Beep Labs Privacy Notice

1. Controller

The responsible person for processing your data under this Privacy Notice (“Controller”) unless we tell you otherwise in an individual case is:

beep labs AG, Alpenstrasse 9, 6300 Zug, Switzerland

You may contact us regarding data protection matters and to exercise your rights at: legal@beep.org.

2. Data Collection and Purpose of Data Processing

We process the following data about you for the purposes outlined below:

2.1 Beep Websites

When you visit the Beep Websites, we collect data that is necessary for its functionality and security.

The data collected includes: IP address; information about the operating system of your end device; cookies; referrer URL; amount of data transferred; date, region, and time of the server request; websites accessed or from which access is made; browser type and version; name of your Internet provider; protocols; information about visited and downloaded documents and files; languages preferences; currency preferences; etc.

2.2 User Account

Some of our services can only be used with a user account. To use our services, you must visit the Beep Websites, create a user account and pass an identity screening (see Section 2.3 below). When opening a user account, a Beep Wallet is automatically created and linked to the respective user account (see Section 2.4 below). We process the data collected in this context in order to provide our services and to ensure their functionality and security.

The data collected includes: name; first name; address; email address; date of birth; payment details (where appropriate); password; wallet address; information regarding your consent to the Terms of Service; your acknowledgement of this Privacy Notice; etc.

2.3 Identity Screening

As part of the registration process (see Section 2.2 above), you must carry out an identity screening check. We collect the information or data for the purpose of determining your eligibility to access or use the services for legal and regulatory purposes as well as compliance with any applicable law. To comply with legal requirements and prevent fraud attempts, we collaborate with a third-party service provider. The third-party service provider acts on our behalf to verify your identification and information as part of the registration process.

The data collected includes: name; first name; date of birth; etc.

2.4 Beep Wallet

As part of the registration process (see Section 2.2 above), an Beep Wallet is automatically created and linked to the user account. We collect the data in order to provide the wallet functionality, enable blockchain interactions, ensure the security and stability of our services, and comply with applicable legal obligations.

The data collected includes: wallet address; public blockchain transaction data; device information; technical logs; IP address; information regarding interactions with blockchain infrastructures, smart contracts or decentralized applications; and information relating to the use and functionality of the Beep Wallet; etc.

Please note that the Beep Wallet is non-custodial. This means that you retain sole control over your private keys and seed phrase. Your private keys and seed phrase are stored locally on your device. We are not able to access your private keys, seed phrase, funds, or other data related to your Beep Wallet.

2.5 Beep Tokens

As part of our services, you have the option to participate in the sale of Beep Tokens or any related investment activity, which requires the successful completion of a KYC check (see Section 2.6 below). In this context, we collect data in order to administer and execute token sales, verify eligibility and compliance requirements, process payments and transactions, communicate with participants, prevent fraud and misuse, and comply with applicable legal and regulatory obligations.

The data collected includes: name; first name; address; nationality; date of birth; email address; wallet address; transaction data; payment information; blockchain transaction information; information collected as part of KYC checks and sanctions screening procedures; residency and tax-related information; communication data; and information relating to your participation in a token sale or distribution event; etc.

2.6 KYC Check

If you participate in the sale of Beep Token or any related investment activity (see Section 2.5 above), you must carry out a simplified KYC (Know Your Customer) check. We collect the information or data for the purpose of determining your eligibility to access or use the services for legal and regulatory purposes as well as compliance with any applicable law. To comply with legal requirements and prevent fraud attempts, we collaborate with a third-party service provider specializing in KYC checks. The third-party service provider acts on our behalf to verify your identification and information as part of the registration process.

The data collected includes: name; first name; address; email address; phone number; language; nationality; date of birth; gender; legally required information regarding anti-money laundering and combating the financing of terrorism; identification documents; photographs of your face; etc.

We are legally obliged to collect and store the information and data collected in this context.

2.7 Services

We process your data for entering into a contract with you, perform and administer it and to provide our services to you.

