Data Protection Declaration

Data Protection Declaration of Lab10 Collective eG, Strauchergasse 13, 8020 Graz, Austria ("Lab10"; "we") concerning the website https://artis.eco/en/ ("Website").

Thank you for your interest in the services of Lab10. The protection of your privacy and thus the protection of your (personal) data is our highest priority. The following declaration is intended to inform you comprehensively on what (personal) data we collect while using our services as well as how we deal with it and which rights you have within this context. Our Data Protection Declaration complies with the General Data Protection Regulation of the European Union ("GDPR").

Data protection regulations must always be observed when personal data is processed. For the scope of this Data Protection Declaration, the definitions of the GDPR are relevant. Thus, the "processing" of personal data essentially includes any handling of the same. As far as data processed by us are human-related and—even if only through third parties, in a summary or by means of additional knowledge—make you identifiable as a person (in particular, have your full name brought to light), it is basically personal data. This terminology may also apply to IP addresses as long as they allow e.g. Internet Service Providers such identification.

This Data Protection Declaration refers exclusively to the above mentioned website. If you are forwarded to other websites via links on our Website, please inform yourself directly on the target page about the respective handling of your personal data. We cannot assume any responsibility or liability for the content of third party websites that are linked via our Website.

1.1 Data Processing related to the (mere) visit of the Website

When you visit our website, we collect the following data: IP address.

You may use our Website without providing any information about yourself. When accessing our Website, we will only process data regarding the access (e.g. IP-Address, surfing behaviours, additional meta data, date and time of retrieval, volume of transferred data, requesting provider) in server log files. This data processing is carried out for the purpose of visitor traceability, technical safety and improving the quality of our offer (statistical, verification and organizational purposes) and is based on Art 6 paragraph 1 lit f GDPR (legitimate interests, namely achieving the above-mentioned purposes).

1.2 Data Processing following the Participation in the Initial Token Offering

If you decide to participate in Our Initial Token Offering ("ITO"), which will consist of a public offer period beginning on 31 May 2018 13:37 UTC+2 and ending on 26 October 2018 13:37 UTC+2, and a non-automated private offer period starting on 31 March 2018 13:37 UTC+2 and ending on 26 October 2018. In this context, we will collect certain data (see below) in order to provide our services.

For more detailed information on the ITO please review the Website, our Economic Paper, as well as your Token Reservation Agreement and Token Offer Document.

To participate, you are required to indicate the address of your Ethereum wallet, your date of birth, nationality, e-mail-address, full name, full address. In case of a legal entity, the mentioned data except the Ethereum wallet are required from the beneficial owner and in addition, name of the legal entity and Ethereum wallet of the legal entity must be mentioned. Wallet addresses are not considered personal data. These data serve the purpose of processing the Purchase Offer and executing the Token Purchase Agreement (Art 6 para 1 lit b GDPR, "necessary for the performance of a contract") and are further required by FTV to fulfil all relevant legal requirements such as KYC checks (Art 6 para 1 lit c GDPR, "necessary for compliance with legal obligations to which the controller is subject"), whereas they – without any legal obligation or necessity as regards our data processors to fulfil the contracts – will not be transferred to third parties.

Your personal data will be stored for as long as we reasonably consider necessary for performing the ITO and as is permissible under applicable law. We will, in any case, retain your personal data for as long as there are statutory retention obligations or potential legal claims are not yet time-barred.

2. Rights of the Data Subject

A central aspect of data protection regulations is the implementation of adequate opportunities to allow for the disposition of personal data, even after the processing of said personal data has occurred. For this purpose, a series of rights of the data subject are set in place. Lab10 shall comply with your corresponding requests to exercise your rights without undue delay and in any event within one month of receipt of the request. To ensure the exercise of your rights, we provide for a contact address where you can exercise those rights in an easy manner: Please write an e-mail with your request to privacy@lab10.coop. Specifically, the following rights are entailed:

(i) Right to information and access to personal data: should you exercise your right to information, we shall provide you with all relevant information regarding the processing of your personal data byLab10, permitted to the extent of the law. As we are processing very little personal data in order to provide our services, we may not be able to identify your person by any means. Thus, we may only be able to provide information by requesting additional data to verify your status. This may apply to the other rights of the data subject as well.

