Privacy Policy & Use of Cookies

Latest Updated: 29 May 2023

This privacy policy and use of cookies (“Privacy Policy”) provides you with notice as to our policies and practices in relation to our handling of personal data as well as the kinds of personal data which we hold and the main purposes for which such personal data is or is to be used and to whom any data access or correction request should be addressed. In this Privacy Policy, capitalized expressions used herein shall have the meaning set out in the Terms of Use at https://ozu.io/docs/terms-of-use.pdf, unless otherwise defined below or the context otherwise requires. You may be asked to consent to the practices and policies of this Privacy Policy when you access, or interact with us via, our Platform. Otherwise, by using our Apps, Platforms, Websites, Creator App or OZU Studio, you are accepting the practices and policies in this Privacy Policy.

PLEASE READ THIS PRIVACY POLICY IN CONNECTION WITH THE TERMS CAREFULLY BEFORE YOU ACCESS OR USE THE PLATFORMS.

1. OUR POLICY
   1. We, OZU LIMITED, a company registered in Hong Kong, under trade name of OZU, are committed to protecting the privacy, confidentiality and security of personal information we hold by complying with the requirements of the Personal Data (Privacy) Ordinance (“PDPO”) and relevant codes of practice which may be issued by the Office of the Privacy Commissioner for Personal Data (“PCPD”) from time to time.
   2. We ensure that our staff complies with the policies and practices set out in the Privacy Policy and maintains appropriate standards in meeting such commitment.

2. OUR PRACTICES
   1. Types of Personal Data Collected and Held: in relation to the services provided by us in maintaining and operating the Platform (our “Service”) from time to time, we collect or obtain, hold and use personal data of various categories of individuals which may be identifiable, pseudonymous, or anonymous (including aggregated and de-identified data), including but not limited to:
      1. Account Information: when you use our Service, you can add information to your account. We collect information and data you add to your account, such as your email address, username, background, image, linked social media accounts, optionally, if you are to sell or purchase NFTs, your personal data, such as your full name, telephone number, credit card information and other information you provide. Some of your Account Information may be publicly visible. Remember public content can exist elsewhere on the internet even after you remove it from your account on the Apps, Platforms, and Websites;
      2. Preferences: our Service may let you store preferences;
      3. Other Information: We also collect information and other data at other points in our Service where you voluntarily provide it through transactions, voting or otherwise, such as your full name, address, email address, telephone number, credit card information, and other personal description or where we state that your information is being collected; and
      4. Inquiries: If you provide us with inquires, we may receive your name and contact information, as well as any other content included in or associated with the message you send.

      Additionally, like much of Web 3.0 decentralised protocols, your social media account and/or blockchain digital wallet address may function as your identity on the Platforms. Accordingly, you will need a social media account, such as Twitter, or blockchain wallet address and a third-party wallet to access certain aspects of the Service. We do not consider a social media account or blockchain wallet address, standing alone, to be information that identifies you. However, a social media account or blockchain wallet address may become associated with you or information you provide when you use our Service.