The data collected includes: your contact details and other information provided by you; information when using our services and/or with regard to a possible conclusion of a contract and about the conclusion of the contract (e.g. products purchased by you, services provided for you); information about the execution and administration of the contracts; information about defects, complaints and contract amendments; financial data; information about downloads of offers, information, brochures, etc. that you have made; etc.

2.8 Newsletters

If you subscribe to our newsletter, we process the information provided by you in order to provide you with our newsletter. You can unsubscribe from our newsletter at any time by using the option to unsubscribe contained in the newsletter or by sending us an email to the address mentioned above.

The data collected includes: name; email address.

2.9 Marketing and Innovation

We process your data for our marketing and business activities, in particular to further develop our services, the Beep Websites and other platforms on which we operate, the Beep Wallet, and the Beep Token. In addition, we and selected third parties may use your data to show you personalised content or advertising if and to the extent that you give us your consent, provided this is required by applicable law. You can object to such marketing activities or withdraw your consent at any time (see also Section 9 below).

All of the above data may be used for this purpose.

2.10 Communication

When you contact us by email, telephone, letter, contact form, or other means of communication, we collect the data exchanged between you and us for the purposes of communicating with you and providing our services to you, in particular to respond to your enquiries. By providing us with this data, you acknowledge that we use your data in accordance with this Privacy Notice.

The data collected includes: contact details; email address; phone number; type, manner, place and time of communication; subject; content of communication; etc.

2.11 Safety or Security Reasons

We process your data to protect our IT and other infrastructure. For example, we process data for monitoring, analysis and testing of our networks and IT infrastructures including access controls.

2.12 Compliance with Law and Legal Procedures

We process your data to comply with legal requirements (e.g. to combat money laundering and terrorist financing (KYC), to fulfil tax obligations, etc.), and we might have to request further information from you to comply with such requirements or as otherwise required by law and legal authorities. Furthermore, we may process your data for the enforcement of legal claims and for the defence in legal disputes and official proceedings.

2.13 Risk Management, Corporate Governance and Business Development

We process your data as part of our risk management and corporate government in order to protect us from criminal or abusive activity. As part of our business development, we might sell businesses, parts of businesses or companies to others or acquire them from others or enter into partnerships and this might result in the exchange and processing of data based on your consent, if necessary.

2.14 Cookies

The Beep Websites uses cookies, and we may also allow certain third parties to do so (see also Section 2.15 below). Cookies are text files that are stored on your device (computer, laptop, smartphone, etc.) and that are necessary for the use of the Beep Websites as such or certain functions or that enable the analysis of the use of the Beep Websites.

By using the Beep Websites, we assume that you consent to the use of such techniques. However, depending on the purpose of these cookies, we may ask for your express consent beforehand. You can access your current settings by opening the “Cookies” on the Beep Websites and you can withdraw your consent under the same link at any time.

2.15 Tools

We use the following tool(s) to ensure a tailored design and the continuous optimization of the Beep Websites:

Google Analytics: Google Ireland Limited (based in Ireland) is the provider of the “Google Analytics” service and acts as our data processor. For this purpose, Google Ireland relies on Google LLC (based in the U.S.) as its sub-processor (together “Google”).

Google uses cookies (see above) to track the behaviour of visitors on some of the Beep Websites (www.waitlist.beep.org) (e.g. duration, frequency of pages visited, geographical origin of access, etc.) and, on this basis, prepares reports for us regarding the use of our website. Although we may assume that the information we share with Google does not constitute personal data for Google, it is possible that Google may use such data for its own purposes to draw conclusions about the identity of visitors, create personal profiles and link such data with the Google accounts of those individuals.

If you consent to the use of Google Analytics, you explicitly consent to such processing, including the transfer of personal data (in particular website and app usage data, device information and individual identifiers) to the U.S. and other countries.

Further information on data protection in connection with Google Analytics can be found here: Safeguarding your data - Analytics Help.

