Latest update: October 2022
COLLECTION OF INFORMATION
Information You Provide to Us
The categories of personal information we collect depend on how you interact with Aptos and its Services. Aptos collects information that you provide us, information we obtain automatically when you use our Services and information from third-party sources and other organizations. The types of personal information we may collect from you include name, email address and any other information you choose to provide.
Information We Collect Automatically When You Interact with Us
Aptos may collect certain information automatically when you use our Services. Examples of this information include cookie identifiers, internet protocol (IP) address, mobile carrier, MAC address, user settings, mobile ad identifiers, Internet service provider, browser or device information, location information and metadata about information you provide Aptos. We may also automatically collect information pertaining to your use of our Services. Examples of this information may be related to your pages visited, links clicked, content interacted with, duration and frequency of your activities and other information about your use of our Services.
Information We Collect from Other Sources
We obtain information from third-party sources. For example, we may collect information about you from identity verification services, data analytics providers, mailing list providers (if applicable) and public blockchains. Additionally, our Services may allow you to provide information about your family or friends through our referral service, which allows you to forward or share certain information with Aptos. Please share information only for people that you know.
We obtain information from public blockchains, including the Aptos blockchain. Such information includes but is not limited to on-chain account information and transaction information. This information is used to improve the Aptos blockchain, and our services and products, including the Petra Wallet.
USE OF INFORMATION
We use the information we collect to:
- Provide, maintain, and improve our products and services;
- Process transactions and send you related information, including confirmations, receipts, invoices, customer experience surveys, and recall notices;
- Personalize and improve your experience on our Services;
- Send you technical notices, security alerts, and support and administrative messages;
- Respond to your comments and questions and provide customer service;
- Communicate with you about products, services, and events offered by Aptos and others and provide news and information that we think will interest you;
- Monitor and analyze trends, usage, and activities in connection with our Services;
- Facilitate contests, sweepstakes, and promotions and process and deliver entries and rewards;
- Detect, investigate, and prevent security incidents and other malicious, deceptive, fraudulent, or illegal activity and protect the rights and property of Aptos and others;
- Debug to identify and repair errors in our Services;
- Tailor and provide you with content and advertisements;
- Comply with our legal and financial obligations; and
- Carry out any other purpose described to you at the time the information was collected.
SHARING OF INFORMATION
We share personal information in the following circumstances or as otherwise described in this policy:
- We share personal information with vendors, service providers, and consultants that need access to personal information in order to perform services for us, such as companies that assist us with web hosting, shipping and delivery, payment processing, fraud prevention, customer service, and marketing and advertising.
- We may disclose personal information if we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements.
- We may share personal information if we believe that your actions are inconsistent with our user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect the rights, property, and safety of Aptos, our users, the public, or others.
- We share personal information with our lawyers and other professional advisors where necessary to obtain advice or otherwise protect and manage our business interests.
- We may share personal information in connection with, or during negotiations concerning, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
- We share personal information with your consent or at your direction.
We also share aggregated or de-identified information that cannot reasonably be used to identify you.
- Mailchimp. To learn about how Mailchimp uses your data, please visit the Intuit Privacy Statement.
- Stitch. To learn more about how Stich uses your data, please go to their privacy statement.
SECURITY OF YOUR INFORMATION
TRANSFER OF INFORMATION TO THE UNITED STATES AND OTHER COUNTRIES
Aptos operates and engages service providers in various jurisdictions. Therefore, we and our service providers may transfer your personal information to, or store or access it in, jurisdictions that may not provide levels of data protection that are equivalent to those of your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it.
You may access and use the Petra Wallet, which is a digital wallet created and operated by Aptos. When setting up an Account within Aptos, you will be responsible for keeping your own account secrets, which may include twelve-word seed phrases (“Mnemonic(s)”), your private keys, an account file, or other locally stored secret information. Aptos encrypts this information locally with a password you provide.
YOUR CALIFORNIA PRIVACY RIGHTS
The California Consumer Privacy Act or "CCPA" (Cal. Civ. Code § 1798.100 et seq.) affords consumers residing in California certain rights with respect to their personal information. If you are a California resident, this section applies to you.
Under the CCPA, you have the right to request to know: (i) the categories of personal information we have collected about you in the last 12 months; (ii) the specific pieces of personal information we have about you; (iii) the categories of sources from which that personal information was collected; (iv) the categories of your personal information that we sold or disclosed in the last 12 months; (v) the categories of third parties to whom your personal information was sold or disclosed in the last 12 months; and (vi) the purpose for collecting and selling your personal information. These rights are subject to limitations as described in the CCPA. Aptos may deny your request if we need to do so to comply with our legal rights or obligations.
We will not discriminate against any consumer for exercising their CCPA rights.
You may exercise these rights yourself or you may designate an authorized agent to make these requests on your behalf. To protect your information, we may need to verify your identity before processing your request, including by collecting additional information to verify your identity, such as government issued identification documents. Aptos will not fulfill your request unless you have provided sufficient information for us to reasonably verify you are the individual about whom we collected personal information. We will only use the personal information provided in the verification process to verify your identity or authority to make a request and to track and document request responses, unless you initially provided the information for another purpose. When we verify your agent’s request, we may verify your identity and request a signed document from your agent that authorizes your agent to make the request on your behalf. To protect your personal information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorized by you to act on their behalf.
If you would like to exercise any of these rights, please contact us at the email in the “Contact us” section below.
ADDITIONAL DISCLOSURES FOR INDIVIDUALS IN EUROPE
If you are located in the European Economic Area ("EEA"), the United Kingdom, or Switzerland, you have certain rights and protections under the law regarding the processing of your personal data, and this section applies to you.
Legal Basis for Processing
When we process your personal data, we will do so in reliance on the following lawful bases:
- To perform our responsibilities under our contract with you (e.g., processing payments for and providing the products and services you requested).
- When we have a legitimate interest in processing your personal data to operate our business or protect our interests (e.g., to provide, maintain, and improve our products and services, conduct data analytics, and communicate with you).
- To comply with our legal obligations (e.g., to maintain a record of your consents and track those who have opted out of communications).
- When we have your consent to do so (e.g., when you opt in to receive communications from us). When consent is the legal basis for our processing of your personal data, you may withdraw such consent at any time.
We store other personal data for as long as necessary to carry out the purposes for which we originally collected it and for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations.
Data Subject Requests
Subject to certain limitations, you have the right to request access to the personal data we hold about you and to receive your data in a portable format, the right to ask that your personal data be corrected or erased, and the right to object to, or request that we restrict, certain processing. If you would like to exercise any of these rights, please contact us at firstname.lastname@example.org.
Questions or Complaints
If you have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the Data Protection Authority where you reside. Contact details for your Data Protection Authority can be found using the links below:
For individuals in the EEA: https://edpb.europa.eu/about-edpb/board/members_en
For individuals in the UK: https://ico.org.uk/global/contact-us/
For individuals in Switzerland: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html