Personal Data Protection Policy

To use the platform all functionalities are possible without providing any personal identifiable data.

The only places where you would willingly and consciously provide us with personal data, are:

- When you opt in to receive updates on a pact and the platform.

- When you verify/authenticate your signature with email.

The only personal information in this case is: your email address.

So this privacy policy applies to this sole identifiable data.


At we respect your right to privacy and take personal data protection extremely seriously, as we would like to provide you with the highest level of protection of the personal data that you have trusted us.

This Policy is based on applicable relevant legislation on the protection of personal data, in particular the General Data Protection Regulation of the EU.

In this Personal Data Protection Policy (hereinafter referred to as: Policy), we define ways of collecting your personal data, the purposes for which we collect it, the security measures we use to protect it, the persons with whom we share it, and your rights regarding the protection of personal data.


This Policy applies to all personal data processed by, a platform managed team. (company registration in process)

As a data controller, and only if you choose to share your eMail, shall be responsible for processing and storing of your personal data.

If you have any questions regarding the use of this Policy or with regards to the exercise of your rights arising from this Policy, please contact us at the following contact:



This Policy is for:

- our users and

- visitors of our platform.


Here you can find an explanation of the basic concepts that we use in our Policy.

Each particular concept defined below has the meaning within this Policy as defined in this section.

Personal data means any information that refers to a specific or identifiable individual (for example, the name, surname, e-mail address, telephone number and identifiers that are specific to the individual's physical, physiological, genetic, economic, mental, cultural or social identity, etc.).

Controller means a legal entity that determines the purposes and means of processing of your personal data.

Processor means a legal or natural person who processes personal data on behalf of the controller.

Processing means collecting, storing, accessing and all other forms of use of personal data.

EEA means the European Economic Area, which identifies all the Member States of the European Union, Iceland, Norway and Liechtenstein.

Member is a legal or natural person registered on the Platform.

Pact is the document a Member can create on It could be a Petition, a Manifesto or an Open-Letter.

Pact’s owner is the creator of a Pact.

Pact’s follower is a member that opt-in to receive Pact’s updates.

Signers is a user who signs a Pact.

Signature: could be public or anon and encrypted

Collection is a list of Pacts associated to a name


At, we process your personal data solely on the basis of clearly stated and legitimate purposes, securely and transparently.

We collect your personal data when you provide it to us: authenticating with eMail, signing up for our newsletter, keeping informed about Pact’s updates, and inquiring by e-mail.

We don’t collect cookies, but 3rd party providers, wallet connect or cloudflare may use them. Please refer to their respective Privacy Policy. Cloudflare:

WalletConnect :

Mailjet :

5.1. What type of personal data do we collect?

Your personal data can be obtained directly from you when you provide us with this information (for example, by logging into your member account, etc.). We can also obtain your personal data through the use of our services (e.g. pact’s updates, newsletter).

At, we carefully protect the principle of the minimum amount of data provided by law, and therefore we collect only data that is appropriate, relevant and limited to what is necessary for the purposes for which the data is processed. The purposes for which we collect personal data are defined in Chapter 5.3. of this Policy.

In accordance with the legislation governing the protection of personal data, we may process your personal data on the following legal bases:

- Consent. We process your personal data when you have given consent for the specific purposes of processing, and you are always entitled to revoke that consent;

- The law. When processing is necessary for the fulfillment of legal obligations.

Is the provision of personal data mandatory?

The provision of personal data (eMail only) is mandatory only for eMail authentication, Pacts notification or newsletter subscription. In most cases, you provide us with personal data on a voluntary basis.

Granting consent is always voluntary. However, in case of consent revocation or denial of consent, we will not be able to provide certain services.

5.3. Processing purposes will only process your data for specified, explicit and legitimate purposes. We undertake not to process your personal data in a manner incompatible with the purposes defined in this Policy.

The purposes for which we can use your personal data are defined below. may use your personal data for one or more of the purposes identified below.

In the event that there is a need for further processing of personal data (for a different purpose than for the purpose for which personal data were originally obtained), we will inform you in advance and, when necessary, request for consent. You are entitled to revoke at any time any processing of your personal data, based on your consent. You can notify us of the revocation of the consent at any of the contact points defined in Chapter 2 of this Policy.

How does registration using third party services work?

The only case for which needs a third party services work is when you register with an eMail. In that case, you fill your eMail through Then a verification eMail is sent by our partner Mailjet to you. A code is delivered and you have to enter the code in interface. That’s all, the account is created, and we don’t store nor use your eMail anymore.

5.4. How much time do we keep your personal data?

We keep your personal data only in these particular cases:

  • Pact’s updates subscription

  • Pact’s recommendations subscription

  • Newsletter subscription

  • Support contact

We keep your personal data in accordance with the relevant legislation. We will keep your personal data:

- only for as long as it is absolutely necessary to achieve the purposes for which we are processing (for the purposes for which we process personal data, please refer to Chapter 5.3 of this Policy),

- for a period prescribed by the law (we note here that the deadlines for the retention of personal data may also be prescribed by other laws, not only in the field of personal data protection, such as 10 years for the issued invoices, in accordance with the tax legislation),

- for the period necessary for the fulfillment of the contract, which includes guarantee periods and deadlines in which it is possible to enforce any claims on the basis of a concluded contract (e.g. 5 years after the fulfillment of contractual obligations).

When personal data is obtained on the basis of your consent, we keep it permanently or until you revoke this consent (see how to revoke the consent in Chapter 8 of this Policy). We will delete the information collected on the basis of your consent before your revocation, in case the purpose for which the data was collected has been achieved.

When the retention period for certain personal data expires, we will delete these personal data or anonymize them so that the reconstruction of personal data will no longer be possible.

The retention periods for each category of personal data are defined in Annex 1.

For any additional information, please contact us at any of the contact details defined in Chapter 2 of this Policy.


At we protect your personal data against illegal or unauthorized processing and/ or access, and against unintentional loss, destruction or damage. We undertake all measures according to our technological capabilities and the impact assessment on your privacy.

For this reason we consider that the sole data owner should be the creator himself. For this reason, no personal data is needed to use All personal data are facultative. But if you want to share some personal data with other users or to associate some personal data with a Pact or a Signature, you can do it. In this case, when you create your profile and fill in personal data like your name, bio, company, and so on, you write it publicly on a Ceramic node. If you fill in your eMail, we always encrypt it before writing it on Ceramic. An encryption key is shared with and associated with your anon member ID. It’s for this reason we can say that doesn’t have nor store any personal data. The only owner is you, the creator of the data.

Nevertheless, there are particular cases mentioned in Chapter 5.4 of this policy for which uses your eMail and sends it to an external partner (MailJet:

In order to ensure that your personal data is safe, we have undertaken the appropriate technical and organizational measures at, in particular:

- ensuring the regular updating and maintenance of the hardware, software and application equipment that we use for the processing of personal data,

- establishing a restriction on access to personal data,

- data encryption

- careful selection of processors that we trust for the processing of personal data;

- establishing protocols for preventing or limiting damage in case of potential security incidents.

In the event of a violation of the protection of personal data, we will notify without delay about any such violation to the competent supervisory authority.

In the event that there is a suspicion of a criminal offense regarding the violation of personal data, will also report such violations to the competent authority.

In the event of a violation of data protection that may cause a high risk to the rights and freedoms of individuals, we will inform you of such an event without undue delay.


Your personal data may be, exclusively in order to achieve the purpose for which it was collected, transmitted, or we may just allow access to them to certain third parties defined below. Such third parties may only process your personal data for the purposes for which they were collected.

Accordingly, any third party to whom we transmit personal data is bound to comply with the applicable law as well as to the provisions of this personal data protection policy. With external processors, however, the protection of personal data is further defined by the contract.

