Privacy Policy

November 2024

1) Introduction

Welcome to Buildables ("we," "us," or "our"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website buildables.xyz ("Website") and use our services (collectively, the "Services"). It also informs you about your privacy rights under the General Data Protection Regulation (GDPR) and Italian data protection laws.

Data Controller: Buildables
Contact Information: hello@buildables.xyz

2) Scope of this Privacy Policy

This Privacy Policy applies to all personal data processed by Buildables in the course of our business, including data collected through our Website, applications, and any other online or offline offerings.

3) Data We Collect

3.1) Personal Data You Provide to Us

Account Information

Registration Data: When you create an account via our authentication provider, Clerk.com, we collect your name, email address, username, and password.

Dapp Submission Data

When you submit a decentralized application ("Dapp") for listing or advertising on our Website, we collect:

Dapp Details: Name, description, and category of the Dapp.
Dapp Link: The URL to the Dapp's website or web page.
Social Links: Links to social media profiles or communities associated with the Dapp.
GitHub Repository Link: URL of the Dapp's source code repository.
Images: Icon image and up to three screenshots of the Dapp.
Smart Contract Addresses: Blockchain addresses associated with the Dapp.
Video URL: Link to videos (e.g., YouTube) showcasing the Dapp.
Additional Content: Any user-uploaded or written content related to the Dapp.

Communication Data

Contact Information: When you contact us via email or other channels, we collect your name, email address, and the content of your communication.

Consent Preferences

Cookie Consent: When you interact with our cookie consent banner, we collect and store your consent preferences regarding the use of cookies and similar technologies. This may include data on whether you have accepted or rejected certain categories of cookies.
IP Address and User ID: We may record your IP address and, if applicable, your user ID to associate consent preferences with your account and for security purposes.

3.2) Data Collected Automatically

Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect data automatically when you use our Services. This may include:

Technical Data: IP address, browser type, operating system, device information.
Usage Data: Pages visited, links clicked, time spent on pages, and other usage statistics.

Visit Tracking Data

IP Address and Visit Timestamp: When you interact with Dapp links on our Website, we collect your IP address and record the time of your visit to track visits to each Dapp.

Embedded Content

YouTube Videos: When you interact with embedded YouTube videos on our Website, YouTube may collect data as per their privacy policies.

3.3) Data from Third Parties

Authentication Provider: We receive certain data from Clerk.com necessary for user authentication.
Social Media Platforms: If you link your social media accounts or interact with our social media pages, we may receive data from those platforms in accordance with their privacy policies.

4) Purpose and Legal Basis for Processing

We process your personal data for the following purposes and under the following legal bases:

4.1) To Provide and Maintain Our Services

Purpose: To create and manage your account, authenticate your identity, and provide the functionalities of our Services. Legal Basis: Performance of a contract (Article 6(1)(b) GDPR).

4.2) To Facilitate Dapp Submission and Listing

Purpose: To receive, review, and publish your submitted Dapps, including the Dapp link, on our Website, allowing other users to access the Dapp's website. Legal Basis: Performance of a contract (Article 6(1)(b) GDPR); Legitimate interests (Article 6(1)(f) GDPR) in promoting and managing our platform.

4.3) To Enable User Interaction with Dapp Links

Purpose: To allow users to click on Dapp links provided in submissions to visit the Dapp's web page. Legal Basis: Performance of a contract (Article 6(1)(b) GDPR); Consent (Article 6(1)(a) GDPR) where applicable.

4.4) To Communicate with You

Purpose: To respond to your inquiries, provide customer support, and send administrative information. Legal Basis: Performance of a contract (Article 6(1)(b) GDPR); Legitimate interests (Article 6(1)(f) GDPR).

4.5) To Improve Our Services

Purpose: To analyze usage patterns, perform data analytics, and improve the user experience. Legal Basis: Legitimate interests (Article 6(1)(f) GDPR) in enhancing our Services.

4.6) For Marketing and Promotional Activities

Purpose: To send you newsletters, marketing communications, and promotional offers. Legal Basis: Consent (Article 6(1)(a) GDPR). You can withdraw your consent at any time.