In connection with Google Analytics, we use Google Consent Mode V2 to make sure that we fulfil the consent requirements imposed by data protection laws. It allows us to manage the use of cookies and other tracking technologies in a way that protects your privacy. Explicit consent from users is required before personal data is collected, shared, or used for personalized advertising.

Hubspot Tracking Code: We use the functions of the tracking and analysis service “Hubspot Tracking Code” on some of the Beep Websites (www.waitlist.beep.org), which monitors website traffic and track visitor behaviour. Hubspot Tracking Code is offered by HubSpot, Inc., which is based in the U.S. Further information can be found in its privacy policy and its legal center: HubSpot Privacy Policy and Legal Center Homepage.

Meta Pixel: We use the Meta Pixel service on some of the Beep Websites (www.waitlist.beep.org), which is provided by Meta Platforms Ireland Limited (based in Ireland). For this purpose, Meta Platforms Ireland Limited relies on Meta Platforms, Inc. (based in the U.S.) as its processor (together “Meta”). Meta Pixel links the behaviour of users on our website with Facebook profiles in order to optimise our advertising and target audiences. Further information can be found in Meta’s privacy policy: Terms and Policies - Meta Pixel.

2.16 Links to Third-Party Websites

The Beep Websites may contain links to third-party websites. Please note that when you use such link, your data such as IP address, personal browser settings, etc., are transmitted to these third parties. We have no control over, do not review and cannot be responsible for these third-party websites or their content. Please be aware that the terms of this Privacy Notice do not apply to these third-party websites or their content, or to any collection of your data after you click on links to such third-party websites. We encourage you to read the privacy notices of every website you visit. Any links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.

2.17 Plug-Ins

We do not use plug-ins on the Beep Websites. If the Beep Websites contains icons from other third-party providers (e.g. LinkedIn, Facebook, Instagram), we only use theses for passive linking to the pages of the respective providers.

2.18 Third-Party Platforms

We operate accounts on third-party platforms (e.g. LinkedIn, Facebook, Instagram). If you communicate with us via our accounts or otherwise interact with our accounts on these third-party platforms, your data will also be processed according to the privacy notices of the respective platform. Please find further information on the purpose and scope of data collection and processing by the third-party providers in their respective privacy notices.

2.19 Social Sign-in Buttons

The Beep Websites offers easy sign-in option via social sign-in buttons (e.g. Google, Apple). These functions enable you to log on via your social network login.

When you visit the Beep Websites, the social sign-in plugins are deactivated, i.e. no data is transmitted to the operators of these platforms. If you want to use the social sign-in function, you have to click on the respective social sign-in button to establish a direct connection to the server of the respective social media platform, that means, a transfer of data only takes place after your consent.

The social media platform stores the data collected about you as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its platform. Such an evaluation is carried out in particular (also for non-logged-in users) for the display of targeted advertising and to inform other users of the social media platform about your activities on the Beep Websites. Your connection to a social media platform, the data transfers that take place between the network and your system and your interactions on this platform are subject exclusively to the privacy notices of the respective platform. For further information on the purpose and scope of data collection and processing by the social media platform, please review the privacy notices of these social media platforms, where you will also receive further information about your rights and about setting options for protecting your privacy.

3. Legal Basis for Data Processing

Insofar as we have asked for your consent, we process your data on the basis of this consent. You can withdraw your consent at any time with effect for the future by sending us a written notification (email to: legal@beep.org). The withdrawal of your consent affects neither the legality of the processing that we carried out before your withdrawal nor the processing of your data on the basis of other processing grounds.

If we do not need your consent, we will not obtain it and we will process your data for other reasons, such as the initiation/execution of a contract or a business relationship with you, a legal obligation, a vital interest of the data subject or another natural person, or to perform a public task. We may also process your personal data if we have a legitimate interest in doing so, which includes, for example, complying with applicable law and marketing our products and services, the interest in better understanding our markets and in safely and efficiently managing and developing our company, including its activities.

