Open Web Sandbox Privacy Policy
Hello. We are the Open Web Sandbox. Here's how we protect your data and respect your privacy.
Our role in your privacy
If you are a Bearer customer or subscriber, or just visiting our website, this policy applies to you.
Our responsibilities
If you are a visitor to our website we act as the ‘data controller’ of personal data. This means we determine how and why your data is processed. The OWS operates as a community inside of the NEAR Protocol ecosystem.
Your responsibilities
- Read this Privacy Policy.
- If you provide us with personal information about other people, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. By submitting the information, you confirm that you have the right to authorise us to process it on your behalf in accordance with this Privacy Policy.
When and how we collect data
From the first moment you interact with the OWS, we are collecting data. Sometimes you provide us with data, sometimes data about you is collected automatically.
Here’s when and how we do this:
WE COLLECT
You request a demo of Bearer
We call you
You use Bearer
You receive emails from us
You chat with us for customer support
You opt-in to marketing messages
We email you
You collaborate with our Project Opportunities
You browse any page of our website
You contact us
You contact us via Discord, email, or the NEAR Forum
Types of data we collect
Your name, Discord handle, email address, skills, background, country.
Contact details
NEAR Wallet address.
Financial information
Your IP address, NEAR Forum account information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version, etc.
Data that identifies you
Your URL clickstreams (the path you take through our site), pages viewed, page response times, download errors, how long you stay on our pages, what you do on those pages, how often, and other actions.
Data on how you use our website
We don’t collect any "sensitive data" about you (like racial or ethnic origin, political opinions, religious/philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about your sexual life or orientation, and offences or alleged offences) except when we have your specific consent, or when we have to comply with the law.
What about really sensitive data?
The Legal Guild is a business-to-business community directed to and intended for use only by those who are 18 years of age or over. We do not target the Legal Guild at children, and we do not knowingly collect any personal data from any person under 16 years of age.
What about children’s data?
How and why we use your data
Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:
Anser you requests
Managing your requests (either to collaborate as a member of the OWS or submitting a concrete request to us).
Legal basis for this data usage:
Legitemate InterestsImproving our community
Testing features, interacting with feedback platforms and questionnaires, managing landing pages, heat mapping our site, traffic optimization and data analysis and research and other techniques over your data and in some cases using third parties to do this.
Legal basis for this data usage:
Legitimate InterestsCommunity Support
Notifying you of any changes to our activities, solving issues via instant app support, phone or email including any bug fixing.
Legal basis for this data usage:
Legitimate InterestsMarketing Purposes (With your Consent)
Sending you emails and messages about new features, products and services, and content.
Legal basis for this data usage:
ConsentHere is what each of these "legal bases" mean:
Consent
You have given clear consent for you to process your personal data for a specific purpose.
You can change your mind!
If you have previously given consent to our processing your data you can freely withdraw such consent at any time. You can do this by contacting us via the Contact Form below.
If you do withdraw your consent, and if we do not have another legal basis for processing your information, then we will stop processing your personal data. If we do have another legal basis for processing your information, then we may continue to do so subject to your legal rights.
Legitimate interests
Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:
- Gaining insights from your behaviour on our website or in our app.
- Delivering, developing and improving the Bearer service.
- Enabling us to enhance, customise or modify our services and comms.
- Determining whether marketing campaigns are effective.
- Enhancing data security.
In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests.
Your privacy choices and rights
YOUR CHOICES
If you choose to do this, you can continue to use the website and browse its pages, but we will not be able to process transactions without personal data.
You can choose not to provide us with personal data
You can block cookies by activating a setting on your browser allowing you to refuse cookies. You can also delete cookies through your browser settings. If you turn off cookies, you can continue to use the website and its pages, but OWS and certain features will not work effectively.
You can turn off cookies in your browser by changing its settings
We will inform you (before collecting your data) if we intend to use your data for marketing and if third parties are involved. You can opt out from marketing by contacting us using the Contact Form.
You can ask us not to use your data for marketing
Your Rights
You can exercise your rights by contacting us using the Contact Form.
This includes the right to ask us supplementary information about:
- The categories of data we’re processing
- The purposes of data processing
- The categories of third parties to whom the data may be disclosed
- How long the data will be stored (or the criteria used to determine that period)
- Your other rights regarding our use of your data
We will provide you with the information within one month of your request, unless doing so would adversely affect the rights and freedoms of other (e.g. another person’s confidentiality or intellectual property rights). We’ll tell you if we can’t meet your request for that reason.
You have the right to access information we hold about you
You can object to us using your data for profiling you or making automated decisions about you. We may use your data to determine whether we should let you know information that might be relevant to you (for example, tailoring emails to you based on your behavior). Otherwise, the only circumstances in which we will do this is to provide OWS services to you.
