This is a web site, and it's going to do web site things. We'll treat any of your data you choose to share with us according to the Golden Rule. It won't be sold. We'll make best effort to keep it confidential. Tell us to forget you and we will (though we'll be sorry to see you go). Beyond anonymous/automatic data (web server access log data, etc.), we'll ask for consent to collect and store, and we'll indicate why we need it (as far as possible, if you use a Google auth plugin, say, it's not going to tell you why we're requesting the attributes we are). The site is currently hosted through gandi.net and lives in a cloud environment in France. Most users of the site are envisioned to be visitors from the USA, but data will live in the EU. Regulatory stuff is confusing. We're trying the best we can, and the policy below is meant to be clear about compliance to GPDR and CCPA. If you'd care to comment, please contact us at: privacy@newarsenalofdemocracy.org
(the “Policy”)
The New Arsenal of Democracy (the “Organization”, “we”, “our” or “us”) respects your legal rights to personal data protection when we collect, transfer, store, or access your personal data.
This Policy outlines the Organization’s practices in relation to the collection, storage, use, processing and disclosure of personal data (as defined under the Personal Data Protection Act 2012 (“CCPA”) through our website located at https://newarsenalofdemocracy.org (the “Website”).
By visiting, accessing, or using the Website, you (“User”, “you”, or “your”) have indicated that you are at least eighteen (18) years old, have the legal capacity to consent to this Policy, and to agree to be bound by the policies and practices of this Policy in their entirety. This Policy sets out the following:
The types of personal data being collected and the sources from which we collect such personal data;
The purposes for collection, use and disclosure of personal data;
Disclosure of personal data;
Care of personal data (accuracy, protection, retention and transfer); and
The process by which we receive and respond to any feedback that may arise with respect to the collection, storage, use, processing and disclosure of personal data.
This Policy may be amended from time to time and we will provide notice of such amendments by posting the revised Terms on the Website (and changing the “Updated on” date reflected in the top left-hand corner of this page).
We will comply with the CCPA and other applicable data protection and privacy laws, such as the European Union General Data Protection Regulation (“GDPR”).
Non-Personal Data: If the User chooses to use the Website, the User consents to allowing the Organization to collect information about the User’s activities and trends through the Website. Such information may include (a) Device Information: Information that is automatically collected about your device, such as, but not limited to, your browser’s name and technical information about your means of connection to the Website, in particular hardware, operating system, browser, among other similar information; (b) Location Information: Information that is automatically collected via analytics systems providers to determine your location, including your IP address or domain name or both and any external page that referred you to us; (c) Log Information: Information that is generated by your use of the Website that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, location information, system activity and any internal and external information related to the Website that you visit; and (d) Account Information: Information that is generated by your account activity on the Website including, but not limited to, purchase activity, trading activity, deposits, withdrawals, and account balances. This information is aggregated to provide statistical data about our users' browsing actions and patterns, and does not personally identify individuals.
The User expressly agrees and acknowledges that the Organization may collect and store, with consent, the User’s personal information (whether you are a EU resident or not) from which that User can be identified (“User Information”). Such User Information does not include data where the identity of the Users has been removed (anonymous data). Statistical or demographic data, such as to provide better content and services, may be derived from your personal information but if anonymized, is not considered personal data for the purposes of the CCPA or under any applicable law because this data does not directly or indirectly reveal your identity. User Information may include but not limited to the following:
User’s name, email address, residential address, birth date, username or similar identifier and an encrypted version of your login/password;
Data necessary to complete any transactions you initiate through the Website;
Data in relation to your preferences in receiving marketing and communication from us and our third parties.
Such User Information may come within the meaning of “personal data” as defined in the CCPA and as used in this Policy. The User acknowledges that your User Information may be used by the Organization to provide services and features targeted at the User, that are most likely to meet the User’s needs, and to customise and improve the Website and the experiences of you and other users of the Website (but these other users will not see or have access to your User Information).
In addition, the definition of personal data under the GDPR may be wider than that under the CCPA or other privacy laws, and includes sensitive personal information, such as your race, ethnicity, religion and any medical condition you may have.
The User is aware that any and all information pertaining to the User collected by the Organization, whether or not directly provided by the User to the Organization (via the Website or otherwise), including but not limited to personal correspondence such as emails or letters, instructions from the User relating to the services offered on the Website, or communications between the User and other users, as well as information that you provide to us in correspondence with respect to ongoing customer support may be collected and compiled by the Organization and you hereby expressly consent to the same.
