Last Updated: October 6, 2022
Welcome! Forte Labs, Inc. and its affiliates (“Forte,” “we,” “us,” or “our”) offer various tools to help developers, publishers and other associated parties apply blockchain and similar technologies to economies and users to access those economies (collectively the “Forte Platform” or “our Platform”).
Forte is a data controller when operating our Platform; and a data processor when providing our Site and/or Platform to third-party game publishers, service providers (including but not limited to Provenance Technologies, Inc. or PTI) and content developers, their affiliates or their agents (collectively, “Game Entity” or “Game Entities”). When playing a game the data controller will be the game developer or publisher who actually owns or controls the game which uses our Site and/or Platform.
1. USER INFORMATION AND BLOCKCHAIN
Forte was founded on the premise that blockchain and blockchain gaming (including web3 more generally) offer a chance to break the cycle of information exploitation found in web1 and web2 domains and to begin anew. We want to invert the model of many companies by making transparency and user protections paramount.
Blockchain introduces an innovative ecosystem characterized by radical transparency and immutability, and it is important for you to understand how these characteristics impact privacy.
- Transparency. Data on public, Layer 1, or Layer 2 blockchains is or may become public. In other words, if you are transacting on or otherwise interacting with a blockchain, your transaction, certain data, and your associated account is or may become publicly available for others to see.
- Immutability. Often, the data written to a blockchain is immutable and cannot be erased or altered. This means that once your data is on a blockchain, it may not be possible to remove or change it. This is particularly important if you are transacting on a blockchain. To be clear, information other than data written to a blockchain are – to the extent Forte has control over it – private and only collected to the extent necessary to provide service via our Platform.
When you interact with Forte and our Services, certain of your interactions will cause data to be stored on a blockchain, while other interactions will result in data being stored on a more traditional storage infrastructure. For instance, when you change or transfer ownership of digital assets in a game, data will likely be stored on a blockchain. Whereas, when you use a credit card, data will likely be stored in secure cloud storage belonging to the third party payment processor.
2. INFORMATION WE COLLECT
Depending on your relationship with us, we collect different types of information about you and your device as you interact with our Services.
Information You Provide to Us
The information you provide to us when you use our Services will depend on which of our
Services you use:
- Contact us directly by completing an online form to learn more about the Services, requesting access to materials provided on our Site, submitting questions to our support team, or communicating with us for any other purpose. At times, the information we collect will include your name, email address, telephone number, physical address, and affiliation to Forte.
- Use our Platform to build or develop game features or technologies using our Platform. As part of Platform use by content developers, we require a license and services agreement which includes company affiliation, contact name(s), email address, telephone number, and address. From time to time, this information is collected either directly by us; directly by PTI, which provides regulated money transmission related services for fiat, digital assets and virtual cryptocurrencies (including “know your customer” and anti-money laundering checks); and/or by a third-party payment processor.
- Interact with or otherwise transact in a marketplace, exchange, or storefront on the Forte Platform. At times, we collect your username, email address, and wallet identification number for any wallet you are using to make transactions, and the account or identification number assigned to you by the Game Entity using the Platform, and credit card or other payment method information necessary to engage in transactions on the Forte Platform. We also collect and retain records of transactions that take place on the Forte Platform.
- Create an account to use certain features of the Service, such as a storefront, exchange, and your Forte-created digital asset wallet (the “Wallet”). As part of the registration process, we collect your name, email address, digital wallet identifiers or keys, or other contact information.
Information We Collect Through Our Services
We may receive and store information about you, your wallet and your device(s) automatically when you navigate the Services, which may include:
- Information related to the device and software you use to access the Services, such as your internet protocol (“IP”) address, mobile device identification, web browser type, operating system version, and other similar information; and
- Information about your interactions with the Services, such as the specific pages you visit, content you view, date and time of your visits, and, as applicable, the website you visited before you came to the Service.
Forte may also conduct Know Your Customer (“KYC”) and Anti-Money Laundering (“AML”) verification as required by applicable law, which may include collecting your name, address, phone number, email address and form(s) of identification (such as a driver’s license). Please note that for the majority of user transactions on the Forte Platform, KYC and AML checks are conducted by PTI. You are strongly advised to review PTI’s privacy terms. Forte and PTI use a graduated system of KYC and AML which means that the larger the transaction the more documentary verification may be required and collected; verification may be performed by Forte or by PTI.
