PRIVACY POLICY

Last Updated: July 10, 2023
Effective: July 10, 2023

INNOVART PTE. LTD. (“KNOWHERE”, “we”, “us”, “our'') provides this Policy to keep you informed regarding how we collect, use and/or disclose your personal data so that you know and understand the purposes for which we may collect, use and/or disclose your personal data. By accessing the website at https://www.knowhere.io/ and any sub-domains (the site), you agree and consent to KNOWHERE, its related corporations, business units and affiliates, as well as their respective representatives and/or agents (collectively referred to herein as we, us or our), collecting, using, disclosing and sharing amongst themselves the personal data, and to disclosing such personal data to relevant third party providers. This Policy supplements but does not supersede nor replace any other consent which you may have previously provided to us nor does it affect any rights that we may have at law in connection with the collection, use and/or disclosure of your personal data. We may from time to time update this Policy to ensure that this Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your rights at law, the prevailing terms of this Policy shall apply. For the avoidance of doubt, this Policy forms part of the terms and conditions governing your relationship with us and should be read in conjunction with such terms and conditions.

If you choose to use our Services, then you agree to the collection and use of information in relation to this Policy. The Personal data that we collect is used for providing and improving the Services. We will not use or share your information with anyone except as described in this Policy.

The capitalized terms used in this Policy have the same meanings as in our Terms and Conditions, which is accessible at KNOWHERE unless otherwise defined in this Policy. “NFT” in this Policy means a non-fungible token or similar digital item implemented on a blockchain (such as the Ethereum blockchain), which uses smart contracts to link to or otherwise be associated with certain content or data.

"Personal data" means data, whether true or not, about an individual who can be identified (i) from that data, or (ii) from that data and other information to which the organization has or is likely to have access. Some examples of personal data that we may collect are:

- social media handles and other social media profile information);

- contact details such as e-mail address;

- information or details regarding digital assets held;

- particulars of digital wallet addresses (including transactions performed by said digital wallet addresses), public cryptographic key relating to digital wallet addresses on distributed ledger networks and/or similar information;

- information about your use of our services and Website, and specific user interactions with the site such as features utilized, areas visited or clicked on, and time spent;

- usernames and password, third party account credentials (such as your Facebook login credentials, Google login credentials), Internet Protocol (IP) address, and geographical location;

- browser type and version, operating system used by the accessing system, internet service provider of the accessing system, the site from which an accessing system reaches our website (i.e. "referrers"), mobile device ID, location of access, or other similar data and information;

- behavior such as pages (and sub-page) visited, time and date of your visit, time spent on each page, and other diagnostic data; and/or

- personal opinions made known to us (e.g. feedback or responses to surveys).

Personal data will be automatically collected when you interact with our services, access the site, interact with other users of our services, open an email from us or fill in any form or survey, register a user account or update a user account that you registered with us, engage with us (whether through live chat, message, phone call, email, social media accounts, attendance at in-person events, opting-in to receive our marketing messages, or subscribing to our mailing lists), or make a purchase from us.

To the extent permitted by law, we may also obtain other information about you such as contact information, change of address or demographic information from commercially available sources.

1. Information Collection

In the course of using the Services, we collect personal data in connection with your registration, such as your name, email address that you provide to us at the time of registration. We also collect your blockchain address and wallet type, which may become associated with personal data when you use our Service. If we use your personal data for purposes not described in this policy, we will inform you in a reasonable way and obtain your consent before using it.

We may combine the information we receive from you with information we obtain from third parties. For example, third-party wallet providers provide us with your blockchain address and certain other information you choose to share with those wallets providers. And we may combine this information with other personal data we obtain about you. If we do so, this policy also governs the combined information.

Device Information: Includes name of the device, operating system, and browser you are using. Information collected may depend on the type of device you use and its settings.

Log Data: Information that your browser automatically sends whenever you use our website (“log data”). Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interacted with our website.

Usage Data: We may automatically collect information about your use of the Services, such as the types of content that you view or engage with, the features you use and the actions you take, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, computer connection, IP address, and the like.