Cookies: The Organization collects data by way of ‘cookies’. Cookies are small data files which are sent to the User’s browser from the Website and are stored on the User’s computer or device (hard drive). The cookies shall not provide access to data in the User’s computer or device (hard drive), such as email address or any other data that can be traced to the User personally. The data collected by way of cookies will allow us to administer the Website and provide a tailored and user-friendly service to the Users. Information collected from cookies is used by us to evaluate the effectiveness of the Website, analyse trends, and administer the Website. The information collected from cookies allows the Organization to determine such things as which parts of the Website are most visited and difficulties our visitors may experience in accessing the Website. With this knowledge, the Organization aims to improve the quality of the User’s experience on the Website by recognising and delivering the most desired features and information. In addition to cookies, the Organization may also use a technology known as web bugs or clear gifs, which are typically stored in emails to help confirm receipt of, and response to, the emails sent by the Organization and to provide the User with a personalised experience while accessing the Website. You agree to the use of cookies by continuing to use the Website and any platform operated by the Organization.
The cookies shall enable the Users to access certain features or services of the Website. Most web browsers and devices can be set to notify when a User receives a cookie or to prevent cookies from being sent; if the User accepts such features, it may limit the functionality that the Organization can provide when a User visits the Website.
We may also collect or otherwise be provided with User Information about you from third parties whose websites you visit or whose services you use, including as social media platforms, where You may have authorized such websites and platforms to collect and share your User Information.
We may use the User Information to:
Provide the User with the use of the Website and the services offered on the Website, including customer support
Optimize and enhance the Website or any websites or platform operated by the Organization or its affiliates, for all users, or for you specifically;
Monitor the usage of the Website, and conduct automated and manual security checks of our service; and
Create aggregated and anonymized reporting data about the Organization.
The Organization will handle personal data appropriately, in line with the circumstances and in accordance with applicable law in the USA, and also including GDPR. If any intended use of personal data will go beyond the purposes envisioned during collection, the Organization will notify Users of the new purpose(s) and seek consent to use their personal data for such purpose(s).
If you are an EU resident, we are required to disclose the legal basis for processing your data under the GDPR. We will use data as described in the following paragraphs.
As it is in our interests to be responsive to you, to provide customized services and marketing and to ensure the proper functioning of our services and organization, we will use your data to:
improve the Website and to ensure content from the Website is presented in the most effective manner for you and your device;
administer the Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
monitor and record calls for quality, training, legal compliance, analysis and other related purposes in order to pursue our legitimate interests and to improve service delivery;
send you surveys by email or other forms of communication, including notifications on your social media platforms. You can opt-out of receiving these surveys at any time by contacting us;
respond to your enquiries, requests or feedback;
enforce our terms, conditions and policies;
allow you to participate in interactive features of the Website, when you choose to do so;
customize our products and services to you, including by responding to and catering for your customer preferences;
personalize the content you see on our Website;
keep the Website safe and secure;
aggregate your and other customer’s User Information into anonymized statistical data (such as number of players in a game), which we will use for statistical analysis so that we can better understand Users’ profile and improve service offering;
to customize our marketing. You may choose to notify the Organization to stop sending you targeted or customized marketing materials.
We cannot agree to obligations of confidentiality or nondisclosure with regard to any unsolicited information the User submits to us, regardless of the method or medium chosen. By submitting unsolicited information or materials to us or the Organization’s service providers, you or anyone acting on your behalf, agree that any such information or materials will not be considered confidential or proprietary.
We do not provide any facility for sending or receiving private or confidential electronic communications. You should not use the Website to transmit any communication for which you intend only for you and the intended recipient(s) to read. Notice is hereby given that all messages and other content entered using the Website can and may be read by us, regardless of whether we are the intended recipients of such messages. Nevertheless, access to messages and other content will be accessible only by the authorized personnel of the Organization and its service providers that reasonably need such access.
We protect the personal data in our possession or under our control by making reasonable and practical security arrangements to protect the User’s personal information from unauthorized access, collection, use, disclosure, copying, modification, disposal or similar. Unfortunately, however, no data transmission over the internet or data storage system can be guaranteed to be completely secure.
The User agrees and acknowledges that the above-mentioned measures do not guarantee absolute protection and by accessing the Website, the User agrees to assume all risks associated with disclosure of personal information arising due to breach of firewalls and secure server software.
