Privacy Policy

Last Revised on April 17, 2024

This Privacy Policy (“Policy”) for EigenFoundation, a Cayman Islands foundation company, and its subsidiaries (“Organization”, “we”, “our”, or “us”) describes the basis on which we will process personal data we collect from users of the Organization’s website, eigenfoundation.org, including any of its subdomains (“Website”), and any tools, services, features, and functionalities available through the Website (collectively, the “Services”), in accordance with applicable law. For purposes of applicable data protection laws, the Organization is the controller. For the purposes of this Policy, “you” and “your” refers to you as the user of the Services.

Please read this Policy carefully so that you understand your rights in relation to your personal data and how we will collect, use, and process your personal data. If you do not agree to this Policy, please do not use, access, connect to, interact with, or download any of the Services or otherwise provide your information to us.

PERSONAL DATA WE COLLECT ABOUT YOU, WHY WE PROCESS IT, AND THE LEGAL BASIS FOR PROCESSING

When you access, use, connect to, or interact with the Services, we may collect certain categories of information about you, including personal data, from a variety of sources.

Information you provide to us:

Personal data may include (i) names; (ii) addresses; (iii) telephone numbers; (iv) email addresses; (v) government-issued identification numbers; (vi) user passwords or PINs; (vii) user identification and account access credentials, passwords, PINs, and security question answers; (viii) financial account numbers; (ix) any internet-protocol address (“IP Address”) and/or any Ethereum or similar digital-asset, smart-contract, or protocol address (“Wallet”) information, associations, and/or identifiers; and (x) geolocation data.

In addition, personal data may include your social media handle and related information, transaction data or history (such as your blockchain transaction history and other information associated with a linked address or Wallet), certain information needed to transfer or allocate tokens, profile data (such as your profile name and avatar), marketing data (such as preferences for receiving marketing communications and related details), token holdings, and any other information collected through Services. When you contact us, including by email provided in this Policy or elsewhere on the Website, or through emails that you may have received through other means, we will collect the content of the communications we have with you and any personal data contained within.

We process this information to perform our contract with you, such as to provide you with our Services and content. We obtain your consent to process your personal data to sign you up for alerts and if you opt into marketing, to communicate with you about our products, features, services, marketing, events, and other news and information we think will be of interest to you. In order to be responsive to you, to provide effective services to you, and to maintain our business relationship, we may also use this information to send you announcements in relation to security, privacy, or administrative related communications (which are not marketing oriented, and so we do not rely on consent, so you may not opt-out) and to communicate with you and provide responses to your requests and other communications.

Information we collect automatically:

When you visit our Website or access, use, connect to, or interact with the Services, our servers temporarily save each access in a log file. The following data may be collected: (i) the IP Address of the requesting computer or device; (ii) the name of your internet access provider (usually your internet access provider); (iii) the date and time of access; (iv) the name and URL of the retrieved file; (v) the page and address of the website from which you were redirected to the website and, if applicable, the search term used; (vi) the country from which the website is accessed; (vii) the operating system of your computer and the browser you are using (provider, version, and language); and (viii) the transmission protocol used (e.g., HTTP/1.1).

The processing of this data is carried out for the purpose of enabling your access to, use of, connection to, and interaction with the Services, including (i) to facilitate your connection to the Website, (ii) to identify if you are likely to be a Prohibited Person, as defined in our general Terms of Service, available at (ii) to identify if you are likely to be a Prohibited Person, as defined in our general Terms of Service, available at docs.eigenfoundation.org/legal/terms-of-service, or if you are subject to any prohibitions with respect to the Services and other terms of services; and/or (iii) to verify your identity, identifying information, certain facts with respect to your identity or identifying information, and location to determine eligibility for certain Services, in each case with respect to any of (i), (ii), and/or (iii) in order for us to perform our contract with you and in our legitimate interests to provide effective Services to you.

We also process this data in our legitimate interests to provide effective Services to you by processing the data to assist system security and stability for provision of the Services, to conduct troubleshooting, data analytics, testing, and research, and to enable optimization and internal statistical analysis with respect to the Services, as well as to maintain the safety and security of our users, the Website, our Services and business and to improve and develop our Services and Website.

Finally, the Organization may use cookies, web beacons/clear gifs, geolocation and tracking technologies, and other applications when you visit the Website, including technologies collecting certain information about your access to, use of, connection to, or interaction with the Services (“Usage Data”) that may be integrated with third-party service providers.

