Last Revised on May 18, 2021
Notice to EU/UK individuals: this Privacy Statement is intended to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of the European Union 27 April 2016 (the “General Data Protection Regulation” or “GDPR”), and the UK equivalent (the “UK GDPR”), and provide appropriate protection and care with respect to the treatment of your user information in accordance with the GDPR.
Notice to California residents: this Privacy Statement is intended to comply with the California Consumer Privacy Act (“CCPA”) and other applicable California law.
Notice to Nevada consumers: this Privacy Statement is intended to comply with Nevada Senate Bill 220.
If you have any comments or queries about this Privacy Statement, or how we use your user information, please contact us using the contact details provided below.
“Account” – An account is what is created when one registers on NiftyKit.com.
“Admin/Agent” – Facilitates the smart contract transaction.
“Burn” – Remove official ownership of a token/NFT so there is no owner. The Token then is not identifiable on the blockchain.
“Buyer(s)” – A User who purchases an NFT.
“Collection” – A group of NFTs on a blockchain. When you create a collection, NiftyKit deploys an ERC-721 smart contract to the blockchain representing that collection. For example, a series of digital artwork or digital trading cards.
“Collection Owner/Curator” – User who purchases a Collection (or is gifted one) and who is able to invite Users to Mint onto their Collection and owns the Smart Contract associated with all NFTs in the Collection, but User still able to freely sell, trade, or give away their digital Content.
“Content” – Digitally stored information uploaded to the NiftyKit Platform that does not hold any stored value (no liquidity). Content is the precursor to a NFT.
“User(s)” – User who uploads Content on the Platform and Mints the same Content via Services onto the blockchain, no matter the Collection.
“Credit(s)” – One credit is used to Mint one NFT on the Ethereum, Polygon, or other blockchain.
“Non-Fungible Token (NFT)” – A digital object secured by cryptography and tracked on the blockchain. A single NFT within a Collection. NFTs are intraoperative with marketplaces and wallets, tradable, immutable, and scarce. Also known as “Token”.
“NiftyKit Collection” – Name of Smart Contract. Users Minting into this Collection can sell, trade, or give away their NFT. NiftyKit does not keep royalties from the NiftyKit Collection.
“Mint(ing)” – Synonymous with “Create”. The action of NIftyKit facilitating the upload of Content onto the Ethereum blockchain, Polygon side chain, or other block or side chain. Once on the blockchain the Content becomes a NFT.
“Platform” – Administrative platform found on NiftyKit.com, which is owned and hosted by NiftyKit.
“Service(s)” – NiftyKit provides a platform (“Platform”) for “Users” to Mint and upload Content to the blockchain for a fee (fee is subject to change). Content is purchased with subscription-based credits, or individually sold credits. NiftyKit facilitates the ease of these transactions by uploading the Content to the blockchain and paying all fees associated with the upload. NiftyKit also offers a storefront for Users to sell their NFTs on and allows Buyers to purchase NFTs through the Platform. This paragraph and the services mentioned within are, collectively, “Service(s).”
“Smart Contract” – A program that runs on the blockchain. It’s a collection of code (its functions) and data that resides at a specific address on the blockchain. Smart contracts are a type of Ethereum account that have a balance and they can send transactions over the network. However they’re not controlled by a User, instead they are deployed to the network and run as programmed and can then interact with a smart contract by submitting transactions that execute a function defined on the smart contract. Smart contracts can define rules, like a regular contract, and automatically enforce them via the code.
“Subscription” – A Subscription may be utilized on NiftyKit to purchase credits.
Types of Data We Collect
We collect Personal Data, Anonymous Data, information you provide us, information collected via technology, and information collected from third parties, as described below:
Definition: Personal Data is data that allows someone to identify you as an individual or household, including, but not limited to: name, address, telephone number, e-mail, IP addresses, geolocation, blockchain and/or sidechain address, internet activity, Account password, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.
Definition: Anonymous Data is data, including aggregated and de-identified data, that is not associated with or linked to your Personal Data. Anonymous Data does not, by itself, permit the identification of individual persons.
Information You Provide Us
If you use our Services on your mobile device, we may collect your phone number and the unique device id number to provide your requested services.
For your convenience, our Services allow you to store preferences like how your content is displayed, your location, safe search settings, notification settings, and favorite widgets. We may associate these choices with your ID, browser or mobile device, and you can edit these preferences at any time.
When connecