opt-out process.
Information We Collect from Third Parties
We may collect information that others provide about you when you use the Website, or obtain information from other sources and combine that with information we collect through the Website.
Employment and Background Information. For applicants outside of the United States, to the extent permitted by applicable laws, we may obtain the local version of background or checks. You agree to and do hereby consent to our use of such information, including your full name and date of birth, to obtain such reports.
Other Sources. We may combine personal data we receive from or about you with information we obtain from other sources, such as: public sources, including blockchains; social media platforms, such as Facebook, X, and others if you choose to enter into our optional integration with them; and, marketing partners, such as companies that have entered into joint marketing relationships with us. To the extent permitted by applicable law, we may receive additional information about you, such as demographic data or fraud detection information, from third-party Service Providers and/or partners, and combine it with information we have about you. For example, we may receive background check results or fraud warnings from Service Providers like identity verification services for our fraud prevention and risk assessment efforts. We may receive information about you and your activities on and off the Website through partnerships, or about your experiences and interactions from our partners. Other examples of such providers include, but are not limited to, backend processing, fulfillment, automation, certification, video hosting platform, email management, authentication, form processing, website usage tracking, managing calendar invites and scheduling, and database hosting and management.
Third-Party Use of Cookies and Other Tracking Technologies
Some content or applications, including advertisements, on the Website is served by third parties, including advertisers, ad networks and servers, content providers and application providers. First-party or third-party cookies may be used alone or in conjunction with web beacons or other tracking technologies to collect or compile information regarding user interactions with ad impressions and other ad service functions as they relate to our Website. A first-party cookie is a cookie set by the domain name that appears in the browser address bar. A third-party cookie is a cookie set by (and on) a domain name that is not the domain name that appears in the browser address bar. It might be set as part of a side resource load (image, JS, iframe, etc., from a different hostname) or an AJAX HTTP request to a third-party server. The information that first-party and third-party cookies collect may be associated with your Personal Data or they may collect information, including Personal Data, about your online activities over time and across different websites and other online services (i.e., tracking such activities). They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. We, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our Website. More information on how to opt-out of third-party advertiser tracking mechanisms is available here.
Google Tools. We may use tools provided by Google as described below.
Google Analytics. We may use, and/or some of our third-party Service Providers may use, Google Analytics or other analytics service to help us understand the use of our Website and Services. Google Analytics is a web analysis service provided by Google. Google utilizes data it collects to track and examine the use of our Website to prepare reports on its activities and share them with other Google services. Google may use the data collected to contextualize and personalize the ads of its own advertising network. The Personal Data collected and processed may include cookies, usage data, and other internet information. This processing may constitute a “sale” of Personal Data. Such Service Providers may place their own cookies in your browser. This Privacy Policy covers use of cookies by us only and not the use of cookies by third parties.
We also may use MixPanel, provided by Mixpanel, Inc., One Front Street, 28th Floor, San Francisco, California 94111 (“Mixpanel”) to collect and process certain analytics data. More information about MixPanel’s data practices may be found online at https://mixpanel.com/privacy/. You may be able to opt-out of some, or all, of MixPanel analytics here, to https://mixpanel.com/optout/.
As you use the internet, you leave a trail of electronic information at each website you visit. This information, which is sometimes referred to as "clickstream data”, can be collected and stored by a website's server. Clickstream data can reveal the type of computer and browsing software you use and the address of the website from which you linked to our Site. We may use clickstream data as a form of non-personally identifiable information to determine how much time visitors spend on each page of our Site, how visitors navigate through the Site, and how we may tailor our web pages to better meet the needs of visitors. We will use this information to improve our Site and the Service.
Job Applicant Information. When you apply for employment with us, we may collect certain personal data from you for the purpose of evaluating your candidacy for a particular position. The information collected for these purposes may include:
Information you provide in connection with your application.
Information about you that is publicly available.
Health information, including disability information (if applicable).