4. Transfer of Data to Third Parties

As part of our data processing, we may share your data with third parties, in particular to the following categories of recipients:

4.1 Service Providers

We may share your information with service providers and business partners around the world with whom we collaborate to fulfil the above purposes (e.g. IT provider, advertising service provider, security companies, banks, telecommunication companies, credit information agencies, address verification provider, lawyers) or who we engage to process data for any of the purposes listed above on our behalf and in accordance with our instructions only.

4.2 Contractual Partners

If required by the respective contract, we will pass on your data to other contractual partners, dealers, subcontractors, etc. If we sell or buy any business or assets, we may disclose your data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.

4.3 Legal and Regulatory Authorities

We may pass on data to offices, courts, and other authorities if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The authorities are responsible for processing data about you that they receive from us.

5. Disclosure of Data Abroad

The data that we collect from you may be transferred to, processed, and stored in, a country outside the European Economic Area (EEA) or Switzerland. In view of the EEA or Switzerland the law in some of those countries may not offer an adequate level of data protection. We only transfer data to these countries when it is necessary for the performance of a contract or for the exercise or defence of legal claims, or if such transfer is based on your explicit consent or subject to safeguards that assure the protection of your data, such as the EU-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework and/or the Standard Contractual Clauses approved by the European Commission (SCCs), adjusted according to Swiss law, all of the aforementioned if applicable and required.

6. On-Chain Data

When you use blockchains, you acknowledge that your wallet address and other data/information provided by your transactions, which are considered personal data if relating to an identified or identifiable natural person, are permanently and publicly stored on-chain, which means such data is publicly available to anyone. Neither we, nor any third party, has any power to delete such data published by its users to the blockchain. If you want to ensure that your privacy rights are not affected in any way, you should not transact on blockchains as certain rights may not be available or exercisable by you or us due to the technological infrastructure of the blockchain.

You hereby release and indemnify us of any liability associated with data that you transferred to the blockchain.

7. Retention and Storage of Data

We only process your data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of complying with legal retention requirements and where required to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled. Upon expiry of the applicable retention period, we will securely destroy your data in accordance with applicable laws and regulations.

8. Data Security

We take appropriate organizational and technical security measures to prevent your data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. However, we and your data can still become victims of cyber-attacks, cybercrime, brute force, hacker attacks and further fraudulent and malicious activity including but not limited to viruses, forgeries, malfunctions, and interruptions which is out of our control and responsibility. We have also put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9. Your Rights

In connection with our processing of your data, you have various rights under applicable data protection law: the right to information about how we process which personal data about you, the right to rectification, the right to erasure, the right to restriction of processing, the right to data portability, the right to withdrawal of a previously given consent, the right to file a complaint with the competent data protection authority if you believe that we are not processing your personal data in accordance with data protection requirements, and the right to object to a particular processing. However, we ask that you please contact us first if you believe that we are not processing your personal data in accordance with your wishes, so that we can address your concerns and implement appropriate changes.

Please note that we reserve the right to enforce legal restrictions, if necessary, e.g. if we are obliged to store or process certain data, have an overriding interest (insofar as we can invoke such interests) or need the data to assert claims. If the exercise of certain rights involves costs for you, we will inform you in advance. We have already referred to the possibility of withdrawing consent in Section 2.9 above. It is important to note that exercising these rights may conflict with your contractual obligations and could result in consequences such as early termination of the contract or associated costs. Should this occur, we will inform you in advance, unless this has already been contractually agreed.

If you wish to exercise the rights mentioned above, please contact us at legal@beep.org or at the contact details provided in Section 1, unless otherwise indicated or agreed. Please note that we may need to verify your identity in order to prevent misuse, e.g. by means of a copy of your ID card or passport, unless identification is otherwise possible.

In addition, every data subject has the opportunity to assert their rights in court or to file a complaint with the relevant data protection authority. In Switzerland, the relevant data protection authority is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch).

10. Amendment of this Privacy Notice

Due to continuous development of the Beep Websites, the content thereof, the Beep Wallet, and the Beep Token, changes in law or regulatory requirements, we might need to change this Privacy Notice from time to time. Our current Privacy Notice can be found on the Beep Websites.