Privacy Policy
Who we are and how you can contact us
PRAGMA is a member-based, not-for-profit Swiss Association for Open Source blockchain software projects. It aims to foster an alternative open-source ecosystem for Cardano and beyond. Our registered address is PRAGMA, Dammstrasse 16, 6300 Zug. To contact us, please get in touch via [email protected].
Scope of this Privacy Policy
This privacy policy (“Policy”) explains and sets out the basis for why and when we collect personal information about the people who visit our website and/or interact with us in any other way. It explains and sets out how we use personal data, the conditions under which we may disclose it to others, and the measures we take to keep it secure.
If you transmit or disclose data about other persons such as family members, employees, work colleagues, etc., we assume that you are authorised to do so, that this data is correct and that we may process it as described here. By transmitting such data, you confirm this. Please also ensure that these third parties have been informed of this Policy. We may amend this Policy from time to time so please check it occasionally to ensure that you are aware of any changes.
How we collect information about you
We obtain information about you when you use our website, when you contact us by email, web form or other means of communication, or if you register to receive one of our newsletters or to be part of one of our mailing lists attend an event, contribute to our activities, or otherwise interact with us.
You are not obliged to disclose your personal information to us. However, we may need certain information in order to interact with you. For example, we may not be able to respond to inquiries if we do not receive the necessary information.
Information you provide us
You may provide us with personal information by filling in forms on our website or by corresponding with us by email, web form, letter, or other means of communication, including social media platforms. We collect the information exchanged between you and us, including your contact details and the marginal data of the communication. The personal information you provide may include, in particular, your name, email, pseudonym, messages, address, phone number, relevant IT expertise, IP address, language preference, and information regarding the pages you access.
Information we collect about you
When you visit our website we may collect information about your IP address, information about your visit, your browsing activity, and how you use our website, including log files, date and time at the time of access, URL, amount of data sent in bytes, source/reference from which you reached the page, browser used, operating system used. This information may be combined with other information you provide.
Information we receive from other sources
We may receive information about you if you use any other websites we, or our partners, operate. We also work with third parties (including contractors, project partners, service providers, analytics providers) and may receive information about you from them. This may be combined with other information you provide to us.
How your information is used
We may use personal information about you for the following purposes:
- to process manage the relationship with maintainers, contributors and fulfil contractual obligations (Article 6 para 1 letters a and b GDPR if applicable);
- to send you personalized communications which you have requested and that may be of interest to you, which may be based on your activity on our site(s) or the websites of our partners. These may include information, suggestions and recommendations about new offers, campaigns, activities and events (Article 6 para 1 letters a and b GDPR if applicable);
- to understand and measure the effectiveness of how we serve you and others (Article 6 para 1 letters b and f GDPR if applicable);
- process employment contracts, and for recruitment activities (e.g. names, addresses and other contact details, IDs, CVs, certificates, references; Article 6 para 1 letters b, c, and f GDPR if applicable);
- to ensure compliance with legal obligations and official orders, including communication with authorities and courts; enforcement of and defence against legal claim (Article 6 para 1 GDPR if applicable).
Newsletters and mailing lists
The provisions of this Policy also apply to the request for and sending of our newsletter and to the subscription to mailing lists. Subscription to newsletters and mailing lists will only be effective after a prior request by the user in the so-called “double opt-in procedure” (request on our website and confirmation of a corresponding request email).
Subscribers to newsletters and mailing lists are also assigned a UserID, which allows PRAGMA to determine when the relevant newsletter or mailing list messages were opened and which links or functions from the relevant newsletter or mailing list were activated. This tracking is done for internal optimization of the newsletter or mailing list, respectively.
The legal basis for processing is Art. 6 para. 1 a GDPR (if applicable), whereby PRAGMA’s authorization arises from the fact that, on the one hand, a concerned person can reasonably foresee at the time when the personal information is collected and in view of the circumstances under which it is carried out that it will possibly be processed for this purpose. The user has the right to withdraw their consent at any time.
If subscribers to the newsletter or mailing list, as relevant, does not wish to receive this tracking, they can unsubscribe from the newsletter or mailing list. To do so, simply unsubscribe via the link in the newsletter or send an email to [email protected]. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
We will not actively transfer to third parties any personal information as part of the mailing list service. However, our mailing lists can be made public to facilitate collaboration between maintainers, contributors and other actors within PRAGMA. This means that your name or pseudonym and email may be exposed to the public.
Who has access to your information
We do not pass on personal information to third parties without the consent of the person concerned, unless this is necessary for the purposes described in this Policy and except to third parties such as service providers, agents, subcontractors and other associated organisations engaged by us for processing for the purposes of completing tasks and providing services to you on our behalf, or if we are legally obliged to do so or if it is necessary to protect our interests, e.g. to combat abuses or defend our IP.
If we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure.
We may rely on social media plug-ins from social networks such as Twitter or Discord to make our organisation better known. If you share personal information on these networks, processing of such information is subject to their respective privacy policies.
Where we store your personal information
The information that we collect from you may be transferred to, and stored in, a country outside the European Economic Area (EEA), i.e. worldwide, in particular Switzerland, the United Kingdom and the USA. The laws in some countries may not provide the same legal protection for your information as in the EEA. In these cases, we only transfer personal information after we have implemented the legally required measures, such as the conclusion of standard contractual clauses on data protection or obtaining the consent of the data subjects.
How long will we keep your personal information
We will hold your personal information on our systems for as long as is necessary for the relevant activity. Your personal information is then either deleted or anonymized, unless we need them for longer in exceptional cases, e.g. due to statutory retention and documentation obligations or our legitimate interests, e.g. to protect rights to which we are entitled or to defend against claims.
Links to other websites
Our website may contain links to other websites run by other organisations. We cannot be made responsible for the privacy policies and practices of other websites even if you access them using links from our sites.
Security measures to protect your information
We take appropriate administrative, technical and physical safeguards to protect the confidentiality, integrity and availability of personal information. We use strict procedures and security features, including encryption techniques, and take all steps reasonably necessary to ensure that personal information is processed securely and in accordance with this Policy.
Non-sensitive details such as your email address may be transmitted unencrypted over the Internet, and so may not be guaranteed to be 100% secure. While we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Your choices and your rights
You have the right to request a copy of your personal data as well as the right to have your personal data corrected or deleted.
Under certain circumstances, you have the right to request that we restrict processing or hand over the data to you and the right to object to processing by us in general.
If our processing is based on your consent, you have the right to withdraw this consent at any time with effect for the future.
You may also have the right to receive a copy of the personal data in a machine-readable format or to send the personal data to another controller.
You can exercise your rights by contacting us (see above).
You have the right to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner. Competent data protection authorities of EU countries can be accessed through the edpb website.
Review of this Policy
We keep this Policy under regular review. In case of a revised version, we will inform you of the change in a suitable form (e.g. by posting it on our website or sending you an email), and the new version will become binding upon publication on our website.
Updated 17 April 2024