2. Methods of collection.

We collect non-personal data passively using technologies such as standard server logs, cookies, and clear GIFs (also known as “Web beacons”). When you visit our site or use our Services, we may send one or more cookies – a small file containing a string of characters – to your computer that uniquely identifies your browser or recognizes a cookie that is already on your machine. We use cookies to improve the quality of our Services by storing user preferences and tracking user trends and customizing your experience. Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some Services may not function properly if your cookies are disabled. Also, please be aware that third parties may set cookies on your hard drive or use other means of passively collecting information about your use of their services or content. We do not have access to, or control over, these third-party means of passive data collection.

If we directly combine any non-personal data gathered through passive means with personal data, we treat the combined information as personal data under this policy. Otherwise, we use information collected by passive means in aggregated or other non-personally identifiable forms.

3. Information Use

KNOWHERE is keen to provide better Services. Personal data that we collect is to provide and improve our Services, please see the following section to check how we use personal data:

3.1 To provide Services and help to complete your transactions and delivery, but not limited to, helping you view, explore, and create NFTs using our tools and, at your own discretion, connect directly with others to purchase, sell, or transfer NFTs on public blockchains.

3.2 To inform you of KNOWHERE newsletters, marketing materials, promotional activities and other information may be in your interest.

3.3 To send you notifications related to actions on the Service, including notifications of offers on your NFTs;

3.4 To display your username next to the NFTs currently or previously accessible in your third-party wallet, and next to NFTs on which you have interacted;

3.5 To comply with law enforcement and keep you safe and satisfying on KNOWHERE.

3.6 To improve our Services, to develop new products and Services, to tailor your user experience.

We may use your email address to deliver product information and marketing messages. If you do not want to hear from us about the marketing communications, you may opt out of receiving these messages by following the instructions provided in the email.

In addition, we will use AIGC to improve services. We do not use Content that you provide to or receive from our API (“API Content”) to develop or improve our Services. We may use Content from Services other than our API (“Non-API Content”) to help develop and improve our Services.

4. Information Sharing

We may provide personal data to our subsidiaries, our ultimate holding company, and its subsidiaries, who support our processing of personal data in order to provide Services to you under this policy, where necessary for our legitimate interests if we have considered these are not overridden by your rights. If any of these parties are using your information for direct marketing purposes, we will only transfer the information to them for that purpose with your prior consent.

We may use the non-personal data we collect, such as public information observed from Blockchains. We collect data from activity that is publicly visible and/or accessible on blockchains. This may include blockchain addresses and information regarding purchases, sales, or transfers of NFTs, which may then be associated with other data you have provided to us. And we use this information to provide, improve, and develop our Services, to make sure you are safe on KNOWHERE, to prevent inappropriate usage, and for other purposes described in this policy. Please be aware that we may share it with third parties in order to carry out a user’s request.

Our selected third parties may include:

4.1 Analytics and search engine providers that assist us in the improvement and optimization of our site and subject to your consent and the cookie section of this policy (this will not identify you as an individual).

4.2 Where necessary for a contract, business partners who jointly with us provide Services to you and with whom we have entered into agreements in relation to the processing of your personal data (as detailed under the business partners' privacy policy).

4.3 Payment processing providers who provide secure payment processing Services. Note your payment card details are not shared with us by the provider.

4.4 Other parties in your direction.

4.4.1 Other users (where you post information publicly or as otherwise necessary to affect a transaction initiated or authorized by you through the Services).

4.4.2 Social media Services (if you intentionally interact with them through your use of the Services).

4.4.3 Third-party business partners who you access through the Services.

4.4.4 Other parties authorized by you.

5. Data Security
In an effort to prevent unauthorized access, ensure the correct use of information, we have put in place physical, electronic, and managerial procedures to safeguard and secure the information we collect online. Please be aware, however, that no data transmissions over the Internet or other networks can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security or integrity of any information you transmit to us. You transmit information to us at your own risk. Once we receive personal data, we make reasonable efforts to protect it from unauthorized access, disclosure, alteration, or destruction. But we cannot represent or guarantee that personal data will not be accessed, disclosed, altered, or destroyed.
5.1 You are responsible for the security of your crypto wallet, and we urge you to take steps to ensure it is and remains secure. If you discover an issue related to your wallet, please contact your wallet provider.

