Nomic Foundation Privacy Policy
Nomic Foundation (the “Nomic Foundation,” “we,” or “us”), a Swiss
Foundation, located at c/o Kaiser Odermatt &
Partner AG, Baarerstrasse 12, 6300 Zug, is a software
development foundation building open-source software to unlock developer
productivity in the Ethereum ecosystem is the controller and processor of your
personal data.
This Privacy Policy applies to: (i) the Nomic Foundation
website (https://nomic.foundation), the Hardhat website (https://hardhat.org/), and any other website
published by us (“website”), (ii) the Hardhat software (“Hardhat”), and
the (iii) Hardhat tools and plugins, including the hardhat runner, the hardhat vscode, the @nomicfoundation/coc-solidity, and the hardhat
network which, with any other features, tools and/or materials, domains and
subdomains, projects, made available from time to time by the Foundation (the
“Tools”), all of which are referred to as “services” in this Privacy Policy.
Users of the websites, Hardhat and the Tools are referred to collectively
as “Clients.”
This Privacy Policy describes what information Nomic Foundation collects,
how we use that information, and how we protect it. Nomic Foundation collects
and processes personal data in order to run our organization and offer our
services to Clients. We do not share Client information with third parties
except for the limited purposes described in this Privacy Policy.
By using our services, Clients understand and agree that we will collect,
process and use their information as described in this Privacy Policy, and in
compliance with the Swiss Federal Act on Data Protection (“FADP”), the Swiss
Ordinance to the Federal Act on Data Protection (“OFADP”), and the General
European Data Protection Regulation (“GDPR”). We recommend that Clients read
this Privacy Policy in full to ensure they are fully informed.
If you have any questions about this Privacy Policy or how we handle
personal data, please contact us at privacy@nomic.foundation or use the
contact information set out at bottom of this Privacy Policy.
What Personal Data Does Nomic Foundation Collect,
and Why?
The information that Nomic Foundation gathers from Clients allows us to
deliver and improve our services. For example, it allows us to communicate with
Clients, provide support, and (with Clients’ permission) monitor deployments
of Hardhat or any other website and the Tools for
performance-improvement and error-correction purposes.
A. Information Our
Clients Provide
We receive and store the information our Clients
supply to us when they communicate with us by email, GitHub, and social media.
This information may include the Client’s name, company, email address,
username, postal address, and telephone number.
Personal data processed through social media is subject to their privacy
policies. You should check each social media privacy policies. The Nomic
Foundation is not responsible for the data collected by these platforms.
B. Information
Automatically Collected from Clients
We also collect certain information automatically, including:
1. Error and performance monitoring data
Hardhat collects automated error and performance monitoring data to help
Nomic Foundation fix bugs and improve the performance of our software. This
data is only collected and processed if the Client opts into this feature.
The information collected includes: 1) a unique cryptographic identifier
to identify data from a single user; 2) the Hardhat version number; 3) whether
Hardhat is running on a server or desktop; 4) the Client’s operating system
(e.g. Windows, Mac, or Linux); 5) whether the Hardhat task running is a
build-in or user-defined task; 6) the versions of Node.js and Sentry running on
the Client’s computer; 7) error message text; 8) stack trace data; and 9)
timestamps.
The Nomic Foundation uses
third-party services, Sentry and Google analytics, to collect and process this
data: i) Google
analytics: extension version, machine Id, operating system, user agent; and ii)
Sentry: extension name + version, environment, machine id as mentioned above,
tags that provide context.
In the case of Sentry, the data is anonymized before being sent to
Sentry’s servers. Any piece of data resembling a path
or a private key is removed on a best-effort basis. The data sent to Sentry is
subject to a data processing agreement limiting Sentry’s use of the data and
requiring Sentry to take appropriate security measures to protect the data.
2. Website cookies
Like many websites, the Nomic Foundation websites use cookies to obtain
certain types of information when your web browser accesses our site. Cookies
are used most commonly to do things like tracking page
views, identifying repeat users and utilizing login tokens for a session.
|
Type of Cookie |
Served By |
How to Control These |
|
Session cookies: these are used to anonymously track a user’s session
on our websites to deliver a better experience. |
Nomic Foundation |
You can block or delete these by changing your browser settings. |
|
Performance and Targeting cookies: These cookies collect information
that is used either in aggregate form to help us understand how our website
is being used or how effective our marketing campaigns are, or to help us
customize our website for you. Such cookies may record site and
display-related activity for a session so that a client does not see displays
that are irrelevant or have already been dismissed. |
Google |
Google offers a Google
Analytics Opt-Out Browser Add-on for
most browsers. |
|
You can set or amend your web browser controls to accept or refuse
cookies. If you choose to reject cookies, you may still use our website
though your access to some functionality and areas of our website may be
restricted. As the means by which you can refuse cookies through your web
browser controls vary from browser-to-browser, you should visit your
browser's help menu for more information. |
||
Other information we collect and analyze includes the Internet Protocol
(IP) address used to connect your computer to the Internet, computer and
connection information such as browser type, version, language, and time zone
setting, browser plug-in type and version, screen resolution, and operating
system and platform. This information is stored in log files and is collected
automatically. We collect this technical information to better understand user
needs and provide Clients with an optimal online experience.
We also collect aggregate usage data for our websites, which may include
browsing patterns and broad demographic information, to enable us to understand
how our websites are being used and to develop and refine them to better serve
our Clients.
