Last Reviewed: June 20, 2020
At Foleum, we take your privacy very seriously and want you to be informed about the ways in which we protect, use, and share the personal information that we collect from you when you use our website or services. Please read this Policy carefully to understand our policies and practices regarding the information we collect, why we collect it, and how we will treat it.
- (i) when visiting the website and associated domains of https://www.foleum.io (the “Website”),
- (ii) when you access and/or use any part of our “Services,” which include: (a) services, software, applications, content, programs, or products that are available through the Website or through other related applications or distribution channels operated by us, and (b) sales of FOL crystal tokens or Simple Agreements for Future Tokens (“SAFT”) that we may offer from time to time.
This Policy also describes our practices for using, maintaining and disclosing the information we collect or that you may provide when visiting the Website or using the Services.
- On the Website.
- In email, text, and other electronic messages between you and the Website.
- When you interact with our advertising and applications on third-party websites and services, which link to this Policy.
This Policy does not apply to information collected by:
- us offline or through any other means, including on any other website operated by us or any third party; or
- any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Website (but who are not collecting any information on our behalf).
If you do not agree with our policies and practices, you should not access or use the Website or any other part of the Services. By visiting the Website and associated domains or using the Services, you agree to this Policy and consent to collection and use of your information as described herein.
Data Controller Information:
Foleum makes decisions about how your information will be used. You can also contact us by email at email@example.com.
Location of Your Information and Consent to Transfer and Processing
WE PRIMARILY STORE DATA ABOUT YOU, INCLUDING PERSONAL INFORMATION, ON SERVERS LOCATED AND OPERATED WITHIN THE UNITED STATES. THEREFORE, IF YOU RESIDE OUTSIDE OF THE UNITED STATES, IN ORDER TO PROVIDE THE SERVICES TO YOU, YOUR PERSONAL INFORMATION (ALSO COMMONLY REFERRED TO AS PERSONAL DATA) MAY BE TRANSMITTED AND STORED OUTSIDE OF THE COUNTRY WHERE YOU RESIDE OR ARE LOCATED, TO THE UNITED STATES. THEREFORE, OUR COLLECTION AND USE OF YOUR PERSONAL INFORMATION IS SUBJECT TO THE UNITED STATES’ LAWS RELATED TO PRIVACY AND USE OF PERSONAL DATA AND INFORMATION, IN ADDITION TO PRIVACY LAWS IN YOUR COUNTRY OF RESIDENCE THAT MAY STILL APPLY. IF APPLICABLE LAWS IN YOUR COUNTRY OF RESIDENCE ARE MORE PROTECTIVE THAN U.S. LAW, WE ADHERE TO THE REQUIREMENTS OF THOSE MORE PROTECTIVE LAWS.
BY ACCEPTING THE TERMS OF THIS POLICY YOU ACKNOWLEDGE, UNAMBIGUOUSLY AGREE AND CONSENT TO THE TRANSFER TO AND PROCESSING OF PERSONAL INFORMATION ON SERVERS LOCATED OUTSIDE OF THE COUNTRY WHERE YOU RESIDE.
In most cases, the information we collect from you will be stored on servers owned and operated by us. In some instances, the information we collect about you may be stored on servers owned and operated by trusted third party providers we have contracted with. Our agreements with those providers require them to restrict use of your personal information to the purposes described herein, and to employ reasonable security measures that are at least as stringent as those we use to protect your information from unauthorized access.
Changes to this Policy
We will modify this Policy:
- if we start collecting substantially new types of personal information;
- if we materially change how we handle your data; or
- to comply with material changes in any applicable laws or regulations that come into effect.
The revised Policy will be posted on the Website and we may notify you of such changes in accordance with this Policy. Your continued use of this Website after we make changes to this Policy is deemed to be acceptance of those changes, so please check the Policy periodically for updates.
Our Privacy Practices
Types of Information We Collect About You
We collect several types of information from and about users of our Website and Services, including:
- Personally Identifiable Information
- Non-Personally Identifiable Information
- Blockchain Information
Each of these types of information is described in detail below.