The Organization undertakes to review the security measures from time to time in light of new and relevant legal and technical developments.
The User is aware that personal data may continue to be stored and retained by the Organization for the period necessary to carry out the purposes outlined in this Policy unless a longer retention is required under applicable law or until it is no longer necessary for any other legal or Organization purposes (whichever is later).
In general, the Organization will not disclose personal data except in accordance with the following:
in order to carry out the purposes for which such personal data was collected; or
where the User has consented; or
where permitted under the CCPA or other applicable law or;
if required by applicable law, including the reporting of suspicious transactions to the authorities in any jurisdiction.
The Organization may use third party services and applications to better understand the behavior of the Users of the Website. Where your consent has been provided, the personal data you provide to us may be transferred to third parties as may be advised to you, either within or outside France, as may be necessary for any of the purposes stated above. Our contracts with these third parties will include the necessary provisions to safeguard the personal data that is being transferred to them.
CC User’s relationship with these third parties and their services and tools is independent of the User’s relationship with the Organization. These third parties may allow the User to permit or restrict the information that is collected and it may be in the User’s interest to individually restrict or enable such data collections. The place of processing depends on each third party service provider and the User may wish to check the privacy policy of each of these service providers to identify how much data is shared and why.
If you are an EU resident, and if we do store any of your data in the European Economic Area (“EEA”), when we transfer the data outside the EEA under this paragraph 7, this is done either on the basis that it is necessary for the performance of the services provided to you by the Organization, or that the transfer is subject to the applicable laws in the EU or under the GDPR.
The Organization may use third party authentication services. In such cases, we may be privy to, granted access to, , or store, certain data available with these third parties for registration and identification purposes.
The place of processing depends on each third party service provider and you may wish to check the privacy policy of each of these service providers to identify how much data is shared and why.
If you are an EU resident, and if we do store any of your data in the EEA, when we transfer the data outside the EEA under this paragraph 8, this is done either on the basis that it is necessary for the performance of the services provided to you by the Organization, or that the transfer is subject to the applicable laws in the EU or under the GDPR.
We may, at our discretion, include third party products or services on the Website that are not operated by Us. These third party sites have separate and independent privacy policies. We have no control over, and therefore assume no responsibility or liability for the content and activities of these linked websites. We strongly advise You to review the privacy policy of every site you visit.
The Organization and the Website may use international web hosting facilities and cloud server services which are maintained in accordance with tight security standards (US NIST CSF 2.0 and US NIST 800-53b medium base line targeted compliance).
We may store and process Your personal information in data centers around the world, wherever the service providers are located. As such, We may transfer your personal data outside France. Such transfers are undertaken in accordance with applicable laws and regulatory obligations. Please refer to paragraphs 7.3 and 8.3 if you are an EU resident. Website is currently hosted on servers in France and/or Luxembourg.
The User is aware that in the event the Organization goes through a transition, such as a merger, acquisition by another organization, or sale of all or a portion of its assets, the Users’ personal data might be among the assets transferred as a result of the Organization transition. If this occurs, Users will be notified of the data to be transferred and given the ability to opt out. Additionally, Users will be reminded (via a link to this policy) of their rights to have personal data removed.
Under the CCPA, you may, by a written request to us, ascertain whether the information we hold about you is accurate and current, and you may also access and correct your personal data . Details of such rights are set out as follows.
The right to access: You have the right to know whether we process data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
When handling a data access or correction request, we check the identity of the requesting party to ensure that he or she is the person legally entitled to make such request. We may charge you a reasonable fee for our administrative costs incurred for complying with your request.
We may not provide you with certain data if another law that prevails over the CCPA or the data privacy laws allows us not to provide you with such data, or if providing the data would reveal information about another person, or otherwise infringe on his or her right to privacy.
There are certain circumstances in which we will decline to comply with your request under paragraph 13.2. These include (to the extent allowable under applicable law) situations where:
a government agency in France or regulator with jurisdiction over us direct us not to comply with a customer’s request;
the information may, in our discretion, affect the safety of any person or persons; and
the data may be relevant to a regulator or official investigators as part of an investigation into criminal conduct or breach of applicable laws.
The right to correction or rectification: You may request us to correct any data held about you that is inaccurate.
