NewTendermint, LLC Privacy Policy

Back to home

Last Updated: March 16, 2026

1. INTRODUCTION

NewTendermint, LLC (“Company,” “we,” “us,” or “our”) provides websites, software, applications, documentation, and other interfaces that facilitate access to the Gno.land blockchain network (the “Network”) and related products, tools, programs, and offerings (collectively, the “Services”). This Privacy Policy explains how we collect, use, disclose, and retain personal information in connection with the Services, and how you may exercise available privacy rights.

The Network itself is a decentralized public blockchain and is not controlled by the Company. Information written directly to the blockchain is public by design, may be permanently recorded, and is generally outside of our direct control. This Privacy Policy applies to personal information we collect through the Services. It does not govern the use of public blockchain data except to the extent we separately store, display, or process that data through the Services.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. You also acknowledge that once personal information has been entered on the blockchain associated with the Network, you may no longer be able to request access to, delete, or modify that information through the Company.

2. SCOPE AND UPDATES TO THIS PRIVACY POLICY

This Privacy Policy applies to personal information processed by us in connection with the Services, including our websites, applications, official interfaces, developer tools, support channels, communications, and other online or offline offerings that we operate.

This Privacy Policy does not govern public blockchain data except to the extent that we separately collect, display, index, cache, or otherwise process that data through the Services. For example, if we display public blockchain data in an explorer or interface, our handling of that displayed data through the Services is covered here, but the underlying blockchain record remains public and outside of our direct control.

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated Privacy Policy and update the “Last Updated” date above. Where required by law, we will provide additional notice. Your continued use of the Services after the updated Privacy Policy becomes effective means you acknowledge the revised Policy.

3. DECENTRALIZED NETWORK AND PUBLIC BLOCKCHAIN DATA

The Network operates on a public, decentralized blockchain. Any transactions, code, content, or other data you publish directly to the Network may become part of the public blockchain record and may be visible to anyone with access to the Network or a copy of its state. The Company does not control the blockchain or the data recorded on it, and cannot generally edit, alter, delete, or retract on-chain data once it has been confirmed.

This Privacy Policy does not extend to data you publish directly on-chain, because that data is not collected or governed by the Company except to the extent we separately display, index, cache, or otherwise process it through the Services. If you include personal information in on-chain content or transactions, that information may become permanently public. We strongly encourage you not to submit sensitive personal information to the Network.

Certain on-chain interactions may also be governed by separate network-governed terms, including the Gno.land Network Interaction Terms and, where applicable, the Gno.land Contributor License Agreement. This Privacy Policy governs only how the Company processes personal information through the Services and does not incorporate, replace, or alter those separate network-governed documents.

4. PERSONAL INFORMATION WE COLLECT

The categories of personal information we collect depend on how you interact with us, our Services, and the requirements of applicable law. We collect information that you provide to us, information we obtain automatically when you use our Services, and information from other sources such as third-party services and organizations, as described below. For residents of certain states and countries, additional disclosures appear later in this Privacy Policy.

A. Personal Information You Provide to Us Directly

We may collect personal information that you provide to us.

  • Account Creation. We may collect personal information when you create an account, such as name, email address, GitHub username, profile URL, or similar identifier, username, profile picture, phone number, or address.

  • Purchases. To the extent we offer paid products, we may collect personal information and details associated with any purchases you may make in connection with our Services, including payment information. Any payments made via our Services are processed by third-party payment processors. We do not directly collect or store payment card information entered through such processors, but we may receive information associated with your payment.

  • Your Communications with Us. We may collect personal information such as your name, email address, GitHub username, profile URL, or similar identifier, phone number, mailing address, or the content of your communications when you request information about our Services, register for a hackathon or event, request customer or technical support, or otherwise communicate with us.

  • Surveys. We may contact you to participate in surveys. If you decide to participate, we may collect personal information from you in connection with the survey.