Information that you authorize us to collect via third parties, including former employers or references.
Any other information provided in connection with your application.
We only use your personal data to assess your skills and experience in relation to the applicable job requirements. We may also use your personal data to contact you during the hiring process.
In certain circumstances, you may submit your application for employment through a third-party service that displays our job posting. We do not control the privacy practices of these third-party services. Please review their privacy policies carefully prior to submitting your application materials.
How Do We Use Personal Data?
We use information, including any Personal Data, that we collect about you or that you provide to us, for one or more of the following purposes:
We will not collect additional categories of Personal Data or use the Personal Data we collect for materially different, unrelated, or incompatible purposes without providing you notice thereof.
Research and Development. We may create and use anonymous, aggregated, or de-identified information for our business purposes, including to analyze the effectiveness of our Services, to improve and add features to our Services, and to analyze the general behavior and characteristics of users of our Services. We may use this anonymous, aggregated, or de-identified data and share it with third parties for our lawful business purposes.
Support and Maintenance. We use third party analytics services to automatically log certain information about your device and how you interact with the Services. The information collected is used to troubleshoot and prevent errors, perform data analysis, and enhance the Services, and develop new features.
Compliance and protection. We may use personal data to:
Protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims);
Enforce the Terms of Service that govern the Services;
Audit our internal processes for compliance with legal and contractual requirements and internal policies;
Prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft; and
Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
Direct Marketing. We may send you marketing communications via text message and/or email as permitted by law. You will have the ability to opt-out of our marketing and promotional communications as described in the “Opt-out of marketing communications and other push notifications” section below.
Interest-based Advertising. We may engage advertising partners, including third party advertising companies and social media companies, to advertise our and our customers’ and partners’ Services. We and our advertising partners may use cookies and similar technologies to collect information about your interaction (including the data described in the “Cookies and similar technologies” section above) over time across the web, our communications, and other online services, and use that information to serve online ads. You can learn more about your choices for limiting interest-based advertising in the “Online tracking opt-out” section below.
Consider Applicants for Employment. We will use employment information to consider an individual’s application for employment with Arkham or the Arkham Foundation.
How Do We Share Personal Data?
We may or do disclose your Personal Data, in whole or in part, to the following types of third parties, and for one or more of the following purposes:
| Type of Third Party | Purpose |
|---|---|
| Data storage or hosting providers | Secure storage and transmission of your data |
| Database and software service providers | Management and tracking of your data |
| Legal and compliance consultants, such as external counsel, external auditors, or tax consultants | Provide professional services to us |
| Identity management providers | Authentication purposes |
| Payment solution providers | Secure processing of payments you provide to us |
| Manufacturers, retailers, and wholesalers | Submission, processing, and management of rebates, discounts, offers, loyalty rewards, and the like |
| Fulfillment and shipping vendors | Fulfillment and delivery of Products and Services |
| Survey and research providers | Perform surveys or studies on our behalf |
| Advertising partners, including social media providers | Deliver targeted advertisements |
| Technology providers | Assist in the development and management of our Website |
| Outbound call center providers | Perform outreach on our behalf regarding our Products and Services |
| Publishers and learning providers | Develop products on our behalf |
| Learning technology and online event providers | Delivery and improvement of web events and learning programs and the tracking of your progress |
| Examination providers | Schedule and deliver credential and designation examinations |
| Digital credential providers | Deliver digital badges earned through your participation in learning programs |
| Our volunteers or committee members | Perform various functions on our behalf |
| Unrelated third-party list renters | One-time mail or email approved by us |
| Marketing providers | Sell mailing lists |
Disclosures to Service Providers. We may disclose your Personal Data to third parties for the purpose of providing or improving the Services to you. We may disclose your Personal Data to third-party service providers which perform services on our behalf (“Service Providers”). This includes, without limitation, Service Providers which provide services relating to: outbound and/or inbound communications, data analysis, credit checks, screening checks, sanctions checks, collection services, marketing assistance, managing customer information, creating, hosting, and/or providing customer or support services on our behalf, fulfilling orders, sending email, removing repetitive information from customer lists, providing search results and links (including paid listings and links), , or managing our conferences and other events. These Service Providers may have access to your Personal Data in order to provide these services to us or on our behalf. If we engage Service Providers for any of the foregoing, use of your Personal Data will be bound by obligations of confidentiality and their use of Personal Data will be restricted to providing their services to us. We may store Personal Data in locations outside our direct control (for instance, on servers or databases located or co-located with hosting Service Providers).