5.2 A note about accuracy: Services like AIbot generate responses by reading a user’s request and then predicting the next most likely words that might appear in response. In some cases, the most likely next words may not be the most factually accurate ones. For this reason, you should not rely on the factual accuracy of output from our models. Given the technical complexity of how models work, we may not be able to correct the inaccuracy.

5.3 . Your message

5.3.1 Secret Chats

Secret chats use end-to-end encryption. This means that all data is encrypted with a key that only you and the recipient know. There is no way for us or anybody else without direct access to your device to learn what content is being sent in those messages. We do not store your secret chats on our servers. We also do not keep any logs for messages in secret chats, so after a short period of time we no longer know who or when you messaged via secret chats. For the same reasons secret chats are not available in the cloud — you can only access those messages from the device they were sent to or from.

5.3.2 Media in Secret Chats

When you send photos, videos or files via secret chats, before being uploaded, each item is encrypted with a separate key, not known to the server. This key and the file’s location are then encrypted again, this time with the secret chat’s key — and sent to your recipient. They can then download and decipher the file. This means that the file is technically on our servers, but it looks like a piece of random indecipherable garbage to everyone except for you and the recipient. We don’t know what this random data stands for and we have no idea which particular chat it belongs to. We periodically purge this random data from our servers to save disk space.

5.3.3 End-to-End Encrypted Data

Your messages, media and files from secret chats are processed only on your device and on the device of your recipient. Before this data reaches our servers, it is encrypted with a key known only to you and the recipient. While our servers will handle this end-to-end encrypted data to deliver it to the recipient, we have no ways of deciphering the actual information. In this case, we neither store nor process your personal data, rather we store and process random sequences of symbols that have no meaning without the keys which we don’t have.

5.3.4 Translation of Chats

Users can choose to translate a specific text message into a different language by tapping “Translate” in the action menu of the message (to enable this option, a user should first turn on Translation services in the Settings > Languages section of the application). Users can also optionally enable automatic live translation on any chat, group or channel.

Since KNOWHERE may rely on a third-party, Google Translate, for automatic translation of messages, the text of any message or set of messages that users choose to translate may be shared with Google in order to obtain their translated versions. Google will only access the data to provide a translation and will not use it for any other Google products, services, or advertising.

5.3.5 Message Deletion

In a secret chat, deleting a message always instructs the application on the other end to delete it as well. Either party can choose to delete a message sent in a one-to-one chat, for both parties. There is no time limit. In a group channel, deleting a message deletes it for all participants. Note that the original version of a message deleted in a non-secret chat is saved after deletion for display in the administrator log.

5.3.6 Self-Destructing Messages

Messages in Secret Chats can be ordered to self-destruct. As soon as such a message is read, the countdown starts. When the timer expires, both devices participating in a secret chat are instructed to delete the message (photo, video, etc.). Media with short timers (less than a minute) are shown with blurred previews. The timer is triggered when they are viewed.

Blockchain technology, also known as distributed ledger technology (DLT), is at the core of our business. Blockchains are decentralised and made up of digitally recorded data in a chain of packages called "blocks". The manner in which these blocks are linked is chronological, meaning that the data is very difficult to alter once recorded. Since the ledger may be distributed all over the world (across several "nodes" which usually replicate the ledger) this means there is no single person making decisions or otherwise administering the system (such as an operator of a cloud computing system), and that there is no centralised place where it is located either.

Accordingly, by design, a blockchain’s data cannot be changed or deleted and is said to be "immutable". This may affect your ability to exercise your rights such as your right to erasure ("right to be forgotten"), or your rights to object or restrict processing of your personal data. Data on the blockchain cannot be erased and cannot be changed. Although smart contracts may be used to revoke certain access rights, and some content may be made invisible to others, it is not deleted.

In certain circumstances, in order to comply with our contractual obligations to you (such as delivery of tokens or provision of other services) it will be necessary to collect certain personal data, such as your wallet address, onto the blockchain; this is done through a smart contract and requires you to execute such transactions using your wallet’s private key.