4.7) To Comply with Legal Obligations

Purpose: To comply with legal and regulatory requirements, respond to legal processes, and prevent fraud. Legal Basis: Compliance with a legal obligation (Article 6(1)(c) GDPR).

4.8) To Manage and Store Consent Preferences

Purpose: To record and manage your consent preferences regarding the use of cookies and similar technologies, and to comply with our legal obligations under GDPR. Legal Basis: Compliance with a legal obligation (Article 6(1)(c) GDPR); Legitimate interests (Article 6(1)(f) GDPR) in managing user preferences and ensuring compliance.

5) How We Share Your Data

5.1) Service Providers

We engage third-party service providers to perform functions on our behalf:

Clerk.com: For user authentication and account management. Clerk.com Privacy Policy
DigitalOcean: For hosting, database, and data storage services within the European Union. DigitalOcean Privacy Policy
YouTube/Google: When you interact with embedded videos. Google Privacy Policy
CookieYes: For cookie consent management to comply with GDPR and other applicable laws regarding user consent for cookies and similar technologies. CookieYes Privacy Policy

5.2) Other Users

Publicly Available Information: When you submit a Dapp, certain information (e.g., Dapp details, images, social links, and the Dapp link) will be publicly displayed on our Website, allowing other users to click on the Dapp link and visit the Dapp's web page.

5.3) Legal and Regulatory Authorities

Compliance and Protection: We may disclose your data to law enforcement, government authorities, or other third parties if required by law or if we believe such action is necessary to:

Comply with legal obligations.
Protect our rights, property, or safety.
Investigate fraud or security issues.

5.4) Business Transfers

Mergers and Acquisitions: In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal data may be transferred as part of the transaction.

6) International Data Transfers

While we primarily store and process your data within the European Economic Area (EEA), some of our service providers may process data outside the EEA, including in the United States.

Adequacy Decisions: Where applicable, we rely on adequacy decisions by the European Commission.
Standard Contractual Clauses: We implement Standard Contractual Clauses approved by the European Commission to ensure adequate protection of your data.
Additional Safeguards: We take additional measures where necessary to protect your data.

7) Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements.

Account Information: Retained until you delete your account or request deletion.
Dapp Submission Data: Retained as long as your Dapp is listed on our Website or until you request its removal.
Communication Data: Retained as long as necessary to address your inquiries and maintain records.
Consent Preferences: Stored for as long as necessary to comply with legal obligations and demonstrate valid consent under GDPR.
Cookies and Usage Data: Retention periods vary; see our Cookie Policy for details.

8) Your Rights Under GDPR

You have the following rights concerning your personal data:

8.1) Right of Access (Article 15 GDPR)

You have the right to obtain confirmation whether we process your personal data and access to that data.

8.2) Right to Rectification (Article 16 GDPR)

You have the right to request the correction of inaccurate or incomplete personal data.

8.3) Right to Erasure (Article 17 GDPR)

You have the right to request the deletion of your personal data under certain conditions.

8.4) Right to Restriction of Processing (Article 18 GDPR)

You have the right to request the restriction of processing your personal data under specific circumstances.

8.5) Right to Data Portability (Article 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.

8.6) Right to Object (Article 21 GDPR)

You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.

8.7) Right to Withdraw Consent (Article 7(3) GDPR)

If we process your data based on consent, you have the right to withdraw your consent at any time.

8.8) Right to Lodge a Complaint (Article 77 GDPR)

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or place of the alleged infringement.

Please contact us at hello@buildables.xyz with your specific request.

9) Cookies and Similar Technologies

We use cookies and similar technologies to collect data about your browsing activities.

9.1) Types of Cookies We Use

Essential Cookies: Necessary for the functioning of our Website.
Functional Cookies: Enhance performance and personalization.
Analytics Cookies: Help us understand how users interact with our Website.
Marketing Cookies: Used by third parties like YouTube for advertising purposes.

9.2) Managing Cookies

You can manage your cookie preferences through our Cookie Consent Banner or adjust your browser settings. For more information, please read our Cookie Policy.

10) Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

Encryption: We use SSL/TLS encryption to protect data transmitted to and from our Website.
Access Controls: Restricted access to personal data to authorized personnel only.
Data Minimization: We collect only the data necessary for the purposes outlined.
Regular Assessments: We regularly review and update our security practices.

11) Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children under 18. If you believe we have collected such data, please contact us to request deletion.

12) Third-Party Links and Services

Our Website may contain links to third-party websites or services, such as Dapp websites, GitHub repositories, social media platforms, and YouTube videos.

12.1) Dapp Links

User Responsibility: When you click on a Dapp link submitted by another user, you will be redirected to a third-party website. We do not control or endorse these external sites. No Control Over Third Parties: We are not responsible for the content, security, or privacy practices of third-party websites. Recommendation: We encourage you to review the privacy policies and terms of use of any third-party websites you visit.

12.2) No Liability

Assumption of Risk: You access third-party websites at your own risk. We are not liable for any loss or damage arising from your use of third-party sites.

13) Disclaimers and Limitation of Liability

13.1) No Warranty

"AS IS" Basis: Our Services are provided on an "AS IS" and "AS AVAILABLE" basis without warranties of any kind. No Guarantee: We do not guarantee the accuracy, completeness, or usefulness of any information on our Website.

13.2) Limitation of Liability

Exclusion of Damages: To the fullest extent permitted by law, we shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of our Services or third-party websites.

14) Security Recommendations for Users

Caution with Links: Be cautious when clicking on links provided by other users. Verify the legitimacy of Dapp websites before interacting with them. Protect Your Data: Do not share sensitive personal data unless you trust the recipient and understand the potential risks. Stay Informed: Regularly update your software and devices to protect against security vulnerabilities.

15) Consent Management and Storage

We store your consent preferences regarding the use of cookies and similar technologies to manage your choices and comply with our legal obligations under GDPR.

15.1) Storing Your Consent

Consent Cookie: We use a consent cookie to remember your preferences on subsequent visits. Server-Side Storage: We also securely store your consent preferences in our database to maintain records as required by law.

15.2) Purpose and Legal Basis

Purpose: To record and manage your consent preferences, ensuring we respect your choices and comply with legal obligations. Legal Basis: Compliance with a legal obligation (Article 6(1)(c) GDPR); Legitimate interests (Article 6(1)(f) GDPR) in managing user preferences and ensuring compliance.

15.3) Data Retention

Retention Period: We retain your consent records for as long as necessary to fulfill the purposes outlined in this Privacy Policy and to comply with legal obligations.

15.4) Your Rights

Access and Control: You can modify or withdraw your consent at any time through the "Cookie Settings" link on our Website.

16) Visit Tracking and Ip Address Collection

16.1) Data Collection

IP Addresses and Visit Timestamps: When you interact with Dapp links on our Website, we collect your IP address and record the time of your visit. We use this information to track visits to each Dapp, ensuring that each IP address is counted only once per day.

16.2) Purpose of Data Processing

Visit Tracking: To count unique visits to Dapps, helping us provide accurate visit counts and improve our Services.
Service Improvement: Understanding visit patterns helps us enhance user experience and platform performance.
Fraud Prevention: Tracking visits by IP address assists in detecting and preventing fraudulent activities.

16.3) Legal Basis for Processing

We process your IP address and visit data based on our legitimate interests (Article 6(1)(f) GDPR) in maintaining and improving our Services, as well as preventing fraud and abuse.

16.4) Data Retention

Retention Period: We retain your consent records for as long as necessary to fulfill the purposes outlined in this Privacy Policy.

16.5) Data Sharing and Disclosure

No Third-Party Sharing: We do not share your ip address or visit data with third parties, except as required by law or to protect our rights. Service Providers: Our hosting provider, may process this data solely for the purpose of providing hosting services.

17) Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

Notification: We will notify you of significant changes by updating the "Effective Date" and posting a notice on our Website. Continued Use: Your continued use of our Services after changes have been made constitutes your acceptance of the updated Privacy Policy.

18) Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at hello@buildables.xyz

19) Complaints and Dispute Resolution

If you have any complaints regarding our compliance with this Privacy Policy, please contact us first. We will investigate and attempt to resolve complaints and disputes regarding the use and disclosure of personal data.