Launch App

Privacy Policy

Somm is a decentralized multi-chain execution platform, built on the Cosmos SDK to maximize interoperability with other blockchains, and supported by a network of independent validator nodes. For the purposes of this Privacy Policy, the Somm protocol website, https://www.sommelier.finance/, and the Somm decentralized application access website, https://app.sommelier.finance/, as well the Somm protocol and network generally will be referred to as “Somm”.

This Privacy Policy has been developed by Bajanss OÜ, Maakri 36-50, Tallinn, Estonia 10145 (“Bajanss”), which is the controller for your Personal Data within the scope of this Privacy Policy. Bajanss decides “why” and “how” your Personal Data is processed in connection with Somm. If you have additional questions or require more information about this Privacy Policy, do not hesitate to contact privacy@bajanss.com. Bajanss may from time to time update this Privacy Policy to take account of legal and regulatory developments so that the development of Somm may continue in line with such requirements. Decentralized applications such as Somm have been gathering increased attention worldwide and it is possible that Somm will be subject to additional regulatory requirements in the future. Please note that any updates to this Privacy Policy will be immediately applicable. It is your duty to become comfortable with the Terms of Use and the Privacy Policy of Somm, and your continued access to and interaction with Somm constitutes your awareness of and agreement to all amendments made to this Privacy Policy as of the date of your accessing and interacting with Somm. It is your duty to review this Privacy Policy regularly as you shall be bound by it, and Bajanss shall have no obligation to, and no technical means to, inform you of any changes. If, for some reason, you are not satisfied with this Privacy Policy, your immediate recourse is to stop interacting with Somm. You do not have to inform anyone of this decision unless you intend to exercise some of the data protection rights stipulated by GDPR and defined below in this Privacy Policy.

This Privacy Policy outlines the types of data that is collected, used, and recorded by Somm and/or Bajanss directly in connection with Somm and is valid for all internet users who interact with Somm with regards to the Personal Data that they share and/or which is collected within Somm. This Privacy Policy is not applicable to any Personal Data collected offline or via channels other than the websites referenced above. Please read this Privacy Policy carefully to understand how your Personal Data is collected and how it will be treated by any participants or third parties involved in the collection, processing and storage of the data.

IF YOU ARE ACTING FOR A BUSINESS, ORGANIZATION, OR OTHER ENTITY AND HAVE SPECIFIC REQUIREMENTS WITH RESPECT TO PERSONAL DATA PROCESSING PLEASE ENSURE THAT ON ONE HAND YOU HAVE THE RIGHT, POWER AND AUTHORITY TO ACT ON BEHALF OF AND BIND THE ENTITY YOU REPRESENT. PLEASE DO NOT ACCESS OR OTHERWISE USE SOMM.

1. Your Representations and Warranties

By accessing any of the websites above, and/or interacting with Somm in any manner, you represent and warrant that you:

(a) are at least eighteen (18) years of age. If you are under the age of eighteen (18), you may not, under any circumstances or for any reason, interact with Somm. Please report to privacy@bajanss.com any instances involving interaction with Somm by individuals under the age of 18, should they come to your knowledge;

(b) understand that Somm, via third parties, may screen and monitor your wallet address for illicit activities and may record and link your wallet address to an IP address or other Personal Data you may provide as part of the interaction with Somm. Somm may integrate with a third party solution to monitor on-chain data to detect sanctions and AML risks, including whether an addresses are owned or associated with clearly illegal behavior like sanctions, terrorism financing, hacked or stolen funds, ransomware, human trafficking, and child sexual abuse material (CSAM). If Somm then receives a “risk” warning regarding your wallet address, you will automatically be blocked from further interactions with Somm. If you believe your wallet address has been blocked by mistake, you may contact privacy@bajanss.com;

(c) consent to your Personal Data being collected and processed by Somm in accordance with this Privacy Policy, as amended from time to time. Some of the Personal Data collected may be used to improve Somm and/or for marketing purposes, as further detailed below. Because of the public and immutable record of blockchain transactions, you understand that it would be impossible for Somm to erase your public wallet address and recorded interactions and transactions. The Personal Data which would be erased in accordance with GDPR, upon your request, as set forth in this Privacy Policy, would be limited to email addresses, name, IP address, etc. to the exclusion of your public wallet address and recorded interactions and transactions.

2. Applicability

This Privacy Policy applies to all your interactions with Somm, including the email addresses referred to in this Privacy Policy and other interactions in connection therewith.

Several processors may have access to your Personal Data, such as technical maintenance vendors, project and team management vendors, merch products delivery vendors, communication vendors, analytics, statistics, performance, marketing vendors, etc. More details on Personal Data processing are included in the next sections of this Privacy Policy. Please read carefully.