Information We May Receive From Third-Party Sources
We also may receive information about you, your account with the game developer or game publisher, your Wallet, other service providers, and/or your device from third-party sources, including:
- A third-party game publisher or developer or storefront operator whose services are supported by our Platform. Information we collect from a third party whose Forte-enabled service you use may include your crypto wallet’s custody and/or public keys, coarse location, and other information required to facilitate the transfer of tokens, and/or digital currencies into or out of your Wallet.
- Providers of third party cryptocurrency wallets that are used to make transactions on the Platform, including your Wallet identification number.
- Third party providers of KYC/AML services, payment processors and or money transmission licensees (some of which may have professional association with Forte).
- Public or Layer 1 blockchain data.
- Analytics providers that track usage of our Site, Platform and Services.
We also may host, or engage third parties to host, information about you, or manage servers in which your information is stored, on behalf of select third-party partners and service providers in order to allow you to engage in our services. Information we collect through our service providers and business partners may include your name and email address.
Information From Cookies and Similar Technologies
We and our third-party partners may collect information about you and/or your device(s) using cookies, pixel tags, or similar technologies. Our third-party partners, such as analytics and advertising partners, may use these technologies to collect information about your online activities over time and across different services. Cookies are small text files containing a string of alphanumeric characters. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Site.
Please review your web browser’s “Help” file to learn the proper way to modify your cookie settings. Please note that if you delete or choose not to accept cookies from the Site, you may not be able to utilize the features of the Site to their fullest potential.
There are also online tools available for clearing all cookies left behind by the websites you have visited, such as www.allaboutcookies.org; and for users in the EEA & UK, https://www.youronlinechoices.eu/.
Most advertising networks offer you a way to opt out of Interest Based Advertising. If you would like to find out more information, please visit http://www.aboutads.info/choices/ or http://www.youronlinechoices.com.
3. HOW WE USE THE INFORMATION WE COLLECT
We may use the information we collect or receive about you to:
- Communicate with you, provide you with updates and other information about our product and Services, provide information you request, respond to questions, and otherwise provide customer support;
- Provide, maintain, improve, and develop both our Services and new products, services, features, and functionalities;
- Facilitate the actions you initiate through third-party games and other services made available by our Platform;
- Carry out our obligations arising from any contracts entered into between you and us;
- Engage in marketing and advertising which you have previously agreed to and would have the ability to opt out of at your discretion, such as developing and providing promotional and advertising materials that may be relevant, valuable, or otherwise of interest to you;
- Understand and analyze how you use the Services;
- Manage and secure our Site, Platform (including the Wallet and the Forte marketplace), network systems, APIs and other assets;
- Find and prevent fraud, and respond to trust and safety issues that may arise;
- Comply with our legal and regulatory obligations in all relevant jurisdictions, such as
KYC and AML compliance or transaction reporting; and
We also may use your information for any other purpose(s) disclosed to you at the time we collect or receive the information.
4. HOW WE SHARE THE INFORMATION WE COLLECT
We may share the information we collect about you with the following categories of third parties:
- Vendors, Contractors and Service Providers. We may share any information we receive with vendors, contractors, payment processors and service providers (including but not limited to PTI) we use to support our business or provide the Services, such as companies that provide digital currency services, web hosting, information technology, payment processing, customer service, and other similar administration and support services. In such cases, Forte will enter into appropriate contracts which require these vendors and service providers to implement appropriate technical and organizational measures.
- Forte Customers. We may share certain information about you with the Game Entities whose games and/or services we support or who use the Platform to provide the ability to conduct transactions relating to their games.
- Analytics Partners. We use analytics services such as Google Analytics and othersto collect and process certain analytics data. These services also may collect information about your use of other websites, apps, and online resources. You can learn more about Google’s practices by visiting Google’s website. To help us understand how you use the Services and to help us improve them, we automatically receive information about your interactions with the Services, like the pages or content you view and the dates and times of your visits.
- As Required by Law and Similar Disclosures. We may access, preserve, and disclose your information if we believe doing so is required or appropriate to: (a) comply with law enforcement requests from any applicable jurisdiction and legal process, such as a regulator request, court order, civil discovery request, warrants or subpoena; (b) respond to your requests; or (c) protect your, our, or others’ rights, property, or safety.
- Public Blockchains. As described in Section 1, when you interact with our Services in such a way that causes data to be stored on a public blockchain, it may be available to the public at large.