   2. Information Collected Automatically: upon your access of, interactions with, for example, being directed to voting through our Platforms, the following information are automatically collected: (i) technical information, including the Internet protocol (IP) address used to connect your computer to the Internet and your log-in information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; (ii) information about your visit, including the full Uniform Resource Locators (URLs), clickstream to, through and from our Platforms (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number; and (iii) cookies or other tracking technologies, which include both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to analyze how users interact with our Service, make improvements to our product quality, and provide users with a more personalized experience, as described in Clause 3 for more details
   3. Information Collected from Third-Party Companies: we may receive information about you or related to you or your wallet address from service providers and other sources/companies that offer their products and/or services to us or to you, for use in conjunction with our Service, or whose products and/or services may be linked from our Service. We may add this to the data we have already collected from or about you through our Service. This information may include, for example:
      1. third-party wallet providers that provide us with your blockchain wallet address and certain other information you choose to share with those wallet providers;
      2. data analytics providers or vendors who provide us information related to certain blockchain wallet addresses;
      3. vendors who provide communication and identity verification services to us and which you choose to use; and
      4. other vendors who provide us information necessary to run our business or enforce our Terms of Service.
   4. Public Information: we collect data from activity and information that is publicly visible and/or accessible on blockchains or other public sources. This may include, for example, blockchain wallet addresses and information regarding purchases, sales, or transfers of NFTs, which may then be associated with other data you have provided to us.
   5. Please note that it is mandatory for you to set up an account and submit certain information as and when required on the Platforms before you can engage in any sale or purchase of NFTs listed on the Platforms. This may include certain personal data set out in clause 2.1 or any additional data deemed necessary for any of our KYC purpose. A failure to provide any requested personal data, or the provision of inaccurate or incomplete information may result in your inability to set up an account on the Platforms or us not being able to facilitate your NFT transaction. The provision of such personal data is generally voluntary unless otherwise specified.
   6. How We Use the Personal Data: the purposes for which personal data may be used by us and/or the persons set out below to which personal data may be disclosed and/or transferred are as follows:
      1. processing, assessing and approving accounts set up by users of the Platform;
      2. administering, maintaining, managing the Platform (including enforcing rights and fulfilling obligations under the Terms), and performing any function and activity related thereto;
      3. processing any feedback, enquiry or complaint made by or otherwise involving a user of the Platform;
      4. any internal management purpose;
      5. communicating with users generally (such as updates or changes to the Terms) and customer relationship management purposes;
      6. complying with any disclosure, reporting, screening, monitoring, record keeping, filing or notification or other similar obligations pursuant to any legal, regulatory, judicial, statutory, industry or administrative requirements (as applicable from time to time) including compliance with applicable laws, rules, regulations, codes of practice, guidelines or international and intergovernmental agreements (whether of Hong Kong or any other relevant jurisdictions);
      7. assisting in law enforcement purposes, investigations by police or other government or regulatory authorities, in Hong Kong or elsewhere;
      8. designing new or enhancing existing Platform services provided by us;
      9. advertising, marketing and promoting the Platform and other supporting services; and
      10. any other directly related purposes pertaining to any of the above.
   7. Disclosing the Personal Data: any personal data held by us will be kept confidential but we may disclose or transfer such information to the following parties (within or outside Hong Kong) for or in relation to the purposes above:
      1. any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in Schedule 1 of the Securities and Futures Ordinance (Cap. 571) of the Law of Hong Kong;
      2. personnel, agents, advisers, auditors, contractors, financial institutions, and service providers who provide services to us (including customized advertising on our websites, third-party websites, or online platforms), such as our staff, IT and system administration services and payment processors;
      3. our overseas offices, affiliates, business partners and counterparts (on a need-to-know basis only);
      4. payment and purchase information is collected and processed by payment service providers for payment processing and anti-fraud purposes;
      5. persons under a duty of confidentiality to us;
      6. any court, tribunal or administrative, governmental or regulatory body or enforcement agency in Hong Kong or elsewhere (including local or foreign tax authorities);
      7. actual or proposed transferees of our operations (or a substantial part thereof) in any part of the world;
      8. other parties in connection with transactions, as part of an actual or planned merger or transfer, acquisition or sale, or in the event of a bankruptcy;
      9. other third parties when you separately consent to or request such sharing; and
      10. links to other websites, devices, apps and features, which may operate independently from us and may have their own privacy notices or policies, which we strongly suggest you review. To the extent any linked website, device, app or other feature is not owned or controlled by us, we are not responsible for its content, use or privacy practices.
   8. Before using or providing your personal data for the purposes and to the transferees set out above, we may be required by law to obtain your written consent, and in such cases, only after having obtained such written consent, may we use and provide your personal data.

3. USE OF COOKIES
   1. The Platform uses cookies to distinguish you from other users on the Platform. This helps us to provide you with a good experience when you browse the Platform and allows us to improve the Platform.
   2. Cookies are small text containing small amounts of information which are downloaded and may be stored on any of your web browsers or internet enabled devices (e.g. your computer, smartphone or tablet) that can later be read by the server - like a memory for a web page.
   3. By continuing to use the Platform, you are agreeing to us placing cookies on your computer. The information collected (including but not limited to: your IP addresses (and domain names), browser software, types and configurations of your browser, language settings, geo-locations, operating systems, referring website, pages and content viewed, and durations of visit) will be used to ensure operation of the Platform and enable you to log in securely, for compiling aggregate statistics on how our visitors reach and browse our Platforms for web enhancement and optimisation purposes, and to help us understand how we can improve your experience on it.
   4. We use persistent cookies and session cookies. A persistent cookie stays in your browser and will be read by us when you return to our Platform or a partner site that uses our services. Session cookies only last for as long as the session (usually the current visit to a website or a browser session). We also use the following cookies:
      1. Strictly necessary cookies – These are cookies that are required for the operation of our Platform. They include, for example, cookies that enable you to log into secure areas of our Platform such as your account.
      2. Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around our Platform when they are using it. This helps us to improve the way our Platform works, for example, by ensuring that users are finding what they are looking for easily.
   5. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you do so, you may not be able to access all or parts of the Platforms.
   6. We may use third-party web services on the Platforms. The service providers that administer these services use technologies such as cookies (which are likely to be analytical/performance cookies or targeting cookies), web server logs and web beacons to help us analyse how visitors use our Platform and make the information displayed on it more relevant to your interests. The information collected through these means (including IP addresses) is disclosed to these service providers.