- Personally Identifiable Information (“PII”)
- PII is information by which you may be specifically identified as an individual, such as:
- your name your location
- your postal address
- your telephone number
- your mobile number
- your email address
- your date of birth
- your credit card or other billing information
- your company’s name
- In order to use the Services and create an account on the Website (your “Account”), you must provide us with at least your name, email address, and phone number, and you must create a password for your Account. For your protection, we apply strong encryption to passwords and do not collect or store unencrypted passwords.
- Non-Personally Identifiable Information (“Non-PII”)
- Non-PII is information from which any PII has been removed, such as:
- information that is about you but cannot be used to identify you;
- non-PII that third parties have collected and share with us to help better provide the Website and the Services;
- information regarding your use of the Services, including without limitation, activity and visit behavior on the Website;
- information about your internet connection, the equipment you use to access the Website and usage details;
- Information that your browser sends whenever you visit a website or online service (“Log Data”). This Log Data may include, but is not limited to: your device’s Internet Protocol (IP) address, information about your device such as the type and model, manufacturer, operating system (e.g. iOS or Android), carrier name, mobile browser (e.g. Chrome, Safari), and identifiers assigned to your device, such as its iOS Identifier for Advertising (IDFA), Android Advertising ID, or unique device identifier (a number uniquely allocated to your device by your device manufacturer), browser type, operating system and version, the web page you were visiting before you came to the Website, information you search for on the Website, locale preferences, the time and your time zone, network connection type (e.g., WiFi, cellular), and cookie information, system configuration information, metadata concerning your files, and other interactions with the Services;
- the geo-location of your device (using GPS or other geo-location data), when location services have been enabled for the browser accessing the Website or the Services; and
- if you participate in our sale of FOL crystal tokens SAFTs, we may collect information about the FOL crystal token purchase or SAFT transaction you complete using the Services, including the amount of BTC, ETH or fiat currency funds and FOL crystal tokens or SAFTs associated with your purchase.
In this Policy, we refer to all information collected from or about you, including but not limited to PII and Non-PII, as “Your Information.”
Certain Services are built on, or are directly integrated with, public record blockchains, such as the Ethereum Blockchain. Your use of the Services will be deemed to be your consent to the placement of information necessary to the proper functioning of the Services on all necessary blockchains, both public and private. We have no control over, and are not responsible for, the functioning of such blockchains or actions taken by them with respect to Your Information.
How We Collect Your Information
- We collect Your Information (1) directly from you when you provide it to us or one of our trusted third party providers (for example, Identity Mind Global), and (2) automatically as you navigate through the Website.
- Information We Collect Directly
- When you visit our Website and use our Services, you may provide us with some information which we collect from you directly. Information we collect directly from you may include, for example:
- Information that you provide by filling in forms on the Website. This includes information provided at the time of registering for your Account, including your name, e-mail address, phone number, address, the user name you choose and a hash encrypted password that you create.
- In the event that you participate in a FOL Crystal Token sale or SAFT sale, PII that you provided to us or to one of our trusted third party providers when you complete a form, such as your name, address, email address, mobile phone number, nationality, personal identification number, ID document type, ID document issue and expiration date, copy of your identification documents, ETH wallet address, BTC wallet address and other similar information. We collect this information to comply with our legal obligations to verify the identity of investors or to help prevent money-laundering (“Know Your Customer”);
- records and copies of your correspondence (including email addresses), if you contact or chat with us;
- your responses to surveys or polls that we might ask you to complete for research purposes or for community input; and
- details of transactions (including FOL crystal token or SAFT transactions) that you carry out through the Services.
- Information We Collect Through Automatic Data Collection Technologies
- As you interact with the Website and the Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including:
- details of your use of the Website and the Services, including Log Data.
- The information we collect automatically is statistical data and does not include PII. It helps us to improve the Website and the Services and to deliver a better and more personalized service, including by enabling us to:
- estimate our audience size and usage patterns;
- store information about your preferences, allowing us to customize the Website and the Services according to your individual interests; and
- recognize you each time you use the Website, allowing us to detect anomalies associated with account activity in order to provide you with alerts and notifications as part of our efforts to protect your Account and Your Information within.
- We may use third party analytics services, including Google Analytics, to provide us with analytic data collection and reporting.
- Users are advised that they can instruct their internet browser, by changing its options, to stop accepting cookies or to prompt the User before accepting a cookie from a website you visit, including this Website, however, a User may not be able to use all portions of the Website or all functionality of the Services if cookies are not accepted.