With your consent, we may use any data collected, including Usage Data, to tailor features and content to you and to ensure content is presented in the most effective manner for you and your device and to run analytics and better understand your user experience with respect to the Services and, if you have opted into marketing, for marketing purposes. For further information, please refer to sections “Cookies” and “Tracking Tools”.

We may also use your information to provide the Services and perform our contract with you. In our legitimate interests to provide effective services to you, we may also use this data to create aggregated, anonymized, or de-identified data.

In addition to the foregoing, we may use any of your information to comply with any applicable legal obligations, to enforce any applicable terms of service, and to protect or defend the Services, our rights, and the rights of our users or others.

Information we may collect from third-party wallet extensions or connections:

Certain transactions conducted via our Services will require you to connect a compatible third-party digital Wallet to the Services. By using such Wallet to conduct such transactions via the Services, you agree that your access to, use of, connection to, and/or interactions with such third-party Wallets are governed by the privacy policy for the applicable Wallet, and you agree that you are using the Wallet in accordance with the terms and conditions of the applicable third-party provider of such Wallet.

Wallets are not maintained or supported by, or associated or affiliated with, the Organization. We expressly disclaim any and all liability for actions arising from your use of third-party Wallets, including but without limitation, actions relating to the use and/or disclosure of personal information by such third-party Wallets.

WHEN YOU APPLY FOR A JOB

If you submit an application by email, the Organization may process your personal data in order to consider your application and if your application proceeds, to contact you for interviews and engage in internal deliberations, discussions, negotiations, and planning. The Organization may also request personal data as necessary to perform a background, reference, or other check, solely as permitted by applicable law. The legal basis for the processing of your personal data in this context lies in such pre-contractual measures and the performance of an employment or service contract, as well as in our other legitimate interests related to safety, security, and measures relating to your actual or potential employment and provision of services. You can object to this processing at any time.

The Services may include a career section on the Website, with job descriptions for our current vacancies. When using an application mechanism on our Website, you may be redirected to a third-party website, where you may be asked to enter personal data, such as your first name, family name, email, phone, location, and information about your education, work history, preferences, statuses, and needs. You may be able to upload other application documents, such as your resume, on such website. If we use this website and any related portal and services, we will process your personal data for administration of your application. The legal basis for the processing of your personal data in this context lies in such pre-contractual measures and the performance of an employment or service contract, as well as in our other legitimate interests related to safety, security, and measures relating to your actual or potential employment and provision of services.

YOUR RIGHTS

Under applicable data protection laws, you may have certain rights in relation to your personal data. These rights may include the following:

1. Access to your personal data that the Organization holds, information on how we use it, and who we share it with;
2. Correction of your personal data that the Organization holds, subject to the Organization’s investigation and verification of any disputed information;
3. Deletion or removal of your personal data, in certain circumstances;
4. Objection to the processing of your personal data, in certain circumstances;
5. Restriction of processing of your personal data, to stop us from processing the personal data we hold about you other than for storage purposes, in certain circumstances;
6. Portability of your personal data; the Organization will endeavor to provide you, or a third party, with a copy of the personal data that we hold about you and transfer it to a third party in a structured, commonly used, machine-readable format;
7. Objection to marketing communications; you may opt out of marketing communications at any time by using any unsubscribe or opt-out functionalities displayed in our communications to you;
8. Withdrawal of consent, where the Organization is relying on consent to process personal data; this will not affect the processing of personal data carried out before consent is withdrawn or on legal bases other than consent.

You may submit a written request concerning the processing of your personal data to notices@eigenfoundation.org. The Organization shall use reasonable means to verify your identity before making any determination with respect to your request.

Please note that these rights apply only in certain circumstances and all of these rights may be limited by law. Such limitations may apply, for example, where fulfilling your request would adversely affect other individuals or our trade secrets or intellectual property, where there are overriding public interests, or where we are required by law to retain your personal data.

To the extent required under applicable data protection laws, the Organization will be responsive to your request without undue delay and where required under applicable data protection laws, at least within one month (though this may be extended by a further two months in certain circumstances).