4. ACCURACY AND RETENTION OF PERSONAL DATA
   1. We have procedures in place to maintain, so far as is reasonably practicable, the accuracy, completeness and relevance of the personal data held by us in relation to the purposes for which the data is used. We aim to keep the personal data accurate and updated. However, we rely primarily on the relevant users of the Platforms to disclose all material information to us, as appropriate, and to inform us of any inaccuracy or changes in such information.
   2. We maintain and execute retention policies of records containing personal data to ensure that such personal data is not kept longer than necessary for the fulfilment of the purposes for which it is or is to be used. Different retention periods apply to the various kinds of personal data collected or obtained and held by us in accordance with our internal policies on retention of personal data based on the following logic:
      1. at least the duration for which the information is used to provide you with a service;
      2. as required under law, a contract, or with regard to our statutory obligations (e.g., tax laws); or;
      3. only for as long as is necessary for the purpose for which it was collected, is processed, or longer if required under any contract, by applicable law, or, in anonymized form, for statistical purposes, subject to appropriate safeguards.

5. SECURITY OF PERSONAL DATA

   We take appropriate steps to protect the personal data we hold against unauthorised or accidental access, processing, erasure, loss or use of the personal data. These steps include restricting physical and electronic access to personal data on a “need-to-know” and “need-to-use” basis, and having in place internal security policies and practices which require our staff to comply with the requirements of the PDPO.

6. THIRD PARTY WEBSITES

   Our Platform or our communication with you may from time to time contain links to Third-party Websites over which we have no control. If you follow a link to any of these websites, please note that they have their own practices and policies. We encourage you to read the privacy policies or statements of these websites understand your rights. We accept no responsibility or liability for any practices of Third-party Websites.

7. INTERNATIONAL TRANSFER OF INFORMATION

   Your use of our Service will involve the transfer, storage, and processing of your personal information within and outside of your country of residence, consistent with this policy. In particular, your personal information may be transferred out of Hong Kong. Please note that the data protection and other laws of countries to which your information may be transferred might not be as comprehensive as those in your country.

8. DATA ACCESS REQUEST AND DATA CORRECTION
   1. In accordance with the PDPO, an individual has the right to check whether we hold his/her personal data and to require us to provide a copy of such personal data and to correct any of his/her personal data which is inaccurate. Such requests can be made in writing using the form prescribed by PCPD (which can be downloaded from the website “www.pcpd.org.hk”) to our Data Protection Officer at the following address:

      Ozu

      Attention: Legal Department

      22/F., 181 Johnston Road

      Wan Chai,

      Hong Kong

      Email: info@ozu.io

   2. When we handle a data access or correction request, we will check the identity of the requestor to ensure that he/she is legally entitled to make such request. In this regard, we may require the requestor to provide his/her identity proof, e.g. by production of his/her Hong Kong identity card or other identification document. In the case of a request made by a “relevant person” (as defined in the PDPO), he/she will be required to provide proof of his/her identity and the identity of the data subject concerned as well as documents showing his/her capacity as the relevant person, such as written authorisation signed by the data subject, birth certificate or court order (as the case may be). If we cannot reasonably ascertain the identity of the data subject or establish the relationship between the requestor and the data subject, we will refuse to comply with the request.
   3. We shall endeavour to respond to any such request as soon as practicable and in any event no later than 40 days after receiving the request in accordance with the relevant requirements of the PDPO.
   4. We have the right to charge a fee which is not excessive for the processing of any data access request.

9. CHANGES TO THIS PRIVACY POLICY

   We reserve the right to update this Privacy Policy at any time and will make available an updated version on our Platform or in writing so that you are always aware of what information we collect, how we use the information and under what circumstances the information is disclosed. Any such change, update or modification will be effective immediately upon posting. If you have any questions, comments or requests regarding personal data, please address them to our support staff with contact details as provided in Clause 8.1 above.