The ultimate decision to (a) transact on the blockchain using your wallet address, as well as (b) share the public key relating to your wallet address with anyone (including us) rests with you. IF YOU WANT TO ENSURE YOUR PRIVACY RIGHTS ARE NOT AFFECTED IN ANY WAY, YOU SHOULD NOT TRANSACT ON BLOCKCHAINS AS CERTAIN RIGHTS MAY NOT BE FULLY AVAILABLE OR EXERCISABLE BY YOU OR US DUE TO THE TECHNOLOGICAL INFRASTRUCTURE OF THE BLOCKCHAIN. IN PARTICULAR THE BLOCKCHAIN IS AVAILABLE TO THE PUBLIC AND ANY PERSONAL DATA SHARED ON THE BLOCKCHAIN WILL BECOME PUBLICLY AVAILABLE.

6. Third-Party Sites and Services
Our Services may contain links to and interoperate with third-party sites and Services. Any links to or interoperability with third-party sites or Services are provided for your convenience only, and we do not have control over the content or privacy and security practices and policies of such third parties. Any personal data that you provide to any other third party is subject to that third party’s privacy practices and policies, not this policy. We encourage you to learn about their privacy and security practices and policies before providing them with personal data.
7. Third-Party Wallets
To use our Service, you must use a third-party wallet which allows you to engage in transactions on public blockchains. Your interactions with any third-party wallet provider are governed by the applicable terms of service and privacy policy of that third party.
8. Business Transfers
Information about our users, including personal data, may be disclosed as part of any merger, acquisition, debt financing, sale of company assets, or similar transaction, as well as in the unlikely event of an insolvency, bankruptcy, or receivership in which personal data.
9. Information Retention
We may retain personal data for as long as we have a business need for it or as applicable laws or regulations or government orders require us to retain it. Additionally, the Services may enable you (or other users) to save information including information that you have made public or allowed certain users to access or see.

When we no longer need to use personal data, we will remove it from our systems and records and/or take steps to anonymise it so that you can no longer be identified from it.

