Privacy
Policy
M-Cubed Labs Privacy Policy
Revision History
Last Modified: September 2024
If you need to access this Privacy Policy in an alternative format due to having a disability,
please contact [email protected].
1.0 Policy Statement and Scope
This Privacy Policy of M-Cubed Labs, Inc. (“M-Cubed Labs”, “we”, “us”, “our”, or “Company”) is designed to help you understand how we collect, use, disclose, transmit, and retain your personal information, as well as exercise your privacy rights. This Privacy Policy applies to personal information processed by us, including on our websites, and other online or offline offerings. To make this Privacy Policy easier to read, our websites, and other offerings are collectively called the “Services.”
Notice at Collection
At or before the time of collection, California residents have a right to receive notice of M-Cubed Labs’s privacy practices, including the categories of personal information to be collected, the purposes for which such information is collected or used, whether such information is “sold” or “shared” and how to opt-out of such uses, and how long such information is retained. User can continue to read below or click the provided URL quicks links above.
About Our Services and the Blockchain
Our Services may facilitate interaction with certain decentralized cryptographic protocols like blockchains, which we do not own or control (each, a “Protocol”). Our Services require the use of a digital wallet provided through third party services that we do not own and control. These digital wallets enable you to take self-custody and manage digital assets (for example, cryptocurrencies and non-fungible token (or “NFTs") that we may support, and enable you to interact with third party services and supported Protocols and support the sale, purchase, trade and distribution of digital assets on the decentralized blockchains on which the supported digital assets are recorded (each, a “Blockchain”).
If you participate in our Services relating to the management of digital assetsmart contracts will be employed that necessarily collect information, such as your digital wallet address (which some legal jurisdictions may consider personal information), and that information will be stored on a public blockchain that we do not control. A smart contract is computer code that automatically processes events when certain conditions are met; for example, when a transaction is conducted between two individuals or entities where each sign off to conduct a financial transaction (in other words, settle the accounts between individuals to be then broadcast to the blockchain) or when a user wants to add an NFT to a digital wallet, a smart contract would automatically execute the proposed action. In these situations, your personal information will be stored on that blockchain through the execution of a smart contract and that personal information may not be able to be modified or deleted due to the immutable nature of the blockchain.
YOU SHOULD BE AWARE OF WHAT PERSONAL INFORMATION YOU MAY BE BROADCASTING TO THE BLOCKCHAIN.
Please make sure to review our Terms of Service for more information, including specific terms and obligations for the use of our Services that may include dispute resolutions.
2.0 Personal Information Collected
The categories of personal information we collect depend on how you interact with us, our Services, and the requirements of applicable law. We collect information that you provide to us, information we obtain automatically when you use our Services, and information from other sources such as third-party services and organizations, as described below.
2.1 Personal Information You Provide to Us Directly
We may collect personal information that you provide to us.
- Account Creation. We may collect personal information when you create an account, such as name, email address, physical address, date of birth, telephone number, social security number, bank details, digital wallet address, etc.
- Financial and Online Transactional Information. We may collect financial information such as your digital wallet address, bank account and routing numbers, and/or debit card numbers. We may collect personal information and details associated with your transactions including, but not limited to, information about the transactions you make using the Services, information on sources of your funds, sender and receiver of funds, and ultimate beneficiary information. Any fiat payments or transactions made via our Services are processed by third-party processors.
- Identity/Know Your Customer (“KYC”) information. We may collect personal information and details to verify your identity. This may include your name, address, date of birth, and social security number. We may ask for images of your government-issued ID, passport, national ID card, or driver’s license and may ask for access to your mobile device’s camera to have you take a selfie for identification purposes. We do not collect images for biometric purposes. We use third-party services with whom we have a written contract to ensure the security of your personal information to verify your identification using your government-issued identification and other information or images you may provide through the Services.
- We do not collect biometrics from your device. We may also use your mobile device’s native biometrics applications (such as facial or fingerprint recognition) for user identification to create an account. In those instances, we do not have access to this biometrics information, nor do we receive it from your mobile device’s developer (such as Apple or Google.) Please contact your mobile device’s operating system developer for more information about their biometrics practices.
- Your Communications with Us. We may collect personal information, such as email address, phone number, or mailing address when you request information about our Services, register for our newsletter, request customer or technical support, or otherwise communicate with us.
- Surveys. We may contact you to participate in surveys. If you decide to participate, we may collect personal information from you in connection with the survey.
- Interactive Features. We and others who use our Services may collect personal information that you submit or make available through our interactive features (for example, messaging and chat features, commenting functionalities, forums, blogs, and social media pages). Any information you provide using the public sharing features of the Services will be considered “public,” unless otherwise required by applicable law, and is not subject to the privacy protections referenced herein. Please exercise caution before revealing any information that may identify you in the real world to other users.
