cardano foundation logo

Privacy Policy

1. Who we are

Cardano Foundation (Cardano Stiftung) is a not-for-profit organisation based in Zug, Switzerland, tasked with advancing the Cardano blockchain as a public infrastructure across a wide range of industries. Our registered address is: Cardano Stiftung, Dammstrasse 16, 6300 Zug, Switzerland.

2. Scope of this Privacy Policy

This privacy policy (“Policy”) explains and sets out the basis for why and when we collect personal information about the people who visit our websites www.cardanofoundation.org and www.cardano.org (the “Websites”), use our services and/or interact with us in any other way. It explains and sets out how we use personal data, the conditions under which we may disclose it to others and the measures we take to keep it secure.

If you transmit or disclose data about other persons such as family members, employees, work colleagues, etc., we assume that you are authorized to do so, that this data is correct and that we may process it as described here. By transmitting such data, you confirm this. Please also ensure that these third parties have been informed of this Policy.

We may amend this Policy from time to time so please check it occasionally to ensure that you are aware of any changes.

3. How you can contact us

Please use the following contact information to report any concerns related to data protection:
FAO: Cardano Stiftung, Rykestraße 26, 10405 Berlin, Germany
privacy@cardanofoundation.org

4. How we collect information about you

We obtain information about you when you use our Websites, when you contact us by e-mail, web form, live chat or other means of communication, or if you register to receive one of our newsletters, attend an event or use any other of our services.

You are not obliged to disclose your personal data to us. However, we may need certain information in order to interact with each other. For example, we may not be able to provide certain contractual services or respond to inquiries if we do not receive the necessary information.

We may collect and process the following types of information about you:

4.1 Information you provide us

You may provide us with personal information by filling in forms on our Websites or by corresponding with us by e-mail, web form, live chat, phone, letter or other means of communication. We collect the data exchanged between you and us, including your contact details and the marginal data of the communication. The personal information you provide may include, in particular, your name, email, messages, address, phone number, IP address, language preference and information regarding the pages you access.

4.2. Information we collect about you

When you visit our Websites we may collect information about your IP address, information about your visit, your browsing activity, and how you use our Websites, including log files, date and time at the time of access, URL, amount of data sent in bytes, source/reference from which you reached the page, browser used, operating system used. This information may be combined with other information you provide.

4.3 Information we receive from other sources

We may receive information about you if you use any other websites we, or our partners, operate. We also work with third parties (including, contractors, project partners, service providers, analytics providers) and may receive information about you from them. This may be combined with other information you provide to us.

5. How your information is used

We may use personal information about you for the following purposes:

  • to process orders, manage relationships with customers and suppliers and fulfil contractual obligations (Article 6 para 1 letters a and b GDPR if applicable);
  • to send you personalised communications which you have requested and that may be of interest to you, which may be based on your activity on our Websites or the website of our partners. These may include information, suggestions and recommendations about new offers, campaigns, activities and events (Article 6 para 1 letters a and b GDPR if applicable);
  • to understand and measure the effectiveness of how we serve you and others (Article 6 para 1 letters b and f GDPR if applicable);
  • to process employment contracts, and for recruitment activities (e.g. names, addresses and other contact details, IDs, CVs, certificates, references; Article 6 para 1 letters b, c and f GDPR if applicable);
  • to ensure compliance with legal obligations and official orders, including communication with authorities and courts; enforcement of and defence against legal claim (Article 6 para 1 letter f GDPR if applicable).

6. Newsletters

The provisions of this Policy also apply to the request for and sending of our newsletter.
The newsletter will only be sent after prior request by the user in the so-called “double opt-in procedure” (request on our Websites and confirmation of a corresponding request e-mail).

Users of the newsletter are also assigned a UserID, which allows Cardano Foundation to determine when the relevant newsletter was opened and which links or functions from the relevant newsletter were activated. This tracking is done for internal optimization of the newsletter. The legal basis for processing is Art. 6 para. 1 a GDPR (if applicable), whereby Cardano Foundation’s authorization arises from the fact that, on the one hand, a concerned person can reasonably foresee at the time when the personal data is collected and in view of the circumstances under which it is carried out that it will possibly be processed for this purpose. The user has the right to withdraw his or her consent at any time.

If the user of the newsletter does not wish to receive this tracking, he/she can unsubscribe from the newsletter. To do so, simply unsubscribe via the link in the newsletter or send an e-mail to privacy@cardanofoundation.org. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

7. Use of cookies

Our Websites use cookies to distinguish you from other visitors of our website. Cookies are small text files that may be stored on your computer (or other internet enabled devices, such as a smartphone or tablet). They are sent by a server to your computer and stored on your hard drive to allow a website to recognise you when you visit.

Cookies can be used by our Websites to optimize the user's experience. Our Websites use different types of cookies. Some cookies are placed by third party services that appear on our pages. We use cookies to personalize content, to provide social media features and to analyse our traffic. This improves your experience when you browse our Websites and allows us to improve the service we provide.