SHARING OF PERSONAL DATA

In certain circumstances, we will share your information with third parties with your consent, as necessary, or as otherwise required or permitted by law. Specifically, we share your personal data:

• With service providers and vendors: The Organization may share your personal data with third parties to process on the Organization’s behalf. Such third parties include blockchain analysis service providers, know-your-customer and screening service providers, developers, content delivery service providers, and data analytics service providers. These service providers assist us with many different functions and tasks, including determining your eligibility with respect to participation in certain of the Services.

• When you request us to share certain information with third parties, with consent or to perform on a contract with you: With your permission, the Organization may share your personal data with relevant third parties.

• With professional advisors, in our legitimate interests or as required by law: As necessary, we will share your personal data with professional advisors such as auditors, law firms, cybersecurity specialists, data analysis organizations, and/or consulting or accounting firms.

• For legal and security reasons and to protect our services and business, in our legitimate interests or as required by law: We will share your personal data with regulators, law enforcement agencies, public authorities, or any other relevant organizations: (i) in response to a legal obligation; (ii) if we have determined that it is necessary to share your personal data to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries; (iii) to protect the interests of, and ensure the safety and security, of us, our users, a third party, or the public; (iv) to exercise or defend legal claims; and (v) to enforce our terms and conditions, other applicable terms of service, or other agreements.

• With our affiliates, in our legitimate interests: We may share your personal data with companies within our corporate family.

• In connection with an asset sale or purchase, merger, bankruptcy, or other business transaction or re-organization, in our legitimate interests: We will share your personal data with relevant third parties as necessary while negotiating or in relation to a change of corporate control such as a restructuring, merger, or sale of our assets.

As we are an international business, your personal information will be transferred to and stored or processed in countries outside the jurisdiction in which you live and reside, including outside the European Economic Area (“EEA”) and United Kingdom (“UK”), and including to the U.S., in order to provide the Services. Your personal information is also processed by staff operating outside the UK/EEA who work for us or for third-party service providers or partners. We will take steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this Policy. When we transfer your personal information to third parties located outside the EEA/UK, we seek to put in place appropriate safeguards to ensure that this transfer occurs in accordance with applicable laws. These measures include seeking entry into the standard contractual clauses (“SCCs”) approved by the European Commission (for transfers outside the EEA) and/or an international data transfer agreement/addendum to the SCCs approved by the UK Information Commissioner’s Office (“ICO”) (for transfers outside the UK), unless the data transfer is to a country that has been determined by the European Commission or the relevant UK authorities, as applicable, to provide an adequate level of protection for individuals’ rights and freedoms for their personal data.

RETENTION

We will retain your personal data as follows:

• Account data, if any, for as long as you keep your account open or as needed to provide you with our Services;
• If you contact us, for 12 months after you contact us;
• Your technical usage information, for 12 months; and
• Data on your use of our Website and our Services for 12 months.

In addition to the above, we will retain and use your personal data to the extent necessary to comply with our legal obligations, resolve disputes, investigate matters, and comply with and enforce our terms and conditions, other applicable terms of services, and our policies. If you stop using our Services or if you delete your account with us, we will store your information in an aggregated and anonymized format; we may use this information indefinitely without further notice to you.

CHILDRENS’ PRIVACY AND DATA PROTECTION

Children under the age of eighteen (18) are not permitted to use the Services, and we do not seek to or knowingly collect any personal data about children under thirteen (13) years of age (or sixteen (16) years of age for individuals in the EEA/UK). If we become aware that we have unknowingly collected information about any child under eighteen (18) years of age, we will make commercially reasonable efforts to delete such personal data and other information from our database. If you are the parent or guardian of a child under eighteen (18) years of age who has provided us with their personal data or other information, you may contact us using the below information to request that it be deleted.

SECURITY MEASURES TAKEN TO PROTECT PERSONAL DATA

Please be aware that despite our efforts to protect your personal data and other information, we cannot guarantee “perfect security” of your information transmitted through the Website. In addition, please note that any information you send to us electronically, while using the Services or otherwise interacting with us, may not be secure while in transit. Any transmission is at your own risk. You should carefully read any risk factors specified in any terms of services associated with your access to, use of, connection to, or interaction with the Services.

COOKIES, SCRIPTS, AND RELATED TECHNOLOGIES

When you access, use, connect to, or interact with the Services, including the Website, the Organization and its third-party service providers receive and record personal data that you may have provided and your digital signature, such as your IP Address or information associated with or relating to your Wallet.

What type of tracking technologies are used?