- Other cookies may be stored to a User’s device by external third party service providers and vendors of this Website, such as referral programs, sponsored links or advertisements. Such cookies typically expire after 30 days, though some may take longer and no personal information is stored, saved or collected by such cookies. Cookies that we use are either session-cookies, which are automatically deleted from a User’s device after the end of the browser session or persistent cookies, which are automatically deleted from the device after expiration of the specific given time.
- How We Use the Information We Collect
- We use the information we collect to provide and improve the Website and the Services. We process Your Information as needed to provide the Services and to enable you to use the Website. The purpose of the processing in each case depends on the particular type of information which is collected, as further described in this Policy.
- Processing Your Information to Comply with Legal Requirements
- We, or our trusted third party service providers acting on our behalf, process certain personal information, such as information which you provided and submitted in the KYC (“Know Your Customer”) / AML (“Anti-Money Laundering”) form in connection with your registration on the Website and other details of your FOL crystal token or SAFT transactions, to comply with legal requirements and to protect our legitimate interests.
- Such legal requirements and legitimate interests include, but are not necessarily limited to, preventing prohibited or illegal activities, such as money laundering and terrorist financing, and, when necessary, verifying that you meet the legal definition of an “accredited investor” and thereby preventing substantial losses and damages to both Foleum and its Website users which it or they may sustain as a result.
- The purpose of processing this information is to verify your identity and to monitor and prevent potentially prohibited or illegal activities. For the same purpose, we, or our trusted third party service providers acting on our behalf, may also obtain information about you from third parties such as identity verification services or credit reporting agencies, and we, or such third party service providers, may also ask you for additional government-issued identification or other information to validate your identity as required by our policies and procedures.
- We, or our trusted third party service providers acting on our behalf, may also be required to compare the PII that you provide to us to third party databases in order to verify its accuracy and confirm your identity in order to allow us to comply with relevant regulations.
- Other Uses for Your Information
- Unless otherwise provided by law, we may also use Your Information that we collect about you or that you provide to us, including any PII, for the following purposes:
- providing, maintaining and delivering the Website and the Services; administering your use of the Website and the Services;
- to fulfill any legal or regulatory requirements;
- to provide you with customer service, technical support, security alerts or in any other way communicate with you when we deem necessary;
- to mitigate the risk of fraud and identity theft and to prevent and investigate potentially prohibited or illegal activities;
- to manage your account and process and review your transactions;
- to personalize your experience;
- to provide you with information, products or services that you request from us;
- to fulfill any other purpose for which you provide it;
- to protect the rights and property of Foleum and other parties using the Website or Services;
- to resolve disputes with you, should one arise;
- to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
- to notify you about changes to the Services or any products or services we offer or provide though it;
- to enforce our Terms of Service;
- to provide you with further information and offers from us or third parties that we believe you may find useful or interesting, such as newsletters, marketing or promotional materials that you have chosen to receive;
- to contact you to obtain feedback from you regarding the Website and the Services; in any other way we may describe when you provide the information; and for any other purpose with your consent.
- For Contact Purposes
- By submitting your contact information to us and confirming your consent to processing it, you agree that we may use this information to stay in touch with you in the manner described in this Policy.
- Unsubscribing from Company Communications
- If you decide at any time that you no longer wish to receive such contact, announcements, information or offers, please follow the unsubscribe instructions provided in the communication. If we have sent you a promotional email, you may select the “unsubscribe” link at the bottom of the email and follow the opt-out instructions.
- BE ADVISED: This opt-out does not apply to information provided to us as a result of issuing FOL crystal tokens or SAFTs, issuing or holding securities, product service experience, or other transactions.
- Additional Uses of Your Non-Personally Identifiable Information
- We use Non-Personally Identifiable Information for the above purposes and in addition in order to:
- monitor and analyze use of the Website and the Services and for the technical administration of the Website;
- improve the Website and the Services;
- generate and derive useful data and information concerning the interests, characteristics and website use behavior of Users;
- verify that Users of the Website and the Services meet the criteria required to process their requests; and
- for any other purpose for which you provide consent or that is otherwise permitted under applicable law.