Required Disclosures. Except as otherwise described in this Privacy Policy, we will not disclose your Personal Data to any third party unless required to do so by law, court order, legal process (e.g., subpoena), including, but not limited to, in order to respond to any government, regulatory, or licensing request, or if we believe that such action is necessary to: (a) comply with the law, comply with legal process served on us or our affiliates, subsidiaries, service providers, or partners, or investigate, prevent; (b) enforce our Terms or customer agreement (including for billing and collection purposes); (c) take precautions against liability; (d) investigate and defend ourselves against any third-party claims or allegations or to investigate, prevent, or take action regarding suspected or actual illegal activities; (e) assist government enforcement agencies or to meet national or other security requirements; (f) to protect the security or integrity of our Website, Products, Services, or any software we provide related thereto; or, (g) exercise or protect the rights, property, or personal safety of us, our users or others. We will attempt to notify you, where reasonably practicable, about these requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law or regulation, or (ii) we believe that providing notice would be futile, ineffective, create a risk of harm to an individual or group, or create or increase a risk of acts of fraud done upon us or our users. In instances where we comply with legal requests without notice for these reasons, we will attempt to notify that user about the request after the fact if we determine in good faith that we are no longer legally prohibited from doing so and that no risk scenarios described in this paragraph apply.
Disclosure of De-Identified Personal Data. We may share De-Identified Personal Data with third parties for any purpose except as prohibited by applicable law, including, but not limited to, the following. De-Identified Personal Data or non-Personal Data may be aggregated for system administration and to monitor usage of the Website. It may be utilized to measure the number of visits to our Website, average time spent, number of pages viewed and to monitor various other Website statistics. This monitoring helps us evaluate how visitors use and navigate our Website so we can improve the content. We may share De-Identified Personal Data or anonymous information (including, but not limited to, anonymous usage data, referring/exit pages and URLs, IP address, platform types, number of clicks, etc.) with interested third parties in any way we choose and for any purpose. We may disclose, sell, rent, etc., your De-Identified Personal Data to third parties and we may receive valuable consideration for doing so.
Public Posting Areas and Community Chat Features
Please note that any Personal Data you include in the community chat feature on the platform or within the free text field, or elsewhere in the Services, is available to anyone with access to the platform or Services. If you don't want people to know your email address, for example, don't include it in a community chat message or in any free text fields. PLEASE BE EXTREMELY CAREFUL WHEN DISCLOSING ANY PERSONAL DATA IN THE PLATFORM'S COMMUNITY CHAT FEATURE OR FREE TEXT FIELDS, OR ELSEWHERE IN THE SERVICES. WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF THE PERSONAL DATA THAT YOU DISCLOSE IN THE PLATFORM’S COMMUNITY CHAT FEATURE OR THE FREE TEXT FIELDS, OR ELSEWHERE IN THE SERVICES.