We also use cookies to create statistical evaluations of the use of our Websites. For this purpose, we use third-party services (such as Google Analytics or similar services) that measure and evaluate the use of the Websites. Aggregated information is used that does not allow the individual user to be identified. However, the third-party provider (e.g. Google) may track your use of the Websites, combine this data with data from other websites that are also tracked by this third-party provider, and use this information for its own purposes and, if necessary, assign it to you. This third-party provider is responsible for the processing of your personal data by this third-party provider and its data protection provisions apply.

We also share information about your use of our Websites with our social media and analytics partners (such as Google Analytics, HotJar or similar services). Aggregated information is used that does not allow the individual user to be identified. However, the third-party provider (e.g. Google) may track your use of the Websites, combine this data with data from other websites that are also tracked by this third-party provider, and use this information for its own purposes and, if necessary, assign it to you. This third-party provider is responsible for the processing of your personal data by this third-party provider and its data protection provisions apply.

You can at any time change or withdraw your consent from the cookie declaration on our Websites. Your consent applies to the following domains: cardanofoundation.org, cardano.org. If you do not want us to use cookies during your visit, you can deactivate their use in your browser settings. In this case, certain parts of our Websites (e.g. language selection) may not function or may not function fully.

We use the following type of cookies:

7.1 Strictly necessary cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. These cookies enable basic functions like page navigation and access to secure areas of the Websites. The Websites cannot function properly without these cookies.

7.2 Targeting cookies

These cookies may be set through our Websites by our advertising partners. Marketing cookies are used to track visitors across websites. They may be used by those companies to build a profile of your interests and show you relevant adverts on other websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

7.3 Performance cookies

These cookies are usually referred to as statistical cookies and allow us to count visits, traffic sources so we can measure and improve the performance of our Websites. They help us to know which pages are the most and least popular and see how visitors move around the Websites. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our website, and will not be able to monitor its performance.

8. Who has access to your information

We do not pass on personal data to third parties without the consent of the person concerned, unless this is necessary for the purposes described in this Policy and except to third parties such as service providers, agents, subcontractors and other associated organisations engaged by us for processing for the purposes of completing tasks and providing services to you on our behalf, or if we are legally obliged to do so or if it is necessary to protect our interests, e.g. to combat abuse or to protect the law, to authorities or other third parties and within the framework of tracking technologies as described in this Policy.

If we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure.

9. Where we store your personal information

The data that we collect from you may be transferred to, and stored in, a country outside the European Economic Area (EEA), i.e. worldwide, in particular Switzerland, the United Kingdom and the USA. The laws in some countries may not provide the same legal protection for your information as in the EEA. In these cases, we only transfer personal data after we have implemented the legally required measures, such as the conclusion of standard contractual clauses on data protection or obtaining the consent of the data subjects. If you are interested, the documentation on these measures can be obtained from the address mentioned above.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.

The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information; any transmission is at your own risk. Once we have received your information, we will use good procedures and strong security features to try to prevent unauthorised access.

10. How long will we keep your data

We will hold your personal information on our systems for as long as is necessary for the relevant activity. They are then either deleted or anonymized, unless we need them for longer in exceptional cases, e.g. due to statutory retention and documentation obligations or our legitimate interests, e.g. to protect rights to which we are entitled or to defend against claims.

11. Links to other websites

Our Websites may contain links to other websites run by other organisations. This Policy applies only to our Websites‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be made responsible for the privacy policies and practices of other websites even if you access them using links from our Websites.

If you linked to our Websites from a third party website, we cannot be made responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that website.

12. Security measures to protect your information

We take appropriate administrative, technical and physical safeguards to protect the confidentiality, integrity and availability of personal data. We use strict procedures and security features, including encryption techniques, and take all steps reasonably necessary to ensure that personal data is processed securely and in accordance with this Policy.

Non-sensitive details such as your email address may be transmitted unencrypted over the Internet, and so may not be guaranteed to be 100% secure. While we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.

13. Your choices and your rights

You have the right to request a copy of your personal data as well as the right to have your personal data corrected or deleted.

Under certain circumstances, you have the right to request that we restrict processing or hand over the data to you and the right to object to processing by us in general.
If our processing is based on your consent, you have the right to withdraw this consent at any time with effect for the future.

You may also have the right to receive a copy of the personal data in a machine-readable format or to send the personal data to another controller.

You can exercise your rights by contacting us (see above).

You have the right to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner. Competent data protection authorities of EU countries can be accessed through this link.

14. Review of this Policy

We keep this Policy under regular review. In case of a revised version, we will inform you of the change in a suitable form (e.g. by posting it on our Websites or sending you an e-mail) and the new version will become binding upon publication on our Websites.

Last updated: 21 March 2025