Last Updated: June 1, 2023
Matter Labs, a Cayman Islands company (“Matter Labs,” “we,” “us,” or “our”), currently provides a method of access to, and certain information, about zkSync network, a layer-2 protocol that scales Ethereum (both zkSync Lite and zkSync Era are collectively referred to herein as “zkSync”) as well as related content and functionality about zkSync through websites located at https://zksync.io, https://lite.zksync.io/, https://bridge.zksync.io, https://portal.zksync.io, https://ecosystem.zksync.io/, https://era.zksync.io, https://explorer.zksync.io, https://checkout.zksync.io (each, a “Website” and collectively, the “Websites”).
zkSync and the suite of open-source code underlying it are designed to be developed, used, and supported by a wide variety of participants. Matter Labs is one of these participants and contributes to the zySync ecosystem. To facilitate the early-stage development of the zkSync ecosystem, Matter Labs currently operates the Websites. Matter Labs expects to transition the maintenance and operation of the Websites to one or more separate entities that are part of the zkSync community in due course.
When you visit the Websites, we and zkSync service providers may obtain or request information about you, your computer or mobile device, and your interaction over time with the Websites, as described below.
Personal information that is automatically collected. When you visit the Websites, we and zkSync service providers may automatically log information about you, your computer or mobile device, and your interaction over time with the Websites, our communications and other online services, such as:
Personal information that you may be asked to provide. When you visit the Websites, you may be asked to provide the following information to us:
Personal information that we obtain from third parties. When you visit the Websites, we may obtain information from the following sources:
We use a variety of techniques to automatically collect information, including:
With the exception of the provider(s) of the Websites, we do not make your personal data available to third parties unless you have expressly consented to it, if we are legally obligated to, or if this is necessary to enforce our rights concerning a contractual relationship. This is our legitimate interest in the processing of data in the sense of Art. 6 Par. 1 lit. f GDPR. Information collected and used is for the purpose of enabling the use of the Websites, continuously ensuring system security and stability, optimising the Websites, and for internal statistical purposes, as described below:
To operate the Websites. We use your personal information to: provide, operate, maintain, secure and improve the Websites; provide information about the Websites; communicate with you about the Websites, including by sending you announcements, updates, security alerts, and support and administrative messages; understand your needs and interests, and personalize your experience; and respond to your requests, questions and feedback and to provide support. We use this information to perform our obligations to you or when it is in our legitimate business interests to do so.
For research and development. It is in our legitimate business interests to use your personal information to analyze and improve the Websites and to develop new products and services, including by studying use of the Websites.
To conduct surveys. It is in our legitimate interest to conduct surveys and collect feedback from you.
Marketing and advertising. Except where consent is required, and unless you have opted out of receiving marketing communications, it is in our and our marketing partners’ legitimate interests to collect and use your personal information for marketing and advertising purposes. We or our advertising partners may from time-to-time send you direct marketing communications as permitted by law, including, but not limited to, notifying you of special promotions, offers and events via email. You may opt out of our marketing communications as described in the “Opt out of marketing communications” section below.
For compliance, fraud prevention, and safety. We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities. We use your personal information to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Websites; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. In these circumstances, we will process your personal information to either to comply with a legal obligation or when it is in our legitimate business interests. Furthermore, the IP addresses may be evaluated, together with other data, in case of attacks on the network infrastructure or other unauthorised use or misuse of the Websites, for the purpose of intelligence and protection, and if appropriate, used in criminal proceedings for identification and civil and criminal proceedings against the relevant users. This is our legitimate interest in the processing of data in the sense of Art. 6 Par. 1 lit. f GDPR.
To create anonymous data. It is in our legitimate business interests to create anonymous data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Websites and promote our business.
Service providers. We may share your personal information with third party companies and individuals that provide services on our behalf or help us operate the Websites (such as customer support, hosting, analytics, email delivery, marketing, identity verification, and database management services).
Web3 partners. We may share your personal information with our web3 partners as necessary to provide the Websites.
Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
For compliance, fraud prevention and safety. We may share your personal information for the compliance, fraud prevention and safety purposes described above.
Business transfers. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.
Financial transactions. If you conduct financial transactions by credit card or debit card through the Websites, we may forward your credit/debit card information to the credit/debit card issuer and the credit/debit card acquirer. If you choose to use a credit/debit card, you may be asked to provide all the necessary information. The legal basis for passing on the data lies in the fulfilment of an agreement in the sense of Art. 6 Par. Lit. b GDPR.
Opt out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email. You may continue to receive service-related and other non-marketing emails.
Data protection rights. You may have the following rights, as provided under applicable law and subject to any limitations in such law:
Please note that, prior to any response to the exercise of such rights, we may require you to verify your identity. In addition, we may have valid legal reasons to refuse your request, and will inform you if that is the case. For more information on your rights, please contact us using the details in the “How to contact us” section below.
Please note that part of the Websites incorporate blockchain technology. A blockchain is a shared and synchronised digital database that is stored on multiple nodes (computers that store a local version of the database). As, by design, data on a blockchain cannot be changed or deleted, your ability to exercise your data protection rights such as your right to erasure, or your rights to object or restrict processing with respect to on-chain personal information may be affected.
The Websites may contain links to other websites, mobile applications, blockchain protocols, blockchain applications, blockchain exchanges and other online and blockchain services (collectively, “Third Party Resources”) operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included in Third Party Resources that are not associated with us. We do not control Third Party Resources, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the Third Party Resources you use.
We take precautions to protect your stored personal data against manipulation, partial or complete loss, and unauthorized access by third parties of personal information we maintain. Unfortunately, data transmission over the internet (including via blockchain) cannot be guaranteed as completely secure. Please note that any data transmission on the internet (including through blockchains) is generally not secure or may be accessed by third parties, and we accept no liability for data transmitted to us via the internet or through a blockchain.
The Websites are not intended for use by children under 13 years of age. If we learn that we have collected personal information through the Websites from a child under 13 without the consent of the child’s parent or guardian as required by law, we will delete it.
If you have a concern about our privacy practices, including the way we handle your personal information, please contact us at firstname.lastname@example.org. We will endeavor to respond to your complaint as soon as possible. You can also report it to your local data protection authority that is authorized to hear those concerns.