Personal Data of Minors
The Services are not intended for use by children under 18 years of age. We do not knowingly collect any information from any person under the age of 18. In the event that we discover that a child under the age of 18 has provided personal data to us, we will make efforts to delete the child’s information. If you believe that your child under 18 has gained access to our Service without your permission, please contact us at [email protected]
Your Consent to Disclosure/Transfer/Assignment of Your Personal Data. You consent to (and shall not object) our disclosure, transfer, assignment, and/or sale of your Personal Data, De-Identified Personal Data, and other information you provide to us, as well as the rights you have granted or consented to in this Privacy Policy (collectively, “Transferred Information”) to a potential or actual buyer or acquirer of assets or equity of our company or other successor for the purpose of considering or undergoing a merger, divestiture, restructuring, reorganization, dissolution, change in control, or sale or transfer of some or all of our assets (each of the foregoing referred to as a “Transfer”), whether as a going concern or as part of bankruptcy, liquidation or other court proceeding, in which Personal Data held by us is among the assets transferred. We cannot make any representations regarding the use or transfer of Transferred Information that we may have in the event of our bankruptcy, reorganization, insolvency, receivership, or an assignment for the benefit of creditors. Furthermore, except as required by law, we are not and will not be responsible for any breach of security by any third parties or for any actions of any third parties that receive any of the Transferred Information that is disclosed to us.
Security
We have implemented technical, organizational, and physical safeguards designed to protect the personal data we collect. However, no security measures are failsafe, and we cannot guarantee the security of your personal data due to the inherent risks of data transmission over the Internet. Consequently, we cannot ensure or warrant the security of any information you transmit to us, and you understand that any information that you transfer to us is done at your own risk. If we learn of a security system breach, we may attempt to notify you so that you can take appropriate protective steps. By using the Services or providing personal data to us, you agree that we can communicate with you, including electronically, regarding security, privacy and administrative issues relating to your use of the Services. We may post a notice on the Services if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
The safety and security of your information also depends on you. You should maintain good internet security practices. Where you have password-protected access to an account or certain parts of the Website or Services, you are responsible for keeping this password confidential. Please help keep your account safe by using a strong password, or, better yet, a strong pass phrase. You should not share your password with anyone. You must prevent unauthorized access to your account and Personal Data by selecting and protecting your password appropriately and limiting access to your computer or mobile device and browser by signing off after you have finished accessing your account. If your email account is compromised this could allow access to your account with us if you have given up those details and/or permitted access through those accounts. If your email account is compromised it could be used to ask us to reset a password and gain access to your account with us. If you think that your account has been compromised you should change your account credentials with us, and in particular make sure any compromised account does not allow access to your account with us. The information you share in public areas may be viewed by other users. We will never email you to ask for your password or other account login information. If you receive such an email, please send it to us so we can investigate.
You hereby release and forever discharge us and our affiliates, subsidiaries, officers, directors, employees, and agents, and their respective successors and assigns, and you will indemnify, defend and hold us harmless, from and against any liability, claim, or cost (including attorneys’ fees), arising directly or indirectly from any failure by you to maintain the security of your email or other accounts that directly or indirectly results in an unauthorized third party having access to such email or accounts or causes us to transfer funds based on instructions purporting to have originated from you (i.e., “wire transfer fraud” or “business email compromise” events).
Any payment transactions involving credit or debit cards will be performed using our third party payment processors or gateways, who will use appropriate security procedures designed to protect your information. We do not collect or store full credit card numbers.
Data Retention
In general, our retention of Personal Data is reasonably necessary and proportionate to achieve the purposes for which the Personal Data was collected or processed, or for another disclosed purpose that is compatible with the context in which the Personal Data was collected, and not further processed in a manner that is incompatible with those purposes. The time period for which we retain your Personal Data depend on the purposes for which we use it. We will retain your Personal Data for as long as your account is active, or as long as you are a registered member or account holder or user of our Services or for as long as we have another business purpose to do so (such as, but not limited to, for business, tax, or legal purposes) and, thereafter, for no longer than is required or permitted by law, or our records retention policy, reasonably necessary for internal reporting and reconciliation purposes, or to provide you with feedback or information you might request. This period of retention is subject to our review and alteration. We will also retain Usage Data for analytics purposes. “Usage Data” refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit). Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Following termination or deactivation of your user account, we may retain your profile information and all information posted to public areas of the Website. Following termination or deactivation of your user account, we may retain your Personal Data and other data, but will maintain it as confidential according to the Terms, this Privacy Policy, and as required by applicable law. We have the right to delete all of your Personal Data and other data after termination of your user account without notice to you.