5. LEGAL BASES FOR PROCESSING YOUR PERSONAL INFORMATION
To the extent required by applicable law, we rely on the following legal bases for processing your personal information:
- With your consent.
- To perform the contracts with and provide the Services to you.
- For the legitimate interests of Forte, such as in connection with security or improvements.
- To comply with legal obligations, such as KYC and AML and other laws, rules or regulations.
What does each legal base mean?
Consent: You have given clear consent to process your personal data for a specific purpose. You can choose to withdraw your consent using specific features provided to enable you to withdraw consent, like an email unsubscribe link or your account privacy preferences.
Contract: Processing your data is necessary for a contract you have with us, or because we have asked you to take specific steps before entering into that contract.
Legitimate interests: Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:
- gaining insights from your behavior on our Site, Services, or Platform
- delivering, developing, and improving the Services
- enabling us to enhance, customize or modify our Services and Platform
- determining whether marketing campaigns are effective
- enhancing data security
In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests.
6. CHOICES REGARDING YOUR INFORMATION
You have certain choices with respect to the information we collect about you.
You can ask us not to use your data for marketing: We will inform you (before collecting your data) if we intend to use your data for marketing and if third parties are involved. You can opt out from marketing communications and promotional email through the Unsubscribe link provided in the email, or by emailing us at [email protected].
7. THIRD PARTY WEBSITES AND SERVICES
The Services may contain links to other websites, products, or services that we do not own or operate. These third-party services may include, but are not limited to, games, storefronts, marketplaces, and digital currency services operated by developers and other third parties.
8. SECURITY & RETENTION
We make reasonable efforts to protect your information by implementing and maintaining appropriate technical and organizational measures to safeguard the information we maintain.
We will retain your personal information until the sooner of (i) the information is no longer necessary to accomplish the purpose for which it was provided, (ii) there is no ongoing business reason to keep the information, or (iii) until you request that your account be deleted.
We may retain your information for longer periods for specific purposes to the extent that we are obliged to do so in accordance with applicable laws and regulations and/or as necessary to protect our legal rights or for certain business requirements.
9. INTERNATIONAL VISITORS & DATA TRANSFERS
Our Services are hosted in the United States. If you choose to use the Services from the European Economic Area, the United Kingdom or other regions of the world with laws governing data collection and use that may differ from United States law, then please note that you are transferring your personal information outside of those regions to the United States for storage and processing. Also, we may transfer your data from the United States to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services.
10. EEA AND UK DATA SUBJECT RIGHTS
You can exercise your rights by sending us an email at [email protected]. You are not required to pay a fee for exercising your rights, and if you make a request, we have 30 days to respond to you. Notwithstanding the foregoing, we may charge a ’reasonable fee’ for the administrative costs of complying with a request if it is manifestly unfounded or excessive, or if an individual requests further copies of their data. Also, the time period may be extended by an additional two months if the request is complex or if we receive a number of requests from the same individual. Please note that we may verify your identity before we are able to process any of the requests described in this Section, and in our discretion, deny your request if we are unable to verify your identity.
Under data protection laws, your rights generally include:
The Right of Access – You have the right to ask us for copies of your personal information.
The Right to Data Portability – You have the right to ask that we transfer the information you gave us to another organization, or to you, in certain circumstances.
The Right to Rectification/Correction – You have the right to ask us to correct information you think is inaccurate, and to ask us to complete information you think is incomplete. However, because data written to a blockchain is generally immutable, Forte and its partners will not be able to correct data or remove erroneous data once it is entered.
The Right to Erasure/Deletion – You have the right to ask us to erase your personal information in certain circumstances. However, the immutable nature of data written to a blockchain will limit our ability to grant erasure/deletion requests when data is stored on blockchains.
The Right to Restrict Processing – You have the right to ask us to restrict the processing of your information in certain circumstances.
The Right to Object to Processing – You have the right to object to the processing of your personal data in certain circumstances.
The Right to Lodge a Complaint – You can file a complaint regarding our use of your data directly with Forte by emailing us at [email protected], through our mailing address in the Contact Us section, or by contacting our UK and EU representatives.
Pursuant to Article 27 of the UK GDPR, Forte Labs, Inc. has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
- by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/
- by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Forte Labs, Inc. has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU.