Your personal data may be transmitted to:

1. Our external processors who take care of the needs of accounting services, law firms, eMail provider (MailJet)

2. When this is required by the law (e.g. tax authorities, courts, etc.).

3. Third party Service providers enabling registration, storage and transfer of funds (Wyre, Metamask, Rainbow, Coinbase, WalletConnect)


On our website we offer you the ability to use the following social networks: Twitter, Instagram, Discord, Telegram, Facebook

The mentioned social networks operate in accordance with their terms of use and privacy policy, where the usage of personal data for each social network is also defined.

Privacy policies are available at the links provided below:

- Twitter:

- Instagram:

- Facebook:

- Discord:

- Telegram:

We would like to remind you that any use of social networks that is enabled on our website is in the sole responsibility of the individual. In the event of any questions and/or requests, an individual is required to contact a particular social network. does not assume any responsibility for the use of social networks.


At the only personal data we store are encrypted eMail and encrypted member ID. All the other data like digital wallet information, name, biography, organisation, title, country, city, encrypted eMail are written on Ceramic Network. The sole owner is the creator of the data (the member). When a processing is needed, the data owner gives the right to to operate a processing, but the data is not stored neither owned by The only exception to this rule concerns the encrypted eMail, especially to be able to keep the user informed about activities. In this case the encrypted hash of the eMail is stored by, only if the user subscribe or proceed to one or several following cases:

  • Pact’s updates subscription

  • Pact’s recommendations subscription

  • Newsletter subscription

  • Support contact

You have the following rights regarding the personal data processing for the hashed data we store.

9.1. Access to personal data:

You may request information from whether we are processing your personal data, and if we do, you can request access to your personal data and information about the processing (which data is processed and from where this data originated).

9.2. Correction of personal data:

you may request from to correct or complete your incomplete or inaccurate data being processed.

9.3. Restriction of the personal data processing:

you may request from a restriction of the processing of your personal data (when, for example, checking accuracy or the completeness of your personal data).

9.4. Deletion of personal data:

you may request from to delete your personal data (we cannot delete those personal data that we keep on the basis of legal requests or contractual relation).

9.5. Printout of personal data:

you may request from to provide you with the personal data that you have provided us with in a structured, widely used and machine-readable form.

you have the right to withdraw consent as to the use of your personal data, which we collect and process on the basis of consent, at any time. The consent may be revoked in any manner specified in Chapter 2 of this Policy. The revocation of the consent has no negative consequences, but it is possible that will no longer be able to provide you with certain services.

9.7. Objection to the processing of personal data:

You have the right to object to the processing of your personal data when processing is for direct marketing purposes or in the event of transmitting your personal information to third parties for the purposes of direct marketing. You can also object processing when your data is used for direct marketing purposes using customized or individual offers ("profiling"). You can make an objection in any manner defined in Chapter 2 of this Policy.

9.8. The right to data transmission:

you have the right to request the printout of personal data that you have provided us with. We will provide you with information in a structured, widely used and machine-readable form. You are entitled to provide this data to another controller of your choice. Where technically feasible, you may request that your personal data be transmitted directly to another controller.

Contacts for the exercise of rights:

If you have any questions regarding the use of this Policy or with regards to the exercise of your rights arising from this Policy, please contact us at any of the following contacts:


You have the right to file a complaint against us with the competent authority for the protection of personal data.

The integrity of personal data processed and regular updating is a priority for Please kindly inform us of any change of your personal data to the above contacts. We will take care of the correction or supplementing your personal data in the shortest possible time.

In case of exercising any of the rights, we may require additional personal data (such as digital wallet public key, name, surname, e-mail address) for identification purposes. We will only need additional information when the information you provide is not sufficient for reliable identification (in this way, we want to prevent your personal data from being transmitted to a third party due to unreliable identification).


At, we can change this Policy at any time. We shall notify you of the change of the Policy on our web site. We shall consider that you agree with the new version of this Policy if, after the new version enters into force, you continue to use our website and other services defined by this Policy.

The current version of this Policy will be available on our website:

Annex 1: Definition of retention periods

Last updated