Last material update: 23 July 2022
Personal information is typically data that identifies an individual or relates to an identifiable living individual. This includes information you provide, information which is collected about you automatically, and information obtained from third parties. It does not include data which cannot be used to identify an individual person, such as a company registration number, nor data where the identity has been removed (anonymized data).
We do not require you to set up an account to use Bridges' Services, but there are certain situations in which you may choose to provide us with personal information:
Request for customer support: You can contact us by email or by reaching out to a Customer Care Representative in Telegram or Discord. In this conp, we process the information and data you provide (including personal data such as first name, last name, email address, and username). The nature of your data storage in this case depends on the platform:
Application to join our team: We collect name, email address, work history, curriculum vitae, and other information pertaining to evaluating candidates for open roles in our team. This information is collected through our Team Application Form (currently available at https://wru6uj38gcq.typeform.com/to/xIqIwKiB) and is only accessible by the necessary members of the Bridges team.
Application to list a new project token on Bridges Exchange: We collect email address, information about the team's identities, and information about the projects which may not yet be public. This information is collected through our Team Application Form (currently available at https://wru6uj38gcq.typeform.com/to/wKgwe9v8) and is only accessible by the necessary members of the Bridges team.
Bridges automatically collects anonymized information about website performance, traffic, and user interaction with Bridges' Services. Bridges does not collect any personal information from you (such as your name or other identifiers that can be linked to you). However, we do use third-party service provider Google Analytics (https://analytics.google.com/). Google Analytics may receive or independently obtain your personal information from publicly-available sources. We do not control how it handles your data, and you should review their privacy policies to understand how they collect, use, and share your personal information. In particular, please visit https://policies.google.com/technologies/partner-sites to learn more about how Google uses data. By accessing and using Bridges' Services, you understand and consent to our data practices and our service providers' treatment of your information.
Please note that when you use Bridges' Services, you are interacting with a blockchain which provides transparency into your transactions. Bridges does not control and is not responsible for any information you make public on any blockchain by taking actions through its Services.
2.3 Information obtained from third parties
Bridges does not receive any personal information about you from third parties.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Bridges does not share your personal data with third-party service providers, agents, subcontractors, other associated organizations, or affiliates.
We may pass your personal data to the following entities:
While there is an inherent risk in any data being shared over the internet, we have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, damaged, or accessed in an unauthorized or unlawful way, altered, or disclosed. In addition, we limit access to your personal data to those employees who have a legitimate business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
Depending on the nature of the risks presented by the proposed processing of your personal data, we have in place the following appropriate security measures:
We have put in place procedures to deal with any suspected personal data breach and will notify you and any relevant regulator of a breach where we are legally required to do so.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, accounting or other requirements.
Here are some exemplary factors which we usually consider when determining how long we need to retain your personal data:
Information provided to our applications is subject to retention for as long as the business relationship between you and Bridges is upheld.
You have certain applicable rights to the storage and usage of your data held by Bridges. The rights available to you depend on our reason for processing your personal data. If you need more detailed information or wish to exercise any of the rights set out below, please contact us.
No fee typically required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is manifestly unfounded or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
Period for replying to a legitimate request
The statutory period under GDPR for us to reply to a legitimate request is one month. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests.
Please note that we may request that you provide some details necessary to verify your identity when you request to exercise a legal right regarding your personal data.