We may retain De-Identified Personal Data for as long as we deem appropriate
Notices; Opting Out
By providing us with your phone number and/or email address (including by “following”, “liking”, linking your account to our Website or Service or other services, etc., on a third party website or network), you consent to our using the email address and/or phone number to send you Service-related notices by email, text, or by calling you, including any notices required by law (e.g., notice of data privacy or security incidents), in lieu of communication by postal mail. You also agree that we may send you notifications by email, phone, or text, of activity regarding our Products, Services, the Website, your Personal Data, or any aspect of our relationship, to the email address or phone number you give us, in accordance with any applicable privacy settings. We may use your email address to send you other messages or content, such as, but not limited to, newsletters, additions or changes to features of the Service, or special offers. If you do not want to receive such email messages, you may opt out by emailing us your opt-out request or, where available, by clicking “unsubscribe” at the bottom of our e-newsletter. Opting out may prevent you from receiving email messages regarding updates, improvements, special features, announcements, or offers. You may not opt out of Service-related emails.
International Data Transfers
The Personal Data we or our service providers collect may be stored and processed in servers within or outside of the United States and wherever we and our service providers have facilities around the globe, and certain information may be accessible by persons or companies outside of the country of those which provide services for us. You consent to our and our service providers’ transmission, processing, and/or transfer of your Personal Data to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take reasonable steps to ensure that your Personal Data receives an adequate level of protection in the jurisdictions in which we process it.
If you are a resident or citizen of the UK, European Economic Area (“EEA”), or Switzerland, please see the section below on GDPR compliance.
Your Privacy Rights
Update or Delete. You can contact us to ask us to update or correct your personal data. You may also delete your account or your contacts’ phone numbers from our active systems. Please note that we will need to verify that you have the authority to delete the account and certain activity generated prior to deletion may remain stored by us and may be shared with third parties as detailed in this Privacy Policy.
Disconnect Social Media Companies. When you connect your social media accounts to Arkham, we notify those platforms. You may disconnect your social media accounts directly on the Services at any time.
Opting-out of Marketing Communications and Other Push Notifications. You may opt out of marketing-related communications by following the opt out or unsubscribe instructions contained in the marketing communication we send you. You may opt out of other notifications we may send you via push notification by changing the settings on your mobile device.
Additional Opt-Outs. We will promptly stop processing your information and remove it from our servers and database at any time upon your e-mail request, where required by law. You may opt-out of the following by sending an email to privacy@arkm.com with “Opt-Out” in the subject line: sharing your personal with third parties; using your personal for a purpose other than the one for which you provided it; including your personal data in an online directory; and sending you promotional emails.
To exercise any of the above rights, please email us at privacy@arkm.com . Please note, for your own protection, we may take steps to reasonably verify your identity before acting on any requests received with respect to the rights set forth above.
Online Tracking Opt-out. There are a number of ways to limit online tracking, which we have summarized below:
Opt-Out of Interest-Based Advertising. We recognize the Global Privacy Control in a frictionless manner. You can also opt-out of interest-based advertising by participating companies using the following links:
Digital Advertising Alliance for Websites: optout.aboutads.info
Digital Advertising Alliance for Mobile Apps: www.youradchoices.com/appchoices
Network Advertising Initiative. optout.networkadvertising.org/
Blocking cookies in your browser. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.
Using privacy plug-ins or browsers. You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger Privacy Badger, Ghostery, or uBlock Origin, and configuring them to block third party cookies/trackers. You can also opt out of Google Analytics by downloading and installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout.
Note that because these opt out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. Our Site responds to the global privacy control offered by most web browsers. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.