Our Legal Bases for Processing Personal Information
For personal data under Nomic Foundation’s control, we rely on two bases
to lawfully obtain and process personal information. First, where Clients have
given us valid consent to use their data in certain ways, we rely on that
consent. Second, as described in more detail below, in certain cases we may
process information where this is necessary to meet legal obligations, such as
compliance with law enforcement subpoenas or warrants, and/or to further our
legitimate interests, so long as any such legitimate interests are not
overridden by your rights or interests.
How and When Do We Share Information?
Nomic Foundation does not sell your information. As set out below, we
only share information on a limited basis in order to enable us to offer our
services. We do not otherwise make Client data available
to third parties.
Service Providers
We employ other organizations and service providers to perform certain
functions on our behalf. These third parties have only limited access to your
information, may use your information only to perform these tasks on our
behalf, and are obligated to Nomic Foundation not to disclose or use your
information for other purposes.
All Service Providers warrant to be in compliance with
the GDPR and provide sufficient security to the information they access to.
Our use of Service Providers includes:
· Google: for website analytics
· Sentry: for
collection and processing of error and performance monitoring data
for Hardhat
If you have any questions about the specific Service Providers we
currently use, please contact us at privacy@nomic.foundation or by
using the contact information set out at the bottom of this Privacy Policy.
Legal Compliance / Protection of the Public and Our Business /
Legitimate Interests
We will release personal and account information: to comply with a
subpoena, court order, legal process, or other legal requirement when we
believe in good faith that such disclosure is necessary to comply with the law;
to protect, establish, or exercise our legal rights or defend against legal
claims; when we believe doing so is reasonably necessary to prevent harm to an
individual; or take action regarding illegal activities, suspected fraud,
threats to our property, or violations of our legal terms.
We may also share your information during an organizational transaction
like a merger or distribution of our assets to a successor organization. If
such a transaction occurs, we will provide notification of any changes to
control of your information, as well as choices you may have.
Children’s Privacy
The services are not intended for children under the age of 16. We do
not knowingly collect personal information from anyone under the age of
sixteen. If you are under the age of sixteen, your parent or guardian must
provide their consent for you to use the services.
Data Transfers
Nomic Foundation provides a voluntary service and Clients can choose whether or not they wish to use it. Consequently, when
decided to use our Services you entitled Nomic Foundation to transfer your
personal data to the Services Providers for the purposes of the data processing
described in this Privacy Policy.
When your data is moved from its home country to another country, the
laws and rules that protect your personal information in the country to which
your information is transferred may be different from those in the country
where you reside. Because we offer our services to people in different
countries and use technical infrastructure based in different jurisdictions, we
may need to transfer your personal information across borders in order to
deliver our services.
Our Services Providers are obliged to protect data privacy at least to
the same extent as ourselves. We contractually ensure that the protection of
your personal data corresponds to the applicable laws by using the standard
contractual clauses to comply with the GDPR.
How Secure Is Your Information?
We maintain administrative, technical, and physical safeguards designed
to protect the privacy and security of the information we maintain about you.
The connection between your computer and our website server is encrypted using
Secure Sockets Layer (SSL) software that encrypts that information.
We use a Digital Certificate and secure pages will be identified by a
padlock sign and “https://” in the address bar. Likewise,
all Hardhat error and performance monitoring data is transmitted over
HTTPS transport layer security (TLS)-secured connections.
However, no method of transmission or storage is 100% secure. As a
result, while we strive to protect your personal information, you acknowledge
that: (a) there are security and privacy limitations inherent to the Internet
which are beyond our control; and (b) security, integrity, and privacy of any and all information and data exchanged between you and
us through this Site cannot be guaranteed.
What Are Your Rights?
Upon request, Nomic Foundation will provide Clients with information
about whether we hold any of their personal information (“Right to
confirmation”). In certain cases, subject to relevant legal rights, Clients
have the right to object to the processing of their personal information, to
request changes, corrections, or the deletion of their personal information,
and to obtain a copy of their personal information in an easily accessible
format (“Right to access”, “Right to object”, “Right to rectification”).
In order to do this, Clients can contact us using the contact
information set out at the bottom of this Privacy Policy. We will respond to
every request within a reasonable timeframe and may need to take reasonable
steps to confirm identity before proceeding.
You can also withdraw your consent to our processing of your information
and the use of our services, and/or delete your Client
account at any time, by using the contact information below to request that
your personal information be deleted (“right to be forgotten”).
If you are an EU resident and believe that our processing of your
personal data is contrary to the EU General Data Protection Regulation, you
have the right to lodge a complaint with the appropriate supervisory authority.
If you withdraw your consent to the use or sharing of your personal
information for the purposes set out in this policy, we may not be able to
provide you with our services. Please note that in certain cases we may
continue to process your information after you have withdrawn consent and
requested that we delete your information if we have a legal basis/need to do
so.
Data Retention
For personal data under its control, Nomic Foundation will retain such
data only for as long as is necessary for the purposes set out in this policy,
or as needed to provide Clients with our services.
If a Client no longer wishes to use our
services then it may request deletion of its data at any time.
Notwithstanding the above, Nomic Foundation will retain and use Client
information to the extent necessary to comply with our legal obligations (for
example, if we are required to retain your information to comply with
applicable tax/revenue laws), resolve disputes, and enforce our agreements.
We may also retain log files for the purpose of internal analysis, for
site safety, security and fraud prevention, to improve site functionality, or
where we are legally required to retain them for longer time periods.
Contact Us
If you have any questions, comments or suggestions about how we handle
personal information you can contact Nomic Foundation at privacy@nomic.foundation