Processing and Storage of Personally Identifiable Information Collected Within the Know Your Customer Procedure
We, or our trusted third party service providers acting on our behalf, will process and maintain records of Personally Identifiable Information which you inserted in the KYC form, together with other details of the transaction (the amount, date and purpose of your transaction), to verify your identity through the KYC / AML process in order to allow you to access our Services and to monitor and prevent potentially prohibited or illegal activities, as we are legally obligated to do. In this context, the KYC / AML process is a reasonable and proportionate measure, which is not solely in our own interest, but of the transaction as a whole, and the collected Personally Identifiable Information involves only limited and necessary information. In order to protect such Personally Identifiable Information, we and our trusted third party service providers have implemented physical, technical, and administrative security measures and organized the processing of the Personally Identifiable Information in a manner which ensures appropriate security of the Personally Identifiable Information, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
Unless otherwise specifically required or allowed by applicable regulations or law, this Personally Identifiable Information will be stored for the period necessary to fulfill the purpose for which the Personally Identifiable Information is collected as specified in this section. When the storage of such Personally Identifiable Information is no longer necessary for this purpose, we shall ensure that such Personally Identifiable Information is no longer stored nor processed.
- Disclosure of Your Information
- We may disclose aggregated information about users of our Website and Services, and information that does not identify any individual, without restriction, for any purpose and to any third parties, to the extent not prohibited under applicable law.
- We may disclose Your Information, including Personally Identifiable Information that we collect or you provide as described in this Policy:
- to fulfill the purpose for which you provide it;
- to our subsidiaries and affiliates;
- to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personally Identifiable Information held by us about users of the Website or Services is among the assets transferred;
- for any other purpose disclosed by us when you provide the information; or
- with your consent.
- We may also disclose Your Information, including Personally Identifiable Information:
- to comply with any court order, law or legal process, including to respond to any government or regulatory request;
- to enforce or apply our Terms of Service and other agreements, including for billing and collection purposes;
- if we believe disclosure is necessary to protect the vital interests of you or another individual;
- to our service providers, banking partners and/or financial institutions (provided that use of Your Information by such service providers is limited to the information they need to know to provide services on our behalf and for more information about how these service providers treat Your Information you may contact us at the e-mail address specified below); or
- for third party financial, technical and legal audits of our operations to the extent necessary for such review.
- We may combine Your Information with information we collect from other companies and use it to improve the Website and our Services as well as our content and advertising.
- We do not share, sell, rent or disclose your PII to third parties for the third parties’ direct marketing purposes.
- We may disclose or share Your Information that we collect or you provide as described in this Policy to third party companies and individuals we employ for the following purposes:
- to facilitate or enhance the Website or the Services
- to provide the Website or the Services on our behalf
- to assist us in analyzing how the Website or the Services are used (such as website analytics)
- to perform services related to administration of the Services or the Website (including, without limitation, maintenance, hosting and database management services, website analytics and administration).
- These third parties companies and individuals are used to support our business and are bound by contractual obligations to keep Your Information confidential and secure and to use it only for the purposes for which we disclose it to them.
- We use third-party analytics tools (such as Google Analytics) to help us measure traffic and usage trends for the Website and the Services. These tools collect information sent by your browser as part of a web page request, including the web pages you visit, your browser add-ons, and other information that assists us in improving the Website and the Services. We may collect and use this analytics information together with your Personally Identifiable Information and stitch together session data from unauthenticated user visits with authenticated user visits to build a broader profile of our individual users so that we can serve you better. You can find out more information about how Google Analytics works and collects and processes the data here: www.google.com/policies/privacy/partners/. We will not provide any Personally Identifiable Information to such third parties.
- External Web Links
- Social Media Platforms
- Users are advised to use Social Media websites and platforms wisely and to communicate and engage upon them with due care and caution in regard to a User’s own privacy and personal details. We will never ask you for personal or sensitive information through our Social Media accounts and encourage Users wishing to discuss sensitive personal details to contact us through primary communication channels via the Website or by telephone.
- If you believe your intellectual property rights, personal rights, or any other rights have been infringed by any action of Foleum or on our Social Media accounts you are to notify us as soon as possible following the instructions at https://www.foleum.io/dmca-policy so that we may rectify and/or remove any infringing post.