  • Interactive Features. We and others who use our Services may collect personal information that you submit or make available through interactive features such as forums, comments, blogs, messaging features, and social media pages. Any information you provide using public sharing features of the Services may be considered public and may not be subject to the privacy protections described elsewhere in this Privacy Policy. Please exercise caution before revealing information that may identify you in the real world.

  • Sweepstakes or Contests. We may collect personal information that you provide in connection with any sweepstakes, contests, hackathons, or similar programs we offer. In some jurisdictions, we may be required to publicly disclose information about winners.

  • Conferences, Trade Shows, and Other Events. We may collect personal information from individuals when we attend or host conferences, trade shows, and other events.

  • Business Development and Strategic Partnerships. We may collect personal information from individuals and third parties to evaluate and pursue business opportunities, partnerships, and related initiatives.

  • Job Applications. If you apply for a role with us, we may collect personal information such as your application, resume, cover letter, work history, and any other information you provide to us in connection with your application.

  • Registration as Individual or Organizational Developers: Where offered, we may collect information from individuals or organizations registering as developers or contributors, such as a chosen username, organization name, title, or similar account profile information.

B. Personal Information Collected Automatically

We may collect personal information automatically when you use our Services.

  • Automatic Collection of Personal Information. We may automatically collect certain information when you use our Services, such as your Internet Protocol (IP) address, GitHub username, profile URL, or similar identifier where relevant, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising identifiers, browser or device information, approximate geolocation inferred from IP address, Internet service provider, and information regarding your use of the Services, such as pages visited, links clicked, content interacted with, frequency and duration of activity, and similar usage data.

  • Cookie Policy (and Other Technologies). We, as well as third parties that provide content, advertising, or other functionality on our Services, may use cookies, pixel tags, and other technologies (“Technologies”) to automatically collect information through your use of our Services.

    • Cookies. Cookies are small text files placed in device browsers that store preferences and facilitate and enhance your experience.

    • Pixel Tags/Web Beacons. A pixel tag, also known as a web beacon, is a piece of code embedded in our Services that collects information about engagement. It may allow us to record, for example, that a user has visited a page or clicked a particular link. We may also include web beacons in emails to understand whether messages were opened, acted on, or forwarded.

    Our uses of these Technologies fall into the following general categories

  • Operationally Necessary. This includes Technologies that allow you access to our Services, applications, and tools that are required to identify irregular website behavior, prevent fraudulent activity, improve security, or allow you to make use of our functionality.

  • Performance-Related. We may use Technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how individuals use our Services (see Analytics below);

  • Functionality-Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using our Services. This may include identifying you when you sign into our Services or keeping track of your specific preferences, interests, or past items viewed;

  • Advertising- or Targeting-Related. We may use first party or third-party Technologies, including cross-device tracking, to deliver content, including ads relevant to your interests, on our Services or on third-party digital properties.

  • Analytics. We may use first-party and third-party analytics and measurement tools to understand how our Services are used and to improve and personalize them. These tools may collect information such as pages viewed, links clicked, device and browser information, session activity, and similar usage data. To learn more about the analytics tools we use or any available opt-out options, please contact us as set forth in “Contact Us” below.

  • Social Media Platforms. Our Services may contain social media buttons or embedded features from services such as X, Discord, Reddit, or YouTube. These features may collect information such as your IP address and the page you are visiting on our Services and may set a cookie to enable the feature to function properly. Your interactions with these platforms are governed by the privacy policy of the company providing the feature.

  • Biometric Information. If you consent to our collection of biometric information, or if our collection of biometric information is otherwise permitted by law, we may collect facial images, fingerprints, or other biometric information for anti-money laundering, identity verification, access control, compensation, or rewards purposes in connection with our Services. We may share biometric information with third parties that assist us with compliance or access-control purposes. Where required by law, we will retain and delete biometric information in accordance with applicable legal requirements.

