PRIVACY POLICY

UnumDAO (“UnumDAO”, “UD”, “the Organization”, “we”, “us”, “our”), is a legal nonprofit entity incorporated under the laws of Delaware with registration: SR 20224172725, File Number 7168063 and registered address: 2140 South DuPont Hwy, Camden, DE 19934. which runs the Constitution DAO 2 project.

This Privacy Policy applies to the website www.unumdao.org & www.constitutiondao2.com (“Website”) and its associated subdomains or domains of third parties as well the web 3.0 DAPPs and the smart contracts which are employed for the donation to the UD project (collectively the “Services”). By accessing or using our Services, you undersign that you are, at least 16 years old and that you have read, understood, and agree to the collection, storage, use, and disclosure of your personal information as described herewith. If you disagree with the terms of this privacy policy, please do not access this website.

In its capacity as a personal data controller, the Organization carries out its activities in strict compliance with the legal requirements regarding the protection of natural persons in the collection and processing of their personal data. Pursuant to the provisions of Art. 13 and Art. 14 of the General Data Protection Regulation (GDPR), UD hereby provides the necessary information regarding the collection and processing of your personal data while using this website and/or the Services.

This privacy policy is compliant with the EU General Data Protection Regulation (GDPR) . The California Consumer Privacy Act (CCPA) is not applicable to this web ite or the Services because of UD's status as a non-profit entity. As stated in the CCPA “the CCPA applies only to for-profit businesses that do business in California”. For more information please visit the Department of Justice of the State of California website.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. Any changes or modifications will be effective immediately upon posting the updated Privacy Policy on the Website, and you waive the right to receive specific notice of each such change or modification. You are encouraged to periodically review this Privacy Policy to stay informed of updates. You will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted the changes in any revised Privacy Policy by your continued use of the Site after the date such revised Privacy Policy is posted.

1. Definitions and key terms

For the purposes of this Privacy policy:

2. Identity and contact details of the controller

3. Categories of collected and processed personal data

The Site does not collect any personal data of the visitors with the exception of the wallet used to make the donation. Also, if you decide to send emails or other communications to UD you may include in those communications some personal data which will therefore be processed by UD.

4. Purposes and legal basis of processing

4.1 Purposes

UD collects and processes your personal data to fulfil your request of donating to UD.

UD collects and processes your personal data in compliance with its statutory obligations. We must ensure our compliance with various legal obligations imposed by relevant legislation - anti-money laundering laws, financial services laws, corporation laws, privacy laws and tax laws. For the purpose of auditing our internal processes, fraud prevention and fraud security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft, the usage of stored data is of significant importance. Such obligations and requirements imposed on us necessary personal data processing activities for identity verification, payment processing, compliance with court orders, tax laws or other reporting obligations and anti-money laundering controls.

In case of emails and other communications, UD collects and processes your personal data to examine and answers your request.

4.2 Legal basis

If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have a legal basis for doing so under applicable EU laws. The legal basis to accept your donation as well as to answer to any email or communications is “the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract” pursuant to Article 6, 1(b) GDPR.

5. Period for which the personal data will be stored

UD stores your personal data for a reasonable period of time and never for longer than it is absolutely necessary. In establishing contractual relations with you, UD stores your personal data throughout the established relations. Normally, the Organization stores your personal data for 5 (five) years, starting from the beginning of the calendar year following the year of termination of the relationship between us. We may store your personal data for a longer period for reporting, tax and accounting purposes, as well as to protect your legitimate interests. After the expiration of the stipulated terms and if there is no other legal basis for the processing of your personal data, the data will be deleted.

Note that the transaction through the blockchain are immutably written in the distributed ledger of Ethereum due to the specific technical characteristics of the blockchain.

6) Disclosure and transfer of personal data

UD is a USA based entity and, therefore, the information we collect will be processed and stored in the USA. By using the Site and sending information and/or using the Services you acknowledge and agree that your personal information will be processed in the United States. The USA has not sought nor received a finding of “adequacy” from the European Union pursuant to Article 45 of the GDPR and the Schrems II CJEU decision and, therefore, data will be transferred to the USA one the basis of the consent of data subject or if the transfer is necessary for the performance of a contract between the data subject and the controller or the implementation of pre-contractual measures taken at the data subject's request to pursuant to Article 49, 1, (A) or (B) of GDPR.

In strict compliance with the legal requirements, UD may disclose or transfer your personal data to the following recipients under particular circumstances:

Please note that donations to UD are rewarded with a non-fungible token which is minted in the Polygon blockchain. If you decide to donate to UD you will receive the reward NFT and some of your personal data will be recorded in the Polygon public blockchain. Public blockchains are distributed ledgers intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis, which can lead to deanonymisation and the unintentional revelation of private financial information, especially when blockchain data is combined with other data. Because blockchains are decentralized or third-party networks that are not controlled or operated by the Organization, we are not able to erase, modify, or alter personal data from such networks.

7. Cookie policy

We are using cookies to improve the quality of the client's experience on the Site. The cookie, a small text file that is stored on the customer's computer for record-keeping purposes, can be used as an identification card: a cookie is unique to your computer and only the server that gave it to you can read them. Using traffic log cookies, we can identify and monitor what pages are mostly used. This will help us to analyze data about website traffic and later improve our website. Most existing web browsers can automatically receive cookies, but you can change your browser settings and decide whether to accept cookies or not. There is one important characteristic - cookies do not provide websites with personal information (such as email addresses or other information) without your permission. Once you provide a website with personal information, your information can be linked to the data stored in the cookie. You should remember that we will not share your personal information with third parties if we do not have permission from you or if we are not required to do it by law. Our main goal is to make our website as efficient for you as we can. We can personalize your web experience on our website with cookies: we will remember you as an individual and what content was interesting for you, and as a result, we can remove web pages that are not important and offer you the most popular products and services based on your web preferences (for example we may send you promotional emails with information about our new products, new special offers, special deals, etc.).

8. Your privacy rights

As a data subject, under the GDPR you have the following rights in relation to the personal data you provide:

9. Exercising rights related to personal data

At any time, you can withdraw your consent or object to the processing of your personal data and exercise your other rights as a data subject. For this purpose, you should send us a notice using one of the contact details provided in this policy at the following email: info@unumdao.org.

Upon receipt of such a notice, UD will provide information regarding the actions taken within one month of receipt. If necessary, this period may be extended by another two months, considering the complexity and number of requests made by one data subject. We will inform you of any extension within one month of receiving the notice, stating the reasons for the extension.

UD will provide the necessary information in relation to the notice only if the sender has been properly identified. UD is not obliged to respond to a notice in the event that it is unable to identify the data subject or his/her credentials. We may request the provision of additional information and documents necessary to confirm the identity and authority of the data subject when there are reasonable concerns.

Your questions, comments, requests or complaints regarding this Privacy Policy shall be addressed to info@unumdao.rog.

If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to the supervisory authority of the place where you reside.

If you are a resident of the United Kingdom and believe we maintain your Personal Data within the scope of the applicable laws relating to personal data in the United Kingdom, you may direct questions or complaints to the UK supervisory authority, the Information Commissioner's Office.