- Shortened Links in Social Media
- We, through our Social Media accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy domains and URLs to third party pages.
- Users are advised to take caution and use good judgement before clicking any shortened URLs published on our Social Media accounts. Despite reasonable efforts to ensure only genuine URLs are published many Social Media websites platforms are prone to spam and hacking and therefore we cannot be held liable for any damages or losses caused by a User visiting any shortened links published on any of our Social Media accounts.
Children Under the Age of 18
The Services are intended to be used by adults, as defined under any applicable law in each specific case. If you are under the age of 18 years old, you are not authorized to use our Services. We do not knowingly collect personal information from anyone under the age of 18. If you are under 18, do not use this Website or the Services. If we learn we have collected or received personal information from a child under age 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at firstname.lastname@example.org .
Storing Your Information; Accessing and Correcting Your Information; How We Protect Your Information
- How We Store Your Information
- We, or our trusted third party service providers acting on our behalf, generally store You Information that we or they collect in electronic databases, some of which may be held on our behalf by third party data storage providers. With respect to Your Information that we store ourselves, our third party data storage providers have access to the servers on which your data is stored. Sometimes we also keep hard copy records of Your Information in physical storage facilities. We restrict the access to your stored data, whether it is stored by us or our trusted third party service providers, to those of our employees that have a need to know such information for the purposes described in this Policy.
- How Long We Store Your Information
- Your Personally Identifiable Information will not be kept longer than is necessary to facilitate your use of the Website or our provision of the Services to you. However, we may be required by law or regulation to retain your account information or any other information associated with it and not delete it for a longer period of time, in which case we may not delete your data until such obligations have been fulfilled. We may use any aggregated data derived from or incorporating Your Information after you update or delete it, but not in a manner that would identify you personally.
- Accessing and Correcting Your Information
- You may send us an email to email@example.com to request access to, correct or delete any of Your Information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. In certain circumstances deleting Your Information at your request may result in you not being able to use all portions of the Website or all functionality of the Services. You will not be able to use the Website or the Services you request that we delete your user name, e-mail address and hashed (encrypted) password.
- How We Protect Your Information
- We have implemented reasonable administrative, technical and physical measures designed to secure your Personally Identifiable Information from accidental loss and from unauthorized access, use, alteration, and disclosure, including:
- We encrypt your data while in transit to or from us.
- We offer security features, such as two-factor authentication, to help you protect your account.
- We review our information collection, storage, and processing practices, including physical and technical security measures, to prevent unauthorized access to our systems.
- We restrict access to Your Information to our employees and trusted contracts who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet those obligations.
- Unfortunately, neither the transmission of information via the Internet nor any method of electronic storage is completely secure. Although we do our best to protect your Personally Identifiable Information, by means of encryption, we cannot guarantee the security of your Personally Identifiable Information transmitted to our Website or while you are using the Services.
- The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of the Services, for example, to access your digital wallet where you store your FOL crystal tokens, you are responsible for keeping this password confidential. We ask you not to share your password(s) with anyone. We also recommend using 2-factor authentication whenever possible.
FOL Crystal Token Sale
We may also collect information from you as contemplated by the Crystal Purchase Agreement which may be applicable to you.
We may also collect information from you as contemplated by any SAFT entered into by you and Foleum which may be applicable to you.
Your Rights Under the GDPR
If you reside in the European Union, you have the right under the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR), to request from us access to and rectification or erasure of your personal data, data portability, restriction of processing of your personal data, the right to object to processing of your personal data, and the right to lodge a complaint with a supervisory authority. If you reside outside of the European Union, you may have similar rights under your local laws.
To request access to or rectification, portability or erasure of your personal data, or to delete your account with us, please send an email to firstname.lastname@example.org or write us at: Legal Department at P.O. Box 72652 Durham, NC 27722.
Whether you live in the European Union and you wish to exercise your right to restriction of processing or your right to object to processing or do not live in the European Union but you believe you have a right to restriction of processing or a right to object to processing under your local laws, please send an email to email@example.com or write us at: Legal Department at P.O. Box 72652 Durham, NC 27722.
If any part of this Policy is found to be defective, the remaining elements of the Policy shall remain in place.
If you have any concerns or questions about this Policy or our privacy practices, contact us at firstname.lastname@example.org.