C. Personal Information Collected from Other Sources

  • Third-Party Services and Sources. We may obtain personal information about you from other sources, including third-party services and organizations. For example, if you access our Services through a third-party application, an app store, a third-party login service, or a social networking site, we may collect personal information that you have made available through that service.

  • Referrals and Sharing Features. Our Services may offer tools that allow you to provide personal information about your contacts through referral or sharing features. Third parties may also use the Services to upload information about you, including when they tag you or refer you. Please share information about others only where you have the right to do so.

5. HOW WE USE YOUR PERSONAL INFORMATION

We use your personal information for a variety of business purposes, including to provide our Services, for administrative purposes, and to market our products and Services, as described below.

A. Provide Our Services

We use your information to fulfill our contract with you and provide you with our Services, such as:

  • Managing your information and accounts;
  • Providing access to certain areas, functionalities, and features of our Services;
  • Answering requests for customer or technical support;
  • Communicating with you about your account, activities on our Services, and policy changes;
  • Processing your financial information and other payment methods for products or Services purchased; and
  • Allowing you to register for events.

B. Administrative Purposes

We use your information for various administrative purposes, such as:

  • Pursuing our legitimate interests such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention;
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
  • Measuring interest and engagement in our Services;
  • Short-term, transient use, such as contextual customization of ads;
  • Improving, upgrading, or enhancing our Services;
  • Developing new products and services;
  • Ensuring internal quality control and safety;
  • Authenticating and verifying individual identities, including requests to exercise your rights under this Privacy Policy;
  • Debugging to identify and repair errors with our Services;
  • Auditing relating to interactions, transactions, and other compliance activities;
  • Sharing personal information with third parties as needed to provide the Services;
  • Enforcing our agreements and policies; and
  • Carrying out activities that are required to comply with our legal obligations.

We may use your information for other legitimate business purposes as permitted by law.

C. Marketing and Advertising our Products and Services

We may use personal information to communicate with you about our Services and, where permitted by law, to market or promote our Services and related offerings. This may include email campaigns, custom-audience advertising, and interest-based or personalized advertising, including through cross-device tracking. If you have questions about our marketing practices or wish to opt out of certain marketing uses of your personal information, you may contact us as described below.

We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information or with your consent.

E. Other Purposes

We also use your personal information for other purposes as requested by you or as permitted by applicable law.

  • De-identified and Aggregated Information. We may use personal information to create de-identified and/or aggregated information, such as demographic information, information about the device from which you access our Services, or other analyses we create.

6. HOW WE DISCLOSE YOUR PERSONAL INFORMATION

We disclose your personal information to third parties for a variety of business purposes, including to provide our Services, to protect us or others, or in the event of a major business transaction such as a merger, sale, or asset transfer, as described below.

A. Disclosures to Provide our Services

The categories of third parties with whom we may share your personal information are described below.

  • Service Providers. We may share your personal information with our third-party service providers and vendors that assist us with the provision of our Services. This includes service providers and vendors that provide us with IT support, hosting, payment processing, customer service, and related services.

  • Business Partners. We may share your personal information with business partners to provide you with a product or service you have requested. We may also share your personal information with business partners with whom we jointly offer products or services.

  • Affiliates. We may share your personal information with our company affiliates for example: for our administrative purposes, IT management, or for them to provide services to you or support and supplement the Services we provide.

  • Other Users or Third Parties You Share or Interact With. As described above in “Personal Information We Collect,” our Services may allow you to share personal information or interact with other users and third parties (including individuals and third parties who do not use our Services and the general public)

  • Advertising Partners. Through our Services, we may share your personal information with third-party advertising partners. These third-party advertising partners may set Technologies and other tracking tools on our Services to collect information regarding your activities and your device (e.g., your IP address, cookie identifiers, page(s) visited, location, time of day). Both we and these advertising partners may use this information (and similar information collected from other services) for purposes of delivering personalized advertisements to you when you visit digital properties within their networks. This practice is commonly referred to as “interest-based advertising,” “cross-context behavioral advertising,” or “personalized advertising.”