- Sweepstakes or Contests. We may collect personal information you provide for any sweepstakes or contests that we offer. In some jurisdictions, we are required to publicly share information of sweepstakes and contest winners.
- Conferences, Trade Shows, and Other Events. We may collect personal information from individuals when we attend or host conferences, trade shows, and other events.
- Business Development and Strategic Partnerships. We may collect personal information from individuals and third parties to assess and pursue potential business opportunities.
- Job Applications. We may post job openings and opportunities on our Services. If you respond to one of these postings, we may collect your personal information, such as your application, CV, cover letter, and/or any other information you provide to us.
2.2 Personal Information Collected Automatically
We may collect personal information automatically when you use our Services.
- Automatic Collection of Personal Information. We may collect certain information automatically when you use our Services, such as your Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, browser or device information, location information (including approximate location derived from IP address), and Internet service provider. We may also automatically collect information regarding your use of our Services, such as pages that you visit before, during and after using our Services, information about the links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our Services.
2.3 Personal Information Collected from Other Sources
- Third-Party Services and Sources. We may obtain personal information about you from other sources, including through third-party services and organizations. For example, if you access our Services through a third-party application, such as a third-party login service or a social networking site, we may collect personal information about you from that third-party application that you have made available via your privacy settings.
- Credit Bureaus and ID Verification Partners. We may obtain personal information about you from credit bureaus and identity verification partners.
- Blockchain Information. We may obtain personal information about you, such as your digital wallet address, through our analysis of blockchain information.
3.0 How We Use Your Personal Information
We use your personal information for a variety of business purposes, including to provide our Services, for administrative purposes, and to market our products and Services, as described below.
3.1 Provide Our Services
We use your information to fulfill our contract with you and provide you with our Services, such as:
- Managing your information and accounts;
- Verifying your identity in accordance with applicable know-your-customer, anti-money laundering and other financial sector legislation or regulations;
- Facilitating transactions you enter into;
- Providing access to certain areas, functionalities, and features of our Services;
- Answering requests for customer or technical support;
- Communicating with you about your account, activities on our Services, and policy changes;
- Processing your financial information and other payment methods for products or Services purchased;
- Processing applications if you apply for a job we post on our Services; and
- Allowing you to register for events.
3.2 Administrative Purposes
We use your information for various administrative purposes, such as:
- Pursuing our legitimate interests such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention;
- Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
- Measuring interest and engagement in our Services;
- Short-term, transient use, such as contextual customization of ads;
- Improving, upgrading, or enhancing our Services;
- Developing new products and services;
- Ensuring internal quality control and safety;
- Authenticating and verifying individual identities, including requests to exercise your rights under this Privacy Policy;
- Debugging to identify and repair errors with our Services;
- Auditing relating to interactions, transactions, and other compliance activities;
- Sharing personal information with third parties as needed to provide the Services;
- Enforcing our agreements and policies; and
- Carrying out activities that are required to comply with our legal obligations.
3.3 Marketing and Advertising our Products and Services
We may use personal information to tailor and provide you with content and advertisements. We may provide you with these materials as permitted by applicable law.
Some of the ways we market to you include email campaigns and custom audiences advertising.
If you have any questions about our marketing practices, you may contact us at any time as set forth in “Contact Us” below.
3.4 Other Purposes
We also use your personal information for other purposes as requested by you or as permitted by applicable law.
- With Your Consent. We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information or with your consent.
- De-identified and Aggregated Information. We may use personal information to create de-identified and/or aggregated information, such as demographic information, information about the device from which you access our Services, or other analyses we create.
Notice Regarding Use of the Blockchain. Aspects of our Services may be hosted on or interact with the blockchain. Where you use aspects of our Services that are hosted on or interact with the blockchain, information about your interactions and/or transactions will be provided to the applicable blockchain network and may be accessible to third parties due to the nature of the blockchain protocol.
5.0 Your Privacy Rights and Choices
Your Privacy Choices. The privacy choices you may have about your personal information are determined by applicable law and are described below.
- Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (for example, communications regarding our Services or updates to our Terms or this Privacy Policy).
- Text Messages. If you receive an unwanted text message from us, you may opt out of receiving future text messages from us by following the instructions in the text message you have received from us or by otherwise contacting us as set forth in “Contact Us” below.
Your Privacy Rights. In accordance with applicable law, you may have the right to:
- Confirm Whether We Are Processing Your Personal Information (the right to know);
- Access to and Portability of Your Personal Information, including: (i) obtaining access to or a copy of your personal information; and (ii) receiving an electronic copy of personal information that you have provided to us, or asking us to send that information to another company in a structured, commonly used, and machine readable format (also known as the “right of data portability”);
- Request Correction of your personal information where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your personal information;
- Request Deletion of your personal information;
- Request to Opt-Out of Certain Processing Activities including, as applicable, if we process your personal information for “targeted advertising” (as “targeted advertising” is defined by applicable privacy laws), if we “sell” your personal information (as “sell” is defined by applicable privacy laws), or if we engage in “profiling” in furtherance of certain “decisions that produce legal or similarly significant effects” concerning you (as such terms are defined by applicable privacy laws);
- Request Restriction of or Object to our processing of your personal information;
- Withdraw your Consent to our processing of your personal information. Please note that your withdrawal will only take effect for future processing, and will not affect the lawfulness of processing before the withdrawal; and
- Appeal our Decision to decline to process your request.