The technologies we use to track your activities with respect to our Services, including our Website, include cookies, tracking scripts and pixels, and tagging technologies (“Tracking Technologies”). These Tracking Technologies may be stored on your device or browser and may gain access to information stored on your device; they may also be used to collect your personal data. Tracking Technologies can remain on your device for different periods of time. Some exist only while your browser is open and are deleted automatically once you close your browser. Others are “permanent”, meaning that they survive after your browser is closed. They can be used to recognize your device when you open your browser and browse the internet again.

How do we use tracking technologies?

We use first-party and third-party Tracking Technologies. First-party Tracking Technologies are set directly by us whereas third-party Tracking Technologies are set by a third party (such as analytics providers or our advertiser and business partners). We use Tracking Technologies that perform the following functions:

• Essential Tracking Technologies: These are essential to the functioning of our Services, to provide a service requested by you or to comply with the law (e.g., the security requirements of an applicable data protection law). We do not need to obtain your consent in order to use these Tracking Technologies, and these Tracking Technologies cannot be turned off as we cannot provide the Services without them.

• Functionality Tracking Technologies: These allow us to remember choices you make and provide enhanced and personalized features (e.g., to show you when you are logged in).

• Performance Tracking Technologies: These enable us to collect information about your online activity (e.g., the duration of your use of the Services), including behavioral data and content engagement. They allow us to provide you with a better user experience and to maintain, operate, and continually improve the Services.

• Social Media Tracking Technologies: Our website may include social-media features and integrations. These features may be hosted by a third party or hosted directly on our Services (in which case you can manage them as explained below) and enable us or the social media platform to obtain information about how you interact with our Services or the social media platform. In addition, where we have a presence on social media platforms, those platforms will set Tracking Technologies on your device when you visit our pages on their platforms so that we can obtain statistical information about how you interact with our social media presence. The cookies policies of social media platforms should explain how you can manage the Tracking Technologies that they establish or you may also be able to manage these Tracking Technologies through your browser settings, as explained below.

We have set out below more details on the types of Tracking Technologies we and our partners use in connection with our Services and the purposes for which we use them (see “Tracking Tools”) below.

Changing your settings

We use Tracking Technologies when providing our Services to reasonably ensure that you benefit from a good experience. Some of these Tracking Technologies are essential, and we cannot provide our Services without them. Others are not essential, and you can turn them off and have the right to choose whether or not to accept them. However, if you choose to refuse Tracking Technologies, you may not be able to use our Services or the full functionalities of our Services.

Most internet browsers automatically accept cookies. However, you can configure your browser to control the way in which your devices permit the use of cookies, web beacons/clear gifs, and other geolocation tracking technologies. Information on how to configure the processing of cookies in desktop and mobile versions of certain browsers, including Microsoft Edge, Mozilla Firefox, Google Chrome, and Apple Safari, can be found at the following link: https://allaboutcookies.org/.

TRACKING TOOLS

Website Analytics Providers

We use website analytics service providers in connection with our Services, including our Website (“Analytics Service Providers”). Such Analytics Service Providers use methods that enable analyses of the use of the Services, including methods involving cookies. These methods generate information about your use of the Services, such as the following:

• The navigation path followed on the website
• The length of time you spend on the Website and any subpages
• The subpage from which you leave the website
• The country, region, or city from which you access the website
• Information about the end device (type, version, color depth, resolution, width and height of the browser window)
• Information on whether you are a returning or new visitor
• Your browser provider/version
• The operating system used
• The referrer URL (previously visited website)
• The host name of the accessing computer (IP Address)
• Time of the server request

The personal data and other information collected is used to evaluate the use of the Services, to provide services with respect to our Services, and to compile reports on Services activities, including Website and internet use, for purposes relating to research and design of the Services. Analytics Service Providers may transfer this information to third parties, where permitted or required to do so by law, or where such third parties process the information on any Analytics Service Provider’s behalf.

The legal basis for processing data for the above purposes is your consent, which you give us by accessing, using, connecting to, or interacting with the Services. You can revoke your consent at any time.

You can also prevent certain Analytics Service Providers from collecting and processing personal data generated by certain types of cookies with respect to the use of the Services, including by downloading and installing certain browser plug-ins. When you use such a plug-in, an opt-out cookie will be stored on your device. If you delete all cookies, the applicable link must be clicked again.