  • APIs/SDKs. We may use third-party application program interfaces (“APIs”) and software development kits (“SDKs”) as part of the functionality of our Services. For more information about our use of APIs and SDKs, please contact us as set forth in “Contact Us” below.

We may also share your information with third parties as appropriate and permitted by law. The privacy choices you may have about your personal information are determined by applicable law and are described in the section titled “Your Privacy Choices and Rights” below.

B Disclosures to Protect Us or Others

We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our, or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.

C. Disclosure in the Event of Merger, Sale, or Other Asset Transfers

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

7. YOUR PRIVACY CHOICES AND RIGHTS

A. Your Privacy Choices

The privacy choices you may have about your personal information are determined by applicable law and are described below.

  • Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding our Services or updates to our Terms or this Privacy Policy).

  • Text Messages. If you receive an unwanted text message from us, you may opt out of receiving future text messages from us by following the instructions in the text message you have received from us or by otherwise contacting us as set forth in “Contact Us” below

  • Mobile Devices. We may send you push notifications through our mobile application. You may opt out from receiving these push notifications by changing the settings on your mobile device. With your consent, we may also collect precise location-based information via our mobile application. You may opt out of this collection by changing the settings on your mobile device.

  • Phone calls. If you receive an unwanted phone call from us, you may opt out of receiving future phone calls (except for phone calls that we may need to make for administrative or servicing purposes) from us by following the instructions which may be available on the call or by otherwise contacting us as set forth in “Contact Us” below.

  • “Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. No uniform technology standard for recognizing and implementing DNT signals has been finalized, however. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Policy.

  • Cookies and Personalized Advertising. You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. However, if you adjust your preferences, our Services may not work properly. Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt-out of personalized advertisements on some mobile applications by following the instructions for Android, iOS, and others.

    The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising and consumer choice and privacy by visiting the Network Advertising Initiative, the Digital Advertising Alliance, the European Digital Advertising Alliance, and the Digital Advertising Alliance of Canada.

    Please note you must separately opt out in each browser and on each device.

B. Your Privacy Rights.

Depending on where you live, you may have the right to:

  • confirm whether we process your personal information;
  • access or receive a copy of your personal information;
  • correct inaccurate or incomplete personal information;
  • request deletion, anonymization, or blocking of personal information;
  • restrict or object to certain processing;
  • withdraw consent, where processing is based on consent;
  • receive certain personal information in a portable format; and
  • request review of certain automated decisions, where applicable.

If you would like to exercise any rights available to you under applicable law, please contact us as described below. We will process such requests in accordance with applicable law and may need to verify your identity before responding.

8. SECURITY OF YOUR INFORMATION

We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy. Unfortunately, no system is completely secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by law, we do not accept liability for unauthorized access, use, disclosure, or loss of personal information.

By using our Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services.

9. INTERNATIONAL DATA TRANSFERS

All information processed by us may be transferred, processed, and stored anywhere in the world, including, but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live. We endeavor to safeguard your information consistent with the requirements of applicable laws.

If we transfer personal information which originates in the European Economic Area, Switzerland, and/or the United Kingdom to a country that has not been found to provide an adequate level of protection under applicable data protection laws, one of the safeguards we may use to support such transfer is the EU Standard Contractual Clauses.

For more information about the safeguards we use for international transfers of your personal information, please contact us as set forth below.

10. RETENTION OF PERSONAL INFORMATION

We store the personal information we collect as described in this Privacy Policy for as long as you use our Services, or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws, or based upon other criteria, including, but not limited to, the sensitivity and volume of such data. Additionally, we endeavor to retain all such personal information in accordance with legal requirements.

However, because the Network is decentralized and immutable, data written directly to the blockchain may persist indefinitely and is not subject to our retention controls.