Withdrawal of Consent To Use Your Personal Data: You may withdraw your consent for us to use your personal data at any time by contacting us as directed below. We shall stop using your personal data and ensure that the parties to whom we transferred your personal data in accordance with paragraphs 6, 7, 8, 10, 11 and 12, will comply with your request. If you only wish to stop receiving marketing or promotional materials and information from us, please contact us as indicated below.
Additional Rights for residents of the European Union (EU)
If you are a resident in the EU, you may have the following rights under the GDPR in relation to your personal data, that is, (i) the right to be informed about how we use the Users’ Information what is what we are doing in this Policy; (ii) the right of data portability, (iii) the right of erasure (or deletion, which term we are using in this Policy), (iv) the right to restrict processing, (v) the right to object, and (vi) the rights in relation to automated decision making and profiling. These rights will be subject to ongoing obligations imposed on the Organization under any applicable laws or regulation and the Organization’s legitimate and legal rights to continue processing your information or to refuse that request. More details on these rights are set out below.
The right of data portability: You may request to receive the data we collect from you in a structured, commonly used and machine-readable format if processing of the data had been carried out by automatic means, and a right to request that we transfer such data to another party. The relevant subset of your data is data you provide us with your consent and will not include any data of any other person.
If you wish for us to transfer your personal data to another party, you must give us the details we need about that party. You acknowledge that the exercise of your rights is subject to such transfer being technically feasible. We are not responsible for the security of the data or its processing once received by the third party. We also may not provide you with certain data if providing the data would reveal information about another person, or otherwise infringe on his or her right to privacy
The right of erasure or deletion: You may request that we delete the data we hold about you in the following circumstances:
our continued holding of your personal data is no longer necessary for the purposes for which such data had been collected;
having provided your consent earlier, you now wish to withdraw your consent to our processing your data, and there is no other legal ground under which we can process the data;
you do not wish to receive updates, news about promotions or marketing materials from us that have been customized using data we have about you; or
the data we hold about you have been unlawfully processed in a manner not in accordance with applicable laws.
You may exercise your right to restrict our processing of the data while we consider your request.
Notwithstanding your requests, we may retain the data if there is a legal basis under applicable laws for us to do so although we will notify you of such a legal basis. You agree and acknowledge that if we do delete your data, you will be forgotten and we will not be able to provide you services that are customised to your preferences.
If we have made your personal data public, and there are grounds for deletion, we will take reasonable steps to tell others to whom we had earlier transferred your data to also delete the data.
The right to restrict processing to storage: You have a right to require us to stop processing the data we hold about you other than for storage purposes in certain circumstances. However, if we stop processing the data, we may use it again if there are valid grounds under applicable laws for us to do so, including laws relating to AML/CFT.
You may request we stop processing and only store the data we hold about you if:
You contest the accuracy of the data, for the period it takes for us to verify whether the data is accurate;
You are of the view that the processing of your data is unlawful and you only want us to restrict its use;
We wish to erase the data as it is no longer necessary for our purposes but you require it to be stored for the establishment, exercise or defense of legal claims; or
You have objected to us processing the data we hold about you, pending verification whether our legitimate grounds override yours.
The right to object: You may, at any time, object to us processing the data we hold about you for direct marketing purposes, including where we build profiles for such purposes and we will stop processing the data for that purpose.
The right in relation to automated decision making and profiling: You have the right not to be subject to a decision by us based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you unless you have given your explicit consent or unless otherwise permitted under the GDPR.
To exercise any of your rights set out in this paragraph 13 or under the GDPR, please write to us at the email address set out in paragraph 15 below. We will need to know the specific rights that you want to exercise, or the reasons for your objections, so that we can assess whether there are compelling legitimate grounds which override your interests, rights and freedoms, or so that we can determine if you have a valid basis to restrict our processing of your data. You must also provide us with proof of identity before we will respond to any requests to exercise your rights. We will respond to a request by you to exercise those rights without undue delay and at least within one (1) month (although this may be extended by a further two (2) months in certain circumstances).
The Organization reserves its right to revise, modify and update this Policy at any time, without prior notice, at the sole discretion of the Organization.
Users may check the date of the most updated version of this Policy by referring to the upper left-hand corner of this page.
Please send any questions or requests in relation to the Policy to: Email: pprivacy@newarsenalofdemocracy.org
To facilitate any request in respect of your personal data, You should indicate “CCPA Request” in your email or other communication to us.