Jurisdiction-Specific Disclosures
PRIVACY RIGHTS FOR THE EUROPEAN ECONOMIC AREA, THE UNITED KINGDOM, AND SWITZERLAND
We process personal data as that term is defined in the European Union’s General Data Protection Regulation (“GDPR”) and the equivalent United Kingdom and Swiss laws. Under the GDPR, we are known as a data “Controller” and you, if you live in European Economic Area (“EEA”), United Kingdom (“UK”), or Switzerland, are a “Data Subject”. We will take commercially reasonable steps to maintain compliance with the GDPR.
YOUR SPECIFIC CONSENT TO PROCESSING OF “SENSITIVE” OR “SPECIAL” CATEGORIES OF PERSONAL INFORMATION
We “process” or use biometric data, specifically, facial recognition data, solely for the purpose of verifying your identity and conducting compliance checks. You specifically consent to our processing this type of Personal Data for these purposes.
We “process” or use driver’s license and passport data for the purpose of verifying customer identity and qualifications. You specifically consent to our processing these types of Personal Data for these purposes.
We “process” or use financial information for purposes of reviewing and evaluating customer applications.
As a data subject, you have the following rights:
You have the right to access information about the categories of personal data we have collected about you. You may also request a copy of the personal data we have collected, and upon request, we will provide this data to you in electronic form or transfer it to a third party.
You have the right to correct your personal data if inaccurate. You may also edit your personal data through your profile on the Service, if you have an account.
You have the right to request erasure of your personal data when such data is no longer necessary for the purposes for which it was collected, when you withdraw consent and no other legal basis for processing exists, or when you believe that your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing.
You have the right to restrict our processing of personal data if there is a dispute about the accuracy of the data; if the processing is unlawful; if the processing is no longer necessary for the purposes for which it was collected but is needed by you for the establishment, exercise or defense of legal claims; or if your request to object to processing is pending evaluation.
You have the right to object to processing of your personal data based on our legitimate interests or for direct marketing (including profiling). We will no longer process the data unless there are compelling legitimate grounds for our processing that override your interests, rights, and freedoms, or for the purpose of asserting, exercising, or defending legal claims.
You have the right to ask for a copy of your personal data be provided to you in a structured, commonly used, and machine-readable format.
You have the right to object to further processing of your personal data if such personal data is inconsistent with the primary purposes for which it was collected.
You have the right to be free from automated decision making and profiling.
You have the right to obtain information about, and a copy of, the safeguards we use to transfer personal data across borders.
In processing personal data, we may rely upon the following lawful bases:
Consent. We may process personal data with the consent of the individual whose data is being processed and/or in reliance upon the consent of the administrator of the account, who must affirm that s/he has obtained appropriate consent from all participants. You may withdraw your consent at any time.
Contract. When we enter a contract with you and/or an administrator for your account, we process personal data on the basis of our contract in order to prepare and enter into the contract, as well as to perform and manage our contract. This is necessary for us to provide the Services to you.
Vital interests. In a case where the personal data is required to protect your vital interests or the vital interests of another natural person, then this may be used as the lawful basis of the processing. For example, we may need to process personal data in the event of a pandemic.
As required by law. We may process personal data as required to comply with legal obligations to which we are subject for the for the purpose of compliance with EEA, UK, or Swiss public, governmental, judicial, or other regulatory authorities.
For legitimate business purposes. We may process personal data of non-users included in research and reports that are the subject of an auction or other transaction posted on the platform. This also includes, but is not limited to, legal compliance and the purposes described above.
Users who are located in the EEA, the UK, or Switzerland have the right to lodge a complaint about our data collection and processing actions with the relevant supervisory authority in their country of residence. Contact details for data protection authorities are available here: https://edpb.europa.eu/about-edpb/about-edpb/members_en. If you would like to exercise any of these rights, please contact us at the information provided below.
You can find instructions for enforcing some of these rights elsewhere in this Privacy Policy.
Contact Us
If you have any questions regarding our Privacy Policy or our privacy practices, please email us at [email protected] .