11. SUPPLEMENTAL NOTICE FOR RESIDENTS OF CERTAIN U.S. STATES

This Supplemental Notice is for residents of states that have adopted comprehensive privacy legislation and others that may come into effect from time to time, including, but not limited to, California, Connecticut, Colorado, Utah and Virginia (collectively, “Applicable State Laws”).

The following table describes the categories of personal information we have collected and whether we disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding 12 months

Category of Personal Information Collected by CompanyCategory of Third Parties Personal Information is Disclosed to for a Business Purpose
Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.Service providers Business partners Affiliates Other users or third parties you share or interact with Advertising networks Internet service providers Data analytics providers Government entities Operating systems and platforms Social networks
Personal information categories A name, signature, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Personal Information does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records. Note: Some personal information included in this category may overlap with other categories.Human Resources Service Providers Marketing Service Providers
Protected classification characteristics under California or federal law Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).N/A (We do not actively collect this information from users, except possibly if you volunteer it; we do not disclose it for business purposes.)
Commercial information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.N/A (Our Services generally do not involve collecting detailed consumer purchase histories unrelated to our own Services.)
Biometric information Physiological, biological, or behavioral, characteristics (including DNA) that can be used to establish individual identity, or imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template such as a faceprint, a minutiae template, or a voiceprint, can be extracted and keystroke patterns or rhythms, gait patterns, or rhythms, and sleep, health or exercise data that contain identifying information.N/A
Internet or other electronic network activity Browsing history, search history, information on a consumer’s interaction with an internet website, application, or advertisement.N/A
Geolocation data Physical location or movements.Service Providers
Sensory data Audio, electronic, visual, thermal, olfactory, or similar information.N/A
Professional or employment-related information Current or past job history or performance evaluations.Human Resources Service Providers
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g, 34 C.F.R. Part 99)) Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.N/A
Inferences drawn from other personal information to create a profile about a consumer Profile reflecting a consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.Marketing Service Providers

Note: “N/A” indicates that we did not collect that category of information, or did not disclose it to third parties for business purposes, in the preceding 12 months. We do not knowingly collect or process sensitive personal information (as defined under California law) for purposes of inferring characteristics about consumers, other than as described (for example, basic contact or account information may include some identifiers considered sensitive, like a government ID number if you provided it for verification or payment, but we only use such data for necessary business functions or legal requirements).

The categories of sources from which we collect personal information and our business and commercial purposes for using personal information are set forth in “Personal Information We Collect” and “How We Use Your Personal Information” above, respectively.

Disclosure for Business Purposes: In the last 12 months, we have disclosed the above categories of personal information to third parties for various business purposes consistent with what is outlined in this Privacy Policy (see “How We Disclose Your Personal Information”). We do not disclose your personal information to third parties for their own direct marketing purposes unless you separately consent to such sharing.

“Sales” of Personal Information under the CCPA

For purposes of certain state law, we do not “sell” personal information, nor do we have actual knowledge of any “sale” of personal information of minors under 18 years of age as the term “sell” is commonly understood. That said, we may share information with third-party advertising partners for the purpose of promoting our Services as described above, such as for cross-context behavioral advertising. To the extent that such sharing is considered a “sale” under California law, you may limit such sharing by following the instructions found above in the section titled, Your Privacy Choices and Rights > Your Privacy Choices > Cookies and Personalized Advertising, or by contacting us as set forth in “Contact Us” below.

Additional Privacy Rights for Residents of Certain States

Non-Discrimination. Residents of certain states have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by applicable law.

Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To authorize an agent, provide written authorization signed by you and your designated agent and contact us as set forth in “Contact Us” below for additional instructions

Verification. To protect your privacy, we will take steps to reasonably verify your identity before fulfilling your request. These steps may involve asking you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, or to answer questions regarding your account and use of our Services.