Content Delivery Networks

In connection with our provision of the Services, we use the services and functionalities of a globally distributed content delivery network (“Global CDN”), with a domain name service. The Global CDN creates copies of certain of our Services, including the Website, and places them on their own servers. When you access, use, connect to, or interact with the Services, including the Website, you are automatically connected to the Global CDN’s nearby servers, which deliver the data. This significantly reduces the loading time. The information processed may include, but is not limited to, personal data and IP Addresses, system configuration information, and other information about traffic to and from our websites, devices, applications, and/or networks (collectively, “Log Data”). In addition, the Global CDN may store server and network activity data, as well as observations and analytics collected by the Global CDN in the course of providing the services (collectively, “Operational Metrics”). Examples of Operational Metrics include service availability and service uptime metrics, request volumes, error rates, cache rates, and IP threat scores. The Global CDN uses and processes end user Log Data to fulfil its obligations. We may use the Global CDN to increase the speed of our Services and at the same time reduce latency and in this way, improve or optimize the user experience with our Services. Any such data processing takes place on the basis of our legitimate interests. You can object to this data processing at any time. You can also deactivate or block the cookies set by these services as indicated in the section “Cookies”.

SOCIAL MEDIA AND OTHER THIRD-PARTY WEBSITES AND LINKS

On the Website, the Organization may provide links to websites or online platforms operated by third parties, including social media or content platforms operated by third parties, such as X (formerly Twitter) or Medium (such platforms, generally, “Social Media Platforms”). The Organization also may provide links to websites or online platforms operated by third-party contributors to the EigenLayer protocol and ecosystem (“Contributors”). We do not own, operate, or control such third-party websites. If you follow links to sites not owned or operated by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy, security, or content of these sites, including the accuracy, completeness, or reliability of information and services found on these sites.

Please note that third parties and Contributors may provide services, information, dashboards, websites, tools, functionalities, and applications, such those available through eigenlayer.xyz and its subdomains, and these may be linked from time to time through our Services or through our accounts on Social Media Platforms. Such third parties and Contributors are independent and as such, we do not own, operate, or control their services, information, dashboards, websites, tools, functionalities, and applications and cannot guarantee, and are not responsible for, the privacy, security, or content of these sites or the accuracy, completeness, or reliability of services, information, dashboards, websites, tools, functionalities, and applications found on these sites. Our inclusion of links, including through Social Media Platforms, does not, by itself, imply any endorsement of such services, information, dashboards, websites, tools, functionalities, and applications, or of their owners, operators, or publishers, except as disclosed on the Services.

When you open a link to a Social Media Platform used by the Organization, a direct connection may be established between your browser and the server of the Social Media Platform. This provides the Social Media Platform with information that you visited our Website with your IP Address and accessed the link. If you access a link to a Social Media Platform while logged-in to your account on the Social Media Platform concerned, the content of our website may be linked to your profile on the platform (i.e., the Social Media Platform may link your visit to our website directly to your user account). If you want to prevent this, you should log out before clicking on the relevant links. In any case, an association takes place when you log-in to the relevant Social Media Platform after clicking on the link.

In addition, please note that personal data and other information you provide on public or semi-public venues, including personal data and other information you share or post on Social Media Platforms or in a public forum, may be accessible or viewable by other users of the Services and/or users of third-party platforms without limitation as to use by us or by such third party. Certain technologies may provide access to personal data and information shared or posted on Social Media Platforms or in a public forum after such data or information is deleted.

PERIODIC REVIEWS AND UPDATES TO POLICY

This Policy takes into account the requirements of the Cayman Islands Data Protection Act 2021 and general Privacy Principles. Individuals located in the European Union (“EU”) and the United Kingdom (“UK”) may have rights under the EU General Data Protection Regulation 2016/679 and the UK General Data Protection Regulation, respectively (collectively, the “GDPR”). Please note that you can file a claim with the data protection supervisory authority in the EEA country in which you live or work or where you think we have infringed data protection laws, or with the UK Information Commissioner’s Office, as applicable to you. Other applicable global privacy and data-protection laws may provide you rights with respect your personal data and other information.

The Organization may review and update this Policy from time to time. Updates to our Policy will apply only to information collected after the date of the change. If we make material changes to the Policy, we will note on our Website that the Policy has been updated and update the “Last Revised” date at the top of this Policy.

CONTACT

Should you have any questions or complaints about our privacy or data-protection practices, your personal data, or this Policy, please email us at notices@eigenfoundation.org.