HairDAO Association (‘HairDAO’), an unincorporated nonprofit association in the State of Wyoming, collects pseudoanonymous data from public wallet addresses on Ethereum or other public blockchain networks for research purposes in the field of hair loss, through the websites https://www.hairdao.xyz (the “Site”) and its subdomains, including https://www.patient.hairdao.xyz.
Data Collected
Personal Data identified to each wallet address may include: email address, a Discord handle, a file representing a human genome, a table of hair loss treatments with a description of each treatment’s efficacy, photographs of persons or things, text denoting gender, an integer denoting age, and text denoting balding type. Sensitive Personal Data may be provided by blockchain wallet addresses to HairDAO, such as an individual’s genomic data, a table of hair loss treatments with a description of each treatment’s efficacy, photographs, gender, age, and balding type may be inputted. A blockchain wallet address may submit additional types of sensitive data that HairDAO cannot foresee. Additional data may be collected using Third Party services, including cookies, in order to collect information and report site usage statistics without personally identifying individual visitors to the Site and any of its subdomains. Data collected through Google analytics’ cookie service includes aggregate trends in: demographics of website visitors, the methods by which website visitors discovered the website, the pages which website visitors visited most frequently, the average engagement time of visitors over a certain time period, and new and old visitors over a certain time period. All personal data collected by HairDAO via a public wallet address on a public blockchain network, via either an end-user account or a smart-contract address is subject to a pseudonymization process by Courage Research, Inc., a corporation in the State of Delaware, utilizing Amazon Web Service’s GDPR-compliant data processing services.
How Data is used by HairDAO
A blockchain wallet address’s human genome representation, table of hair loss treatments with a description of each treatment’s efficacy, photographs of persons or things, text denoting gender, an integer denoting age, and text denoting balding type are collected for the purpose of research in the field of hair loss. A blockchain wallet address must consent to the use of personal data for the purposes participating in research in the area of hair loss. A wallet address’s email address or Discord handle is collected for the purpose of informing a wallet address of new or old developments in the field of hair loss research. A wallet address must consent to be contacted by the HairDAO Association for the purposes of receiving further information regarding latest developments in research on hair loss patients.
2.1 Data Collection via our Site and sub-domains
By interacting with our Site, you consent to the collection, storage and use of data that could be used to identify you. Personal Data we collect can include name, email, research project information and messages.
• Develop & improve the offered platform
• Personalize content for individual users
• Communicate with users and inform them about new content and features
• Detect and prevent activities that violate our terms and policies
• Optimize our marketing activities
The Site may use cookies technology to track the behavior of users and cookie files are sent to the user’s computer or mobile device when interacting with the Site. Cookies are small pieces of information that store preference settings and help us deliver a better user experience. HairDAO may use Google Analytics to monitor user traffic and behavior on the Site. Users can learn more about how it collects and processes your data in their terms: https://policies.google.com/technologies/partner-sites.
Most web and mobile device browsers automatically accept cookies. Users can change the browser preferences to prevent the use of cookies, or notify you each time a cookie is set. More about cookies at www.whatarecookies.com, which includes additional useful information on cookies and how to block them using different types of browsers. However, please note that by blocking or deleting cookies, you may not be able to take full advantage of the Site.
Shared Data
HairDAO processes data through Courage Research Inc., who utilizes Amazon Web Services as a sub-processor. In the future, HairDAO may allow independent researchers to submit algorithms for HairDAO to run on its data, in order to further the field of hair loss research, subject to HairDAO Privacy Policy.
International Data Transfers
HairDAO only enters into International Data Transfer Agreements in full compliance with international laws and regulations.
Data retention
HairDAO may store data for the purposes stated in this Privacy Policy for a maximum period of 10 years.
Security Measures
Data Encryption: Data is encrypted both in transit and at rest, using industry-standard encryption protocols, to protect against unauthorized access. The data encryption used is Advanced Encryption Standard (AES) encryption. Data in transit is also encrypted by Transport Layer Security (TLS) to protect against eavesdropping and tampering.
Data Minimization: HairDAO implements data minimization techniques to limit the amount of data collected, stored, and transferred to what is necessary for the purpose of the processing. This helps to reduce the risk of unauthorized access to sensitive information and to protect the privacy rights of data subjects. By implementing these mechanisms, HairDAO aims to ensure that the rights of data subjects are protected.
Rights of the Data Subject
Data Subjects may at any time exercise their rights according to the applicable laws and regulations, namely:
Right to be informed: Data Subjects can at any time enquire about what information is processed by HairDAO, why this happens and who else has access to this data.
Right of access: Data Subjects can request to get a full excerpt of all the data linked to their account and held by HairDAO.
Right to rectification: Data Subjects are allowed to correct or amend data that is incorrect.
Right to erasure: If data is no longer required, the consent for processing is withdrawn or personal data has been unlawfully processed, users can ask HairDAO to delete all the information associated with them.
Right to restrict processing: Data Subjects have the right to halt processing of their data temporarily.
Right to data portability: If Data Subjects request to see their collected data, HairDAO has to provide it in a structured, commonly used, and machine-readable format.
Right to object: The Data Subject has the right to object that HairDAO processes their data for profiling, automation and marketing which is inconsistent with the primary purpose for which it was collected.
Rights in relation to automated decision-making and profiling: Data Subjects have the right to not be subjected to decision-making that is purely based on automated data processing.
Data Subjects can make a request to exercise any of these rights in relation to personal information by sending a request to us through the contact information provided below. For privacy reasons and security, we may need to verify the Data Subjects’ identity before disclosing the requested information. Please note that HairDAO may take up to 30 days to fulfill such requests.
Contacts
For any questions or for the exercise of any rights please contact HairDAO via privacy@hairdao.xyz.
