Privacy Policys

Ibeacon Privacy Policy

1. Introduction
   Ibeacon and its affiliates (hereinafter, “Ibeacon”, “the Company”, “we”, “us” or “our”)
   are committed to protecting and respecting your privacy. This Privacy Policy will explain how our
   organization uses the Personal Data we collect from you when you use our website and
   services. By accessing Nexus Mutual you are consenting to the information collection and use
   practices described in this Privacy Policy.
   If you reside within the European Union (EU), European Economic Area (EEA), or Switzerland,
   Collective Risk Services CIC will be the data controller responsible for processing Your
   Information. See the Contact section of this Privacy Policy for details.
   This Privacy Policy applies to the operations of Nexus Mutual in the European Economic Area
   (EEA). It gives you rights by operation of the EU GDPR. If you live outside the EEA, Ibeacon will undertake its best efforts to give you a similar degree of control over your privacy.
2. Personal Data
   “Personal Data” is information that identifies you personally or by which your identity can
   reasonably be ascertained. We collect Personal Data in order to:

• Provide our services efficiently and effectively;
• Develop, enhance, market and deliver products and services to you;
• Provide information to you about developments and new products, including changes
  and enhancements to the Site;
• Provide you with news and other matters of general interest to you about Nexus Mutual
• Comply with Ibeacon’s legal and regulatory requirements
  3 How we use Personal Data
  3.1 When visiting our website
  We may collect World Wide Web-related information, including but not limited to IP Addresses,
  operating system and browser type as a result of your interactions with Ibeacon.
  This data may be processed in order to deliver the content of our website correctly, to optimize
  the content of our website to ensure the long-term viability of our information technology
  systems and website technology, and to provide law enforcement authorities with the
  information necessary for criminal prosecution in case of a cyber-attack.
  3.1 a) Cookie Policy
  Cookies are small text files that can be used by websites to make a user’s experience more
  efficient. Our site uses (i) technical, or functional, and (ii) analytics cookies. Technical cookies
  are necessary to run the website and don’t need user consent per law. Analytics, or statistics,
  cookies carry out statistical analysis of page use, page interactions, and paths through the
  website to evaluate and develop our website. For more information about cookies and how to
  disable them, please see “Your Rights as a Data Subject” below.
  3.2 When becoming a Ibeacon member
  Personal data may be collected if you apply and/or act as a member of Ibeacon.
  3.2 a) KYC and AML verification
  If you apply to become a member of Ibeacon, you will be asked to verify your identity
  using our Know-Your-Customer (hereinafter “KYC”) and Anti-Money-Laundering (hereinafter
  “AML”) verification processes.
  Personal data required for KYC/AML verification is processed and stored by a third party
  verification company Acuant, Inc (hereinafter, “Acuant”) and may include:
• Your full name
• Date of birth
• Address
• Email address
• Phone number
• Digital copy of your identification document
  3.2 b) Ibeacon User Database
  Ibeacon retains the following information of its members in a user database :
• Full name
• E-mail address
• Ethereum wallet address
• Status of KYC/AML verification
• Case ID of KYC/AML verficiation
• Date of membership application
• Date of membership withdrawal
  3.3 Using the Ibeacon application and the Ethereum blockchain
  When using the Ibeaconl application (https://app.nexusmutual.io/) through actions that may
  include but are not limited to:
• membership application and/or withdrawal;
• purchasing cover;
• staking;
• governance voting;
• claims assessment;
  members of Ibeacon interact with the Ethereum blockchain and/or any other public
  blockchains that provide full transparency to past and current transactions. Ibeacon is not
  responsible for preventing or managing information broadcasted on a blockchain. Decisions to
  transact on a blockchain and/or sharing information related to your blockchain wallet addresses
  rests with you.

1. Use of Third Party Applications
   4.1 Amazon Web Services
   We use Amazon Web Services (AWS) to store log and database data as described in paragraph
2. For further information and the applicable data protection provisions of AWS please visit
   https://aws.amazon.com/privacy/
   4.2 Acuant
   We use Acuant Compliance for the KYC/AML verification as described in paragraph 3.2a. More
   information about Acuant can be found on their website (https://www.acuant.com/).
   4.3 Links
   We link to social media profiles, articles and documentation that are hosted by other services.
   Those services might also collect Personal Data. Please refer to their respective privacy policies
   for more information:

• Github: https://docs.github.com/en/github/site-policy/github-privacy-statement
• GitBook: https://policies.gitbook.com/privacy
• Medium: https://medium.com/policy/medium-privacy-policy-f03bf92035c9
• Twitter: https://twitter.com/en/privacy
• Discord: https://discord.com/privacy
• Telegram: https://telegram.org/privacy
• Discourse Forum: https://www.discourse.org/privacy
  4.7 Support Channels
  Nexus Mutual uses different channels including but not limited to Telegram, Discord, Twitter to
  provide support, answer questions, and resolve any issues raised by its users. By accepting this
  Privacy Policy, you are deemed to consent to provide the following Personal Data to persons
  looking to resolve any dispute:
• E-mail address
• Blockchain wallet address
• Detailed description of the issue
• Date and time that the issue arose
• Outcome sought