Refer-a-Friend and Similar Incentive Programs. We may offer referral programs or other incentivized programs that involve the collection or sharing of personal information, subject to applicable law and any program-specific terms we provide. For example, we may offer incentives to you such as discounts or promotional items or credit in connection with these programs, wherein you provide your personal information in exchange for a reward, or provide personal information regarding your friends or colleagues (such as their email address) and receive rewards when they sign up to use our Services. (The referred party may also receive rewards for signing up via your referral.) These programs are entirely voluntary and allow us to grow our business and provide additional benefits to you. The value of your data to us depends on how you ultimately use our Services, whereas the value of the referred party’s data to us depends on whether the referred party ultimately uses our Services. Said value will be reflected in the incentive offered in connection with each program.

De-Identified Information. If we create or receive de-identified information, we will not attempt to reidentify such information, except to comply with applicable law.

California Shine the Light. The California “Shine the Light” law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties.

Right for minors to remove posted content. Where required by law, California residents under the age of 18 may request to have their posted content or information removed from the publicly-viewable portions of the Services by contacting us directly as set forth in Contact Us below or logging into their account and removing the content or information using our self-service tools

12. SUPPLEMENTAL NOTICE FOR CERTAIN INTERNATIONAL COUNTRIES

This section addresses individuals outside the United States, including those in the European Union (EU), European Economic Area (EEA), United Kingdom (UK), Switzerland, China, Turkey, Canada, Australia, Japan, South Korea, Brazil, and any other country that has privacy or data protection laws. We recognize that if you are an international user, you may have specific rights under your local laws. We strive to respect those rights and comply with all major global privacy frameworks, including the EU/UK General Data Protection Regulation (GDPR), China’s Personal Information Protection Law (PIPL), Turkey’s KVKK (Law on the Protection of Personal Data), Brazil’s Lei Geral de Proteção de Dados (LGPD), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), Australia’s Privacy Act, Japan’s Act on the Protection of Personal Information (APPI), South Korea’s Personal Information Protection Act (PIPA), and other applicable laws.

Our overall approach is to provide a level of privacy protection for all users that is consistent with this Privacy Policy and applicable law. Below, we highlight some key points for international users and how we address global privacy requirements:

  • Lawful Basis for Processing: When we process personal information of individuals in certain jurisdictions (such as the EEA, UK, Turkey, etc.), we ensure that we have a lawful basis to do so. Our lawful bases include:

  • Performance of a Contract: We process data to provide the Services you have requested (for example, using your information to create your account or to provide customer support is based on our contract with you).

  • Legitimate Interests: We may process your data for our legitimate business interests, provided such processing is not overridden by your own rights and interests. For instance, improving our Services, ensuring IT security, and direct marketing may be done on the basis of legitimate interests. We will consider your rights and objections in these cases, and you have the right to object to processing based on legitimate interests (see “Your Privacy Rights” above).

  • Legal Obligation: We process personal information as needed to comply with our legal obligations under international laws (e.g., retaining records for tax purposes, responding to lawful requests by public authorities).

  • Consent: In certain situations, we rely on your consent. For example, where required by law, we will obtain your consent before placing certain cookies on your device, sending you marketing communications, or processing sensitive personal data. You have the right to withdraw your consent at any time.

  • Public Interest or Vital Interests: These bases are less commonly applicable to our Services, but if needed, we may process data to protect someone’s vital interests (e.g., in an emergency) or in the public interest (if ever applicable, such as cooperating with public health authorities).

We will clarify the specific legal bases when required by law and when responding to requests about our processing of personal data.

International User Rights: Users in many jurisdictions outside the U.S. have rights regarding their personal information very similar to those described in Your Privacy Rights. This includes, for example, the right to access data, the right to request correction (rectification) of data, the right to deletion (erasure) of data, the right to restrict or object to processing, and the right to data portability. You also may have the right to object to processing of your personal data for direct marketing or on grounds relating to your particular situation (where our processing is based on legitimate interests). Additionally, if we ever engage in automated decision-making that has legal or similarly significant effects, you generally have the right not to be subject to such decisions without human intervention, as well as the right to express your point of view and contest the decision.