(ii) Right to rectification: With this right, you may request the rectification of inaccurate or incomplete personal data (e.g. email addresses).

(iii) Right to erasure: We are obliged to delete personal data (name, email address) upon your re-quest as you may withdraw your consent at any time.

(iv) Right to restriction of processing: restriction may be requested (i) for a verification period if the accuracy of the data is contested, (ii) if the processing is unlawful.

(v) Right to lodge a complaint with a supervisory authority.

Please also note that we may not be able to comply with your request due to compelling reasons worthy of protection for processing (balancing of interests) or processing due to the assertion, exercise or defence of legal claims (on our part). The same applies in the case of excessive requests, whereby a fee may be charged here as well as in the processing of manifestly unfounded requests.

3. Data Security

Lab10 will protect processed data adequately against unauthorized access (of third parties) in accordance with the provisions of the legal framework of Austria as well as the European Union. We will only process data which are essential to provide our services. Measures are taken with regard to (i) the quantity of data collected, (ii) the extent of data processing, (iii) the storage time as well as (iv) the accessibility of data. Data will not be used or stored by other means than set out in this Data Protection Declaration and are made accessible only to a restricted and necessary number of persons, whereby any processing of personal data is strictly limited to the specified and legitimate purpose. All employees of Lab10 have been informed about applicable data protection provisions as well as data security measures and are bound to our privacy practices. Our web presence and other systems are adequately protected by a variety of security mechanisms.

Lab10 will not transfer any of your personal data to third parties without explicit prior consent. However, if processing of personal data in the future should be carried out on behalf of Lab10 by a so called processor (a third party), this processing will be governed by specific contracts obliging the processor to comply with our Data Protection Declaration, to effectively ensure the protection of your rights as described above.

4. Data transmission

For the purposes explained in this Data Protection Declaration, we will transfer your (personal) data to recipients of the following categories:

Within our organisation, those departments or employees who need your data to fulfil their contractual or legal obligations and as a result of data processing based on our legitimate interests, will receive it.

Furthermore, (external) contractors commissioned by us receive your data if they require the data to provide their respective service (whereby access to personal data is sufficient). All contractors are contractually obliged to treat your data confidentially and to process it only within the scope of the provision of services. This includes the following categories of recipients:

  • IT Support
  • Hosting Provider

If we use contract processors, they are bound to our data protection practice as previously mentioned and will treat your personal data strictly confidential. Under no circumstances will they transmit your data to third parties or use it for purposes other than those intended to fulfil their obligations towards Lab10 or in accordance with our express instructions without our express consent.

5. Cookies

Our Website does not use "cookies".

6. Newsletter

If you wish to subscribe to our newsletter, please use the following link: https://artis.eco/en/newsletter. For this purpose, we must collect and store your e-mail-address. Your e-mail address is required to send the newsletter (Art 6 paragraph 1 lit b GDPR). There is no necessity to indicate any other (personal) data. You can unsubscribe from our newsletter at any time by visiting https://artis.eco/en/unsubscribe or clicking the respective button at the end of each newsletter. After such unsubscription-procedure, your data will be deleted, if it has not been legally collected for other purposes as well. We will in no event issue newsletters to email addresses which have not been registered beforehand.

7. Links to websites of third parties

As far as the Website contains external links, we hereby indicate that these third-party websites are not subject to the influence and control of Lab10. We disclaim all liability for losses or obligations related to the use of these third-party websites. We are not responsible for the contents, availability, correctness, or accuracy of these websites, nor for their offerings, links, or advertisements.

8. Contact details regarding Data Protection Issues

In case you have any questions concerning Lab10's Data Protection Declaration or if you would like to exercise your right of information, rectification or deletion, please send us a written request outlining your desire to:
Lab10 Collective eG
Strauchergasse 13
8020 Graz
Austria
E-Mail: office@lab10.coop

 

Join our Slack Community, Telegram Channel or subscribe to our Newsletter.