You have the right to make us correct any inaccurate personal data about you
We will give you a copy of your data in CSV or JSON so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you. We will not do so to the extent that this involves disclosing data about any other individual.
You have the right to port your data to another service
You can do this by asking us to erase any personal data we hold about you, if it is no longer necessary for us to hold the data for purposes of your use of Bearer.
You have the right to be "forgotten" by us
Please tell us first, so we have a chance to address your concerns. If we fail in this, you can address any complaint to the Swiss Data Protection Authority.
You have the right to lodge a complaint regarding our use of your data
How secure is the data we collect?
We have physical, electronic, and managerial procedures to safeguard and secure the information we collect.
And please remember:
- You provide personal data at your own risk: unfortunately, no data transmission is guaranteed to be 100% secure
- If you believe your privacy has been breached, please contact us immediately using our Contact Form.
Where do we store the data?
The personal data we collect is processed remotely by our team using cloud third parties for data processing and sotrage. These include Coda.io, Airtable, and Integromat. All of these services store data on CDN servers around the world. primarily stored in Airtable databases. As we are a remote company, we process data in the countries we live in (including: Belgium, France, Netherlands, Poland, Portugal, South Africa, the United-Kingdom, the United States) and in any data processing facilities operated by the third parties identified below.
By submitting your personal data, you agree to this transfer, storing or processing by us. If we transfer or store your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this Privacy Policy.
How long do we store your data?
We will archive and stop actively using any personal identifiable information about you within 6 months from the last time you contacted us. We will delete your personal data from our archives no later than 4 years from the last time you made a request or as agreed with you in a separate agreement.
The data of the users of the openwebsandbox.org page will be stored in a different way, depending on what type of specific service is requested by you.
User data uploaded by the OWS to pages and profiles on social networks include: Discord, Twitter, YouTube, and Medium. This data is uploaded only from the moment the user offers their consent and until they withdraw it.
Third parties who process your data
Tech businesses often use third parties to help them host their application, communicate with customers, power their emails etc. We partner with third parties who we believe are the best in their field at what they do.
When we do this, sometimes it is necessary for us to share your data with them in order to get these services to work well. Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy. Where personal data is transferred to a third party in the United States we take steps to ensure we agree the standard contractual clauses with them. We continually monitor this transfer mechanism. Any data transfers to the US are encrypted and generally consist of insensitive personal data.
Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:
Infrastructure
Amazon Web Services, Inc
Privacy Policy- Contact details
- Metadata from your source code
- Data that identifies you
This is a web hosting provider: we use it to store data you generate by using the service securely in the cloud.
EU (Ireland)
Airtable
Privacy Policy- Contact details
- Data that identifies projects
- Data that identifies you
This is a database provider: we use it to permanently store all data you generate by using the service securely in the cloud.
US
Webflow
Privacy Policy- Contact details
- Data that identifies projects
- Data that identifies you
This is a front-end and web hosting provider: we use it to temporarily store contact data you generate by using the service securely in the cloud.
US
Tools and Services
WorkOS, Inc.
Privacy Policy- Data that identifies you
This enables users to authenticate via Single Sign-On.
US
Intercom, Inc.
Privacy Policy- Contact details
- How you use Bearer
- Cookies
We use this service for customer communications, user interaction and helpdesk assistance.
US
Outreach, Inc.
Privacy Policy- Contact details
- How you use Bearer
We use this service for customer communications.
US
Salesforce, Inc.
Privacy Policy- Contact details
- How you use Bearer
We use this service for customer communications, user interaction and helpdesk assistance.
US
Twilio, Inc.
Privacy Policy- Contact details
- How you use Bearer
We use this service for sending, storing and tracking emails.
US
Integromat
Privacy Policy- Metadata
We use this service to automate the communication of data between our infrastructure.
CZ
Coda
Privacy Policy- Data that identifies projects
- How you use Bearer
- Cookies
We use this service for internal communications. We do not permanently store data.
US
Matomo
Privacy Policy- Data that identifies you
- Cookies
This is a web analytics service, we use it to track your use of our website, and prepare reports on user activity here.
APAC
Payments
Stripe, Inc.
Privacy Policy- Contact details
- Financial information
This service processes payments for us.
EU & US
Astro DAO
Privacy Policy- Contact details
- NEAR Wallet Address
This service processes all payments for OWS contributors and collaborators.
EEA
Special thanks
This privacy notice was built based on an open-source design from Juro adapted to Webflow by Bearer. Get these patterns free: privacy policy template and Webflow template.