If you would like to exercise any of these rights, please contact us as set forth in “Contact Us” below. We will process such requests in accordance with applicable laws.
If applicable laws grant you an appeal right and you would like to appeal our decision with respect to your request, you may do so by informing us of this and providing us with information supporting your appeal.
6.0 Children’s Online Privacy Protection Act Policy
The Services are not directed to children under 13 (or other age as required by local law), and we do not knowingly collect personal information from children.
You may contact us as described in “Contact Us” below if you are a parent or guardian and believe that your child has uploaded personal information to our site without your consent.
If M-Cubed Labs becomes aware it has obtained the personal information of a child under the age of 13, M-Cubed Labs will promptly destroy that information as soon as commercially reasonable unless there is a legal obligation to keep the information.
7.0 Cookies and Other similar Technologies
We, as well as third parties that provide content, advertising, or other functionality on our Services, may use cookies, pixel tags, and other technologies (“Technologies”) to automatically collect information through your use of our Services.
- Cookies. Cookies are small text files placed in device browsers that store preferences and facilitate and enhance your experience.
- Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in our Services that collects information about engagement on our Services. The use of a pixel tag allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. We may also include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded.
The Site may use third party code and libraries that use Technologies to collect information and improve their services.
Note we use session replay analytics services, such as Full Story. This allows us to record and replay an individual’s interaction with the Services. For more information about how FullStory uses your personal information, please visit FullStory’s Privacy Policy. To learn more about how to opt out of FullStory’s use of your information, please click here.
Note that we do not currently respond to “Do Not Track” or DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.
M-Cubed Labs also uses Google Analytics. The following link explains how Google uses data when you use its partners’ websites and applications: www.google.com/policies/privacy/partners/. By using our services, you are providing M-Cubed Labs your express permission to store and access cookies and other information on your computer and to use Google Analytics in connection with such activities. To learn more about how to opt-out of Google Analytics’ use of your information, please click here.
You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. However, if you adjust your preferences, our Services may not work properly. Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt-out of personalized advertisements on some mobile applications by following the instructions for Android, iOS, and others.
The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising and consumer choice and privacy by visiting the Network Advertising Initiative, the Digital Advertising Alliance, the European Digital Advertising Alliance, and the Digital Advertising Alliance of Canada.
Please note you must separately opt out in each browser and on each device.
8.0 Retention of Personal Information
M-Cubed Labs will store your personal information we collect as described in this Privacy Policy for a period of up to five (5) years from the last interaction you have had with us unless we have a legal or necessary business purposes (for example, fraud detection) that requires a longer retention period. A “last interaction” means either the date which you last communicated with us (either through phone or email/online support) or the date of your last transaction with us.
Use of, and access to, your personal information is restricted to qualified staff members who have a business reason to access it.
9.0 Third-Party Links
Our Site may contain links to other websites or apps and may allow you to interact with third-party services, such as financial institutions and cryptocurrency exchanges, that are not controlled by us. This Privacy Policy does not apply to your access to and use of those third-party linked websites. Your access and use of the linked websites is governed by the privacy policies of those third-party websites and providing personal information to third-party websites or applications is at your own risk. We are not responsible for the privacy and data protection practices of such third-party websites or the acts or omissions of such third parties. Please review the privacy policies of the third-party websites before you visit them or disclose your personal information to them.
10.0 Supplemental Notice for California Residents
The California Consumer Privacy Act of 2018 (“CCPA”) grants unique rights to California consumers regarding how businesses treat their personal information. It is the policy of M-Cubed Labs to fully comply with the requirements of the CCPA as they apply to our California consumers.
The CCPA provides California residents with the right to know what categories of personal information M-Cubed Labs has collected about them, whether M-Cubed Labs disclosed that personal information for a business purpose (e.g., to a service provider), whether M-Cubed Labs “sold” that personal information, and whether M-Cubed Labs “shared” that personal information for “cross
context behavioral advertising” in the preceding twelve months. California residents can find this information below
The categories of sources from which we collect personal information and our business and commercial purposes for using and disclosing personal information are set forth in “Personal Information Collected”, “How We Use Your Personal Information”, and “Personal Information We Share with Third Parties” above, respectively. We will retain personal information in accordance with the time periods set forth in “Retention of Personal Information.”