1. Data Sharing
   We may make available the Personal Data that you provide to us to our business partners,
   administration centers, third-party service providers, agents, subcontractors, and other
   organisations for the purposes of completing tasks and providing services to you. We reserve
   the right to disclose Personal Data that we believe, in good faith, is appropriate or necessary to
   enforce our Terms of Use, take precautions against liability or harm, to investigate and respond
   to third-party claims or allegations, to respond to a court order, comply with any legal obligation
   or to protect security or integrity of Nexus Mutual and to protect the rights, property or safety of
   Nexus Mutual, our uses or others. We will take steps to ensure that your privacy rights continue
   to be protected.
   In the event that Ibeacon is involved in a merger, acquisition, sale, bankruptcy, insolvency,
   reorganization, receivership, assignment or the application of laws or change of control, there
   may be a disclosure of your information to another entity related to such an event.
2. Data Security
   We have put in place appropriate security measures to prevent your personal data from being
   accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we
   limit access to your personal data to those employees, agents, contractors and other third
   parties who have a business need to know. They will only process your personal data on our
   instructions and they are subject to a duty of confidentiality.
   We have put in place procedures to deal with any suspected personal data breach and will
   notify you and any applicable regulator of a breach where we are legally required to do so.
3. Data Storage
   We retain your Personal Data only for as long as is necessary for us to do so, with regard to
   the purposes described in this Privacy Policy and where retention is necessary for compliance
   to legal and regulatory requirements.
   In general, Personal Data relating to your KYC/AML verification as described in paragraph 3 is
   held for a period of six months by the third party company and membership data for a period of
   five years post membership withdrawal.
4. Your Rights as a Data Subject
   You have certain rights under applicable legislation, and in particular under Regulation EU
   2016/679 (General Data Protection Regulation or ‘GDPR’), as explained below.
   8.1 Information & Access:
   You have the right to request Our Company for copies of your personal data.
   8.2 Rectification:
   You have the right to request that Our Company correct any information you believe is
   inaccurate. You also have the right to request Our Company to complete the information you
   believe is incomplete.
   8.3 Erasure:
   You have the right to request that Ibeacon erase your personal data under the following
   circumstances:

• the personal data is no longer necessary for the purpose for which it was collected;
• we unlawfully processed your personal data; and
• erasure is required to comply with a legal obligation that applies to us.
  We will proceed to comply with an erasure request without delay unless continued retention is
  necessary for:
• Exercising the right of freedom of expression and information;
• Complying with a legal obligation under EU or other applicable law;
• The performance of a task carried out in the public interest;
• Archiving purposes in the public interest, scientific or historical research purposes, or
  statistical purposes, under certain circumstances; and/or
• The establishment, exercise, or defence of legal claims.
  As described in paragraph 3.3, Ibeacon is unable to erase or amend any information that
  has been stored on a public blockchain as a result of your interactions with Ibeacon.
  8.4 Restrict & Object to Processing:
  You have a right to restrict and object to processing of your personal data, such as where:
• you contest the accuracy of the personal data;
• where processing is unlawful you may request, instead of requesting erasure, that we
  restrict the use of the unlawfully processed personal data;
• we no longer need to process your personal data but need to retain your information for
  the establishment, exercise, or defence of legal claims.
  8.5 Data Portability
  Where the legal basis for our processing is your consent or the processing is necessary for the
  performance of a contract to which you are party or in order to take steps at your request prior
  to entering into a contract, you have a right to receive the personal data you provided to us in a
  structured, commonly used, and machine-readable format, or ask us to send it to another
  person.
  8.6 Access
  You have the right to access data we hold about you. We are happy to provide you with details
  of your Personal Data that we hold or process. To protect your personal data, we follow set
  storage and disclosure procedures, which mean that we will require proof of identity from you
  prior to disclosing such information. You can exercise this right at any time by contacting us via
  the methods described in paragraph 10. We aim to respond to your request within 30 days.
  8.7 Cookies
  Most web browsers are set to accept cookies by default. You can at any time change or
  withdraw your consent for analytics cookies directly on our website. Please note that if you
  choose to remove or reject cookies, this could affect the availability and functionality of our
  Services.

1. Changes to This Privacy Policy
   We may make changes to this Privacy Policy. We encourage you to review the Policy whenever
   you access or use our website to stay informed about our information practices and the choices
   available to you. If you do not agree to the revised Policy, you should discontinue your use of
   Ibeacon’s website and services.
   This Privacy Policy was last changed on October 7th, 2022.
2. Contact Us
   This website is owned and operated by Collective Risk Services CIC. We are registered in the
   United Kingdom under registration number 11353187, and our registered office is located at:
   27 Old Gloucester Street, London, United Kingdom, WC1N 3AX
   If you have any questions, comments, or concerns regarding our Privacy Policy and/or
   practices, please contact us at:
   E-Mail: support@ibeacon.org