3. Somm Data Processing

As a decentralized platform and application, Somm would collect as little Personal Data from you as possible. However, the following types of data may be collected and processed:

● wallet (public) addresses, transactions, assets, and balance information (blockchain data) that is accessible when interacting with Somm.

Somm has a legitimate interest in collecting this data, such as the proper execution of any transactions and interactions within Somm, monitoring and improving Somm, protection against risks, etc. The data is also required for the proper performance of Somm and smart contract interactions. Note that we are not responsible for your use of any of the blockchain and your data processed in these decentralized and permissionless networks.

Personal Data Somm may collect:

● email address, your name, and any other Personal Data you provide to us when communicating with us. Such Personal Data is used only for communication with you;

● Personal Data you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your Personal Data;

● IP address, MAC address, log files, domain server, data related to usage, performance, website security, traffic patterns, location information, browser and device information – only when you are using Somm;

● Log Files. Somm follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and this kind of Personal Data may also be collected as a part of hosting services' analytics. The data collected by log files may include  internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time  stamp, referring/exit pages, and possibly the number of clicks. These kinds of data may be linked to data that is personally identifiable. The purpose of the data collection and processing is for analyzing trends, administering websites, tracking users' movement on websites, and  gathering demographic information;

● Your name and address you provide to us when ordering our merch products, if applicable.

Somm may engage third-parties advertising platforms, which may collect Personal Data from visitors of the websites only with the purpose to optimize their advertising possibilities through their platforms, target you with their advertisements, and possibly share your data with other advertising platforms and agencies for further use.

In no event we are going to ask you to share your private keys or wallet seed. Never trust anyone or any websites or emails asking for your private keys or wallet seeds.

How Somm uses Personal Data:

Somm will use Personal Data listed above only for:

● operational purposes, such as ensuring security, identifying irregular website behavior, preventing fraudulent activity and improving security at all possible levels;

● assessing and improving the performance of Somm;

● analyzing website visitors actions to improve Somm (see also the Section “Cookies and  Automatically Collected Data”);

● analyzing patterns of behavior, including via Google Analytics and other service providers;

● delivering merch products if applicable;

● send you marketing, advertising, informational emails;

● find and prevent fraud.

For the avoidance of doubt, Somm may use Personal Data described above or any other Personal Data:

● where the Personal  Data is required for Somm to operate;

● on the basis of legitimate interests to protect Somm, prevent any malicious and harmful activities, maintain technical systems healthy and secure, improve Somm operations by using aggregate statistics, etc.;

● to respond to any legal requests of authorities, provide information upon court orders and  judgments, or if we have a good-faith belief that such disclosure is necessary under the applicable laws to cooperate with official investigations or legal proceedings, including but not limited to in response to subpoenas, search warrants, or court orders, and including other similar statutory obligations Bajanss or any of the data processors may be subjected to;

● on the basis of your consent; and

● on other legal bases as applicable under typical data protection laws.

Disclosure of Data:

Bajanss may disclose any Personal Data in connection with a merger, division, restructuring, or other association change, or to its subsidiaries and affiliates (if any) only if necessary for operational purposes.

If Bajanss must disclose any of your Personal Data in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your Personal Data will maintain the privacy or security of your Personal Data.

Data Retention Period

Somm and Bajanss will maintain Personal Data exclusively within the time needed to follow the prescribed herein legal purposes. When we no longer need Personal Data, the limitation period for storage of such Personal Data has expired, you have withdrawn your consent or objected to our or our processors’ legitimate interests, we will securely delete or destroy it unless the statutory requirements we, our processors or other controllers are subjected to stipulate otherwise. Aggregated data, which cannot directly identify a device/browser (or individual) and is used for purposes of reporting and analysis, will be maintained for as long as commercially necessary till you object to processing of such data or withdraw your consent. For the avoidance of doubt, you understand and acknowledge that your public wallet addresses and transactions records, minus any Personal Data, are part of the public blockchain records, visible via public blockchain explorers, and not something that Somm or Bajanss may delete and/or correct.

Sometimes legal requirements will oblige companies such as Bajanss to retain certain data, for specific purposes, for an extended period of time. Reasons Bajanss might retain some data for longer periods of time include:

● Security, fraud & abuse prevention;

● Financial monitoring and record-keeping;

● Complying with legal or regulatory requirements; and

● Ensuring the continuity of your interaction with Somm, if applicable.

Inquiries

You may contact us by email at privacy@bajanss.com. Any Personal Data that you provide in an email to us, which you may give voluntarily, will only be used in order to answer your question or to reply to your email in the best possible manner, and will not be retained except as needed for compliance purposes, if applicable.

4. Cookies and Automatically Collected Data

As you navigate through and interact with the Somm websites, we may ask your consent to use cookies, which are small files placed on the hard drive/browser of your computer or mobile device, and web beacons, which are small electronic files located on pages of the websites, to collect certain information about devices you use, browsing actions, and patterns.