If you are an international user and wish to exercise any privacy rights provided to you under your local laws, please contact us. We will facilitate your request to the extent required by law. (For example, users in the EEA/UK can exercise their GDPR rights, users in Turkey can exercise rights under KVKK, users in Brazil under LGPD, etc., by contacting us.) We may need to verify your identity before responding, as noted earlier, and will respond within the timeframe specified by applicable law. In the event we cannot fulfill your request (due to legal exceptions), we will explain the reason (unless not required to do so).

Consent and Special Categories of Data: In some countries, certain types of personal information are considered sensitive (e.g., information about health, biometrics, racial or ethnic origin, political opinions, religious or philosophical beliefs, union membership, genetic data, precise location, or information about sex life or sexual orientation). We do not actively collect most of these “special categories” of data about our users. If you provide us with any sensitive personal data, we will handle it with extra care and process it only: (a) for the purpose for which you provided it, (b) with your explicit consent (if required by law), or (c) in accordance with applicable law (for example, some laws allow processing of sensitive data for specific legitimate purposes with adequate safeguards).

For instance, under Australia’s Privacy Act and Turkey’s KVKK, we will only collect and use sensitive information with consent or as required by law. Under China’s PIPL, we will obtain separate consent if we need to process sensitive personal information or provide your personal information to third parties, etc., unless another legal basis applies. If you are in Japan, we adhere to the APPI, which may require us to get your consent before sharing certain personal data with third parties or transferring it out of Japan, unless an exception applies. We strive to meet all these varying requirements in a streamlined way: generally, we won’t process sensitive data about you unless (a) it’s necessary and we have a lawful basis (such as your consent), or (b) you have manifestly made it public yourself in the context of our Services.

Cookies and Similar Technologies (International): For users in the EU/EEA, UK, and some other countries, the use of non-essential cookies and tracking technologies is governed by ePrivacy laws that require consent. We have implemented a cookie consent mechanism on our website (where required) that allows you to choose which categories of cookies to accept or reject. You can adjust your cookie preferences at any time through our cookie settings tool or your browser settings. We will not set cookies that are not strictly necessary for the website’s operation without your permission in those jurisdictions. Similarly, if we send email newsletters, we may ask for your consent in certain countries to use tracking pixels in those emails to know if they were opened. You have full control over cookies through the methods described in Your Privacy Choices.

Cross-Border Data Transfers: As noted in International Data Transfers, when we transfer personal data from countries with strict data transfer rules, we use appropriate legal mechanisms to ensure protection. For example, data originating in the EEA, UK, or Switzerland is transferred under Standard Contractual Clauses or other approved methods. Data from China will be transferred in compliance with PIPL requirements, if required, we will seek your separate consent for transferring your data to the U.S. or other countries, or implement security assessments or contracts as mandated. Data from Russia, if any, will be handled according to Russian data localization and export laws (which may involve storing certain data in Russia and obtaining consents for transfer). We want to be transparent that your information will be processed in the United States and other jurisdictions as needed to provide our Services. By using our Services or engaging with us, international users acknowledge that their data may be transferred to and processed in the U.S. and other locations. We will take all measures reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and local law.

Data Localization: Certain countries have laws that require personal data of their citizens to be stored or processed on servers physically located within their borders (for example, Russia and China have such laws for certain data). NewTendermint, LLC is headquartered in the U.S. and generally stores data in the U.S. At this time, we do not maintain local data centers in every country. When you provide personal information to us from outside the U.S., you consent (where required and permitted by law) to the transfer and processing of that information in the U.S. and other countries. We will ensure any such transfers comply with applicable legal requirements. If local storage is required for us in the future, we will take steps to comply (or otherwise legally transfer data out under approved mechanisms).