10. Data Access and Control
You can view, access, edit, or delete your personal data for certain aspects of the Service via your Settings page. You may also have certain additional rights:
10.1 NEVADA PRIVACY RIGHTS: If you are a Nevada resident, you have the right to request that we do not make certain sales of personal data that we have collected, or may collect, from you. You can exercise this right by contacting us at cs@knowhere.io. Please note that we do not currently sell your personal data as sales are defined in Nevada Revised Statutes Chapter 603A.
10.2 EU-U.S. AND SWISS-U.S. PRIVACY SHIELD: We comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, as applicable (collectively, the “Privacy Shield Framework”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from European Economic Area (“EEA”) member countries and/or Switzerland, as applicable, to the United States. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement, and liability. If there is any conflict between the policies in this Policy and the Privacy Shield Principles, the Privacy Shield Principles will govern. To learn more about the Privacy Shield program and to view our certification page, please visit https://www.privacyshield.gov. The Federal Trade Commission has jurisdiction over our compliance with the Privacy Shield Framework. We are accountable for information that we receive under the Privacy Shield Framework and subsequently transfer to a third party. We may transfer information provided by KNOWHERE Users to third parties described above in this Policy. We are responsible under the Privacy Shield Principles if third parties to whom we transfer information to process this information on our behalf do so in a manner inconsistent with the Privacy Shield Principles. In cases of onward transfer to third parties of personal data of EEA or Swiss individuals received pursuant to the EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield, respectively, we are potentially responsible. We may also be required to disclose information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
EEA and Swiss individuals have the right to access the personal data (as that term is defined in the Privacy Shield Framework) that we maintain about you, and you may be able to correct or amend that information if it is inaccurate or has been processed in violation of the Privacy Shield Principles, to the extent allowed by law. To exercise this right, please email cs@knowhere.io.
In compliance with the Privacy Shield Principles, we commit to resolving complaints about our collection or use of your personal data. EEA and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at cs@knowhere.io.
For any complaints that cannot be resolved with us directly, we commit to cooperate with EEA data protection authorities and the Swiss Federal Data Protection and Information Commissioner, as applicable and comply with the advice given by EEA data protection authorities and/or the Swiss Federal Data Protection and Information Commissioner with regard to data transferred from the EEA and Switzerland, as applicable. A binding arbitration option may also be made available to you in order to address Privacy Shield complaints not resolved by any other means.
Retention of the personal data of EEA individuals will be handled in accordance with our data retention policy. Where we process personal data of EEA individuals as a data controller, such individuals: (i) may have the right to request access to and rectification or erasure of personal data by emailing cs@knowhere.io; (ii) may restrict the processing of personal data, object to processing, and/or exercise the right of data portability; and (iii) may have certain rights to withdraw consent without affecting the lawfulness of processing and the right to lodge a complaint with a supervisory authority. For any requests or information regarding the rights set out above, please contact us by emailing us at cs@knowhere.io.
10.3 CALIFORNIA PRIVACY RIGHTS: This section contains disclosures required by the California Consumer Privacy Act (“CCPA”) and applies only to “personal data” that is subject to the CCPA. Consumers with disabilities may access this notice by contacting cs@knowhere.io for an alternative format of this notice. Personal data We Collect and Disclose for a Business Purpose. We collect the categories of personal data about California consumers identified below. A. Personal and online identifiers (such as first and last name, email address, or unique online identifiers); B. Categories of information described in Section 1798.80(e) of the California Civil Code (such as phone number, bank account number, credit card number, or debit card number); C. Characteristics of protected classifications under California or federal law (such as age); D. Commercial or transactions information (such as records of personal property or products or Services purchased, obtained, or considered); E. Internet or other electronic network activity information (such as browsing history, search history, interactions with a website, email, application, or advertisement); F. Geolocation information. G. Inferences are drawn from the above information about your predicted characteristics and preferences. In the past 12 months, we have disclosed all of the categories of California consumers’ personal data described above to third parties for business or commercial purposes, as described in more detail below under “Recipients of California Personal data”.
10.4 Notwithstanding the above, we cannot edit or delete any information that is stored on a blockchain, for example the Ethereum blockchain, as we do not have custody or control over any blockchains. The information stored on the blockchain may include purchases, sales, and transfers related to your blockchain address and NFTs held at that address.
11. International data transfers

We are based in the United States, and we process and store information on servers located in the United States. We may also store information on servers and equipment in other countries depending on a variety of factors, including the locations of our users and service providers. These data transfers allow us to provide our services to you. By accessing or using our services or otherwise providing information to us, you understand that your information will be processed, transferred, and stored in the U.S. and other countries, where different data protection standards may apply and/or you may not have the same rights as you do under local law.

When transferring data outside the EEA, we use standard contract clauses, and we rely on the European Commission's adequacy decisions about certain countries, as applicable, or other legally compliant mechanisms or conditions for such data transfer.

We also adhere to the EU-U.S. and Swiss-U.S. Privacy Shield Program and comply with its framework and principles. Although the EU-U.S. Privacy Shield Program is no longer a valid basis for certain international data transfers, we continue to comply with the Privacy Shield framework and principles with respect to personal data received from the EU in addition to all other applicable laws.

12. Our Policy towards Children
We do not knowingly collect Personal data from children under 13. The Services is not directed to children under the age of 18 and all behaviors under web3 service require the account holder to be at least 18 years old. Minors who are at least 13 years old but are under 18 years old may use a parent or guardian’s account, but only with the involvement of the account holder. If you believe that we might have any personal data from a child under 13, please contact us. If we become aware that a child under 13 has provided us with Personal data, we will delete such information from our files.
13. Changes and Updates
Please notice that we may update this policy from time to time. We will revise the “latest updated” date at the top of this policy when we do so. Still, we highly encourage you to review this policy to stay informed.
14. How to Contact Us
If you have any questions, comments, or concerns about this Policy, please contact us using the following contact information:
INNOVART PTE. LTD. 112 ROBINSON ROAD #03-01 ROBINSON 112 SINGAPORE
Email address: cs@knowhere.io