10.1 Additional Privacy Rights for California Residents
- Opting Out of “Sales” of Personal Information and/or “Sharing” for Cross Context Behavioral Advertising under the CCPA. California residents have the right to opt out of the “sale” of personal information and the “sharing” of personal information for “cross-context behavioral advertising.” We currently do not use cross-context behavior advertising.
- Non-Discrimination. California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.
- Verification. To protect your privacy, we will take steps to reasonably verify your identity before fulfilling requests submitted under the CCPA. These steps may involve asking you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. Examples of our verification process may include asking you to provide the email address or phone number we have associated with you, instructions on the website you are taken to.
- Disclosure Regarding Individuals Under the Age of 16. M-Cubed Labs does not have actual knowledge of any “sale” of personal information of minors under 16 years of age. M-Cubed Labs does not have actual knowledge of any “sharing” of personal information of minors under 16 years of age for “cross-context behavioral advertising.”
- Disclosure Regarding Opt-Out Preference Signals. Applicable law may provide for an opt out by broadcasting an Opt-Out Preference Signal, such as the Global Privacy Control (GPC) (on the browsers and/or browser extensions that support such a signal). To download and use a browser supporting the GPC browser signal, click here: https://globalprivacycontrol.org/orgs. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.
- Disclosure Regarding Sensitive Personal Information. M-Cubed Labs only uses and discloses sensitive personal information for the following purposes:
- To perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services
- To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, and or confidentiality of stored or transmitted personal information.
- To resist malicious, deceptive, fraudulent, or illegal actions directed at M-Cubed and to prosecute those responsible for those actions.
- To ensure the physical safety of natural persons.
- To verify or maintain the quality or safety of a product, service, or device that is owned, manufactured, manufactured for, or controlled by M-Cubed Labs, and to improve, upgrade, or enhance the service or device that is owned, manufactured by, manufactured for, or controlled by M-Cubed Labs.
- For purposes that do not infer characteristics about individuals.
- Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To authorize an agent, provide written authorization signed by you and your designated agent and contact us as set forth in “Contact Us” below for additional instructions.
- California Shine the Light. The California “Shine the Light” law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties.
If you are a California resident and would like to exercise any of your rights under the CCPA, please contact us as set forth in “Contact Us” below. We will process such requests in accordance with applicable laws.
11.0 Supplemental Notice for Nevada Residents
If you are a resident of Nevada, you have the right to opt-out of the sale of certain personal information to third parties who intend to license or sell that personal information. Please note that we do not currently sell your personal information as sales are defined in Nevada Revised Statutes Chapter 603A. If you have any questions, please contact us as set forth in Contact Us below.
12.0 Other provisions, including for International/EU/UK Citizens
12.1 International Data Transfers.
All information processed by us may be transferred, processed, and stored anywhere in the world, including, but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live. We endeavor to safeguard your information consistent with the requirements of applicable laws.
If we transfer personal information which originates in the European Economic Area, Switzerland, and/or the United Kingdom to a country that has not been found to provide an adequate level of protection under applicable data protection laws, one of the safeguards we may use to support such transfer is the EU Standard Contractual Clauses.
For more information about the safeguards we use for international transfers of your personal information, please contact us as set forth below.
12.2 Sensitive Personal Information.
We do not generally require you to disclose any sensitive personal information (for example, details of race, religious belief, sexual orientation, or membership of a trade union) to us. If you do provide us with sensitive personal information for any reason, you consent to us collecting that information and then using and disclosing that information for the purpose for which you disclosed it to us.
12.3 Our Lawful Basis for Processing Personal Information.
If your personal information is subject to the EU General Data Protection Regulation or other related legislation, our processing of your personal information is supported by the following lawful bases:
Supervisory Authority. If your personal information is subject to the applicable data protection laws of the European Economic Area, Switzerland, or the United Kingdom, you have the right to lodge a complaint with the competent supervisory authority or attorney general if you believe our processing of your personal information violates applicable law.
- EEA Data Protection Authorities (DPAs)
- Swiss Federal Data Protection and Information Commissioner (FDPIC)
- UK Information Commissioner’s Office (ICO)
13.0 Bug Bounty
We're committed to protecting your privacy, keeping your data safe, and ensuring our services remain uninterrupted. If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at [email protected]. We respectfully request a fair chance to address the problem before it's made public or shared with a third party. Please also make a good faith effort to avoid violating privacy, destroying data, or interrupting our services while discovering potential vulnerabilities.
14.0 Policy Changes
We may change this Privacy Policy from time to time at our sole discretion to reflect changes about how we collect, use, and share your personal information. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use our Services after the new Privacy Policy takes effect.
15.0 Contact Us
If you have questions regarding our privacy policy or how we handle your personal information, need to access this Privacy Policy in an alternative format due to having a disability, or to exercise your rights, you can contact us at [email protected]