Data automatically collected from cookies and web beacons may include information about your  web browser (such as browser type and browser language) and details of your visits to the Somm websites, including traffic data, location data and logs, page views, length of visit, and website navigation paths, as well as information about your device and internet connection, including your IP address and how you interact with Somm. We collect this data in order to help us improve Somm and your interaction with Somm.

The information we collect automatically may also include statistical and performance information arising from your interactions with Somm. This type of data will only be used by us in an aggregated and pseudonymized manner.

At any time, you can choose to disable cookies through your individual browser options. To get more detailed information about cookie management with specific web browsers, please find it on the browsers' respective websites.

5. Your rights under GDPR

Data protection in Estonia is primarily governed by the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) which has been implemented into Estonian law since 2019. Under GDPR, you have a number of privacy rights concerning the use, storage, and  processing of your Personal Data (e.g., the right to delete your data). Please refer to the following rights as needed:

Right to be informed - we are publishing this Privacy Policy to keep you informed as to what we do with your Personal Data. You can ask us for Personal Data regarding you that we keep at any time. This information concerns, among other things, the data categories we process, for what purposes we process them, the origin of the data if we did not acquire them directly from you and, if applicable, the recipients to who we have sent your data.

Right of access – you have the right to request a copy of the data we hold about you.

Right of rectification – you have the right to correct inaccurate or incomplete data about you. However, please note that public wallet addresses and transactions recorded on immutable public blockchain records are not within the definition of Personal Data we would be able to correct and/or rectify for you. Your blockchain activity is your responsibility.

Right to be forgotten – you can request that the Personal Data that we hold about you be erased from our system and we will comply with this request unless we have a legitimate reason, legal requirement, and other statutory basis not to do so. Even if we can delete (erase) the Personal Data subjected to our active (ongoing) processing activities and cease its processing, we will nevertheless retain this particular Personal Data in our backup and archive storages to fulfill our statutory and other requirements. In addition, please note that public wallet addresses and transactions recorded on immutable public blockchain records are not within the definition of Personal Data we would be able to delete. Your blockchain activity is your responsibility.

Right to restriction of processing – where certain conditions apply, you can ask us to ‘block’ the processing of your Personal Data.

Right to data portability – you have the right to have the data we hold about you transferred to another organization and to receive Personal Data in a structured, commonly used format.  Please contact privacy@bajanss.com to find out whether we currently support the provision of  the portable file containing Personal Data we process about you.

Right to object - you can object to the processing of your data by writing to privacy@bajanss.com at any time for reasons that arise from your special situation provided the  data processing is based on our legitimate interest or that of a third party, or where we carry out profiling, use machine learning or automated decision-making algorithms. In this case, we will no longer process your Personal Data. The latter does not apply if we are able to prove there  are compelling, defensible reasons for the processing that outweigh your interests or we require  your data to assert, exercise or defend legal claims. It also doesn’t apply to data which is on the public blockchain records which anyone can access and use for any purpose at any time.

Right to withdraw consent - you have the right to withdraw the consent you gave us with regard to the processing of  your Personal Data for certain purposes.

Right to complain - you have the right to submit a complaint to the data privacy protection authorities responsible. You can send your complaints to the supervisory authority of your country of residence.

Please contact privacy@bajanss.com with any questions about exercising any of the above rights. To learn more about GDPR generally, please access the website of the Estonian Data Protection Inspectorate here https://www.aki.ee/en/inspectorate/legislation.

6. Transfer of Personal Data

Transfers to third countries are subject to appropriate safeguards, i.e., Standard Contractual Clauses. More information on such safeguards may be obtained by you upon a prior written request sent to us, subject to your agreement to maintain confidentiality.

7. Data Integrity & Security of Processing

We take data security very seriously. The Personal Data you provide us will be protected from loss, misuse, or unauthorized access, via a variety of safeguards such as encryption, digital and  physical access controls, non-disclosure agreements (NDAs), and other technical and organizational measures. However, no electronic transmission, storage, or processing of Personal Data cannot be entirely secure. We cannot guarantee that the security measures we have in place to safeguard Personal Data, or the security measures taken by data processors or third party service providers, will never be defeated or fail, or that those measures will always be sufficient or effective. Therefore, although we are committed to protecting your privacy, you should not expect that your Personal Data will always remain private or secure.

Most importantly, Somm is based on public blockchains intended to immutably record transactions across wide networks of computer systems located in many jurisdictions, and which are open to forensic analysis. This can lead to deanonymization and the unintentional revelation of Personal Data. Because blockchains are decentralized or third-party networks which are not controlled or operated by us, we are not able to erase, modify, or alter Personal Data from such networks.

© 2024 Somm by Bajanss OÜ –Maakri 36-50, Tallinn, Estonia 10145

Bug Bounty
Privacy Policy
Documentation
Telegram
Discord
Twitter