You can contact EDPO regarding matters pertaining to the GDPR:
-by using EDPO’s online request form: https://edpo.com/gdpr-data-request/
-by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium
If your request or concern is not satisfactorily resolved by us, you may approach your local EU data protection authority:
If you are located in the UK, you can approach the ICO:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
11. CALIFORNIA PRIVACY RIGHTS NOTICE
The California Privacy Rights Notice supplements this Policy and applies to California residents
(“California Consumer”). This serves as notice under the California Consumer Privacy Act (“Act”) of the categories of personal information we have collected from California Consumers in the past 12 months.
|A. Identifiers||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||YES|
|B. Personal information categories listed in the
Records statute (Cal. Civ.
Code § 1798.80(e))
|A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.||YES|
|C. Protected classification characteristics under California or federal law||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||NO|
|D. Commercial information||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||YES|
|E. Biometric information||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||NO|
|F. Internet or other similar network activity||Browsing history, search history, information on an individual’s interaction with a website, application, or advertisement.||YES|
|G. Geolocation data||Physical location or movements.||YES|
|H. Sensory data||Audio, electronic, visual, thermal, olfactory, or similar information.||NO|
|I. Professional or employment-related information||Current or past job history or performance evaluations.||NO|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20
U.S.C. Section 1232g, 34
C.F.R. Part 99))
|Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||NO|
|K. Inferences drawn from other personal information||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||NO|
See Section 3 – HOW WE USE THE INFORMATION WE COLLECT for details on why we collect and process personal information.
We may obtain the categories of personal information listed above from the following categories of sources:
- From individuals, directly
- From advertising networks, government entities, social networks, and data brokers
- From Game Entities
- From service providers including digital asset wallet providers, payment processors, internet service providers, and data analytics providers
We may disclose your personal information to a third party for a business purpose and when we do so, we enter into a contract describing the purpose for sharing the data. This contract also requires the recipient party to keep the personal information confidential and not use it for any other purpose except as described by the contract.
We disclose your personal information for a business purpose to the following categories of third parties:
- Service Providers
- Game Entities
- Digital Asset Wallet Providers
- Payment Processors
- Data Analytics Providers
In the preceding twelve (12) months, we have not sold any personal information.
Data Subject Requests
If you are a California consumer, the CCPA provides specific rights regarding your personal information.
Right To Know & Data Portability
You may request that Forte disclose to you what personal information we have collected, used, and shared, and why we collected, used, or shared that information. Specifically, you may request that we disclose:
- The categories of personal information collected
- Specific pieces of personal information collected
- The categories of sources from which we collected personal information
- The purposes for which we use the personal information
- The categories of third parties with whom we share the personal information
- The categories of information that we disclose to third parties
You may also request that we provide you a copy of your information in a readily portable format.
Right to Delete
You have the right to request we delete any of your personal information we collected from you and retained, subject to certain exceptions. Once we receive and confirm your request, we will delete, and direct our service providers to delete, your personal information from our/their records, unless an exception applies. However, the immutable nature of data written to the blockchain will limit our ability to delete such data when it is stored on a blockchain.
We will not discriminate against you for exercising any of your CCPA rights.
Methods For Submitting Request
You can only make two Requests to Know in a 12-month period, and the information provided need only cover the 12-month period prior to receipt of your request.
Verification of Requests
We will need to verify your identity to respond to Requests. We cannot respond to your request or provide you with personal information if we cannot verify your identity or your authority to make the request and confirm the personal information relates to you. Making a verifiable request does not require you to create an account with us. We will only use personal information provided in a request to verify the requestor’s identity and/or authority to make the request.
Time for Response
Please note that once you have submitted a Request to Know or Request to Delete, we will send you a receipt, acknowledging your request, within 10 business days. If, for some reason, you do not receive such a receipt within 10 days of your submitted request, please send us an email to [email protected] as an error may have occurred.
We make every effort to respond to Requests to Know and Requests to Delete within 45 calendar days after they are received, but if necessary, we may take up to an additional 45 calendar days to respond to your request. If we require the extra time (up to 90 days), we will inform you of the reason and extension period in writing.
No Sale of Personal Information – California and Nevada Law
We do not sell your personal information as defined under California and Nevada law and therefore are not required to provide an opt-out.
As a California resident, you have the right to designate an agent to exercise these rights on your behalf. We may require proof that you have designated the authorized agent to act on your behalf and to verify your identity directly with us. Please contact us at [email protected] for more information if you wish to submit a request through an authorized agent.
12. CHILDREN’S PRIVACY
14. CONTACT US