Your Local Privacy Contact: International users can always contact us with questions or requests regarding how we handle personal information. We have a single global point of contact listed in the Contact Us section below. In some regions, we may designate a local representative or specific contact to handle inquiries (for example, a representative in the EU or UK if required by GDPR Article 27, or a dedicated contact in Turkey or Brazil if needed). If we appoint such representatives, we will update this Policy or our website to reflect their contact details. Regardless, if you reach out to us at the main contact, we will ensure your inquiry is forwarded or addressed by the appropriate team member conversant with your local laws.

Right to Lodge a Complaint: If you believe that our processing of your personal information does not comply with the laws in your country, you may have the right to lodge a complaint with a supervisory authority or regulatory agency. We kindly request that you contact us first so we have the opportunity to address your concerns directly. However, the following oversight agencies are available as applicable:

  • In the EU/EEA, you can contact the Data Protection Authority (DPA) in the country where you live or work, or where an alleged infringement occurred. A list of DPAs is available on the European Data Protection Board’s website.

  • In the United Kingdom, you can reach out to the Information Commissioner’s Office (ICO).

  • In Switzerland, you may contact the Federal Data Protection and Information Commissioner (FDPIC).

  • In Turkey, you can file a complaint with the Turkish Personal Data Protection Authority (KVKK board) if your issues are not resolved.

  • In Brazil, the National Data Protection Authority (ANPD) oversees LGPD compliance.

  • In Australia, you can contact the Office of the Australian Information Commissioner (OAIC).

  • In Canada, you can contact the Office of the Privacy Commissioner of Canada (OPC) or your provincial privacy commissioner if applicable.

  • In Japan, the Personal Information Protection Commission (PPC) oversees APPI compliance.

  • In South Korea, the Personal Information Protection Commission or local authorities can hear complaints.

  • In China, the Cyberspace Administration of China (CAC) and other regulatory bodies oversee PIPL enforcement.

This is not an exhaustive list, but examples of authorities in major jurisdictions. We will cooperate with any such officials and will abide by the directives of regulators in the jurisdictions where we operate. Again, we encourage you to reach out to us directly with any concerns, and we will do our best to resolve them in a satisfactory manner.

Contact for International Users: If you are outside the U.S. and have any questions about how we handle your personal data or wish to exercise your local law privacy rights, please contact us (see Contact Us below). We are here to help and committed to protecting your privacy across all jurisdictions.

13. CHILDREN’S INFORMATION

The Services are not intended for children under 18, and we do not knowingly collect personal information from children under 18 through the Services. If you believe a child under 18 has provided personal information to us, please contact us as described in “Contact Us” below. If we become aware that we have collected personal information from a child under 18 in violation of applicable law, we will take appropriate steps to delete it, unless we are legally required to retain it.

14. OTHER PROVISIONS

Third-Party Websites/Applications. The Services may contain links to other websites/applications and other websites/applications may reference or link to our Services. These third-party services are not controlled by us. We encourage our users to read the privacy policies of each website and application with which they interact. We do not endorse, screen, or approve, and are not responsible for, the privacy practices or content of such other websites or applications. Providing personal information to third-party websites or applications is at your own risk.

15. CONTACT US

We are the controller of the personal information we process under this Privacy Policy.

If you have any questions about our privacy practices or this Privacy Policy or to exercise your rights as detailed in this Privacy Policy, please contact us at:

NewTendermint, LLC (Privacy Team)

Email: privacy@newtendermint.org

Mailing Address: NewTendermint, LLC – Legal Department, 25876 The Old Rd #41, Stevenson Ranch, CA 91381, USA (Attn: Privacy Team).

When contacting us, please provide your name and contact information, and a detailed description of your request or question. If you are making a rights request (such as accessing or deleting your data), please specify the nature of your request and the context (for example, the email associated with your account, or the Services you’ve used) so we can locate your information. We may need to verify your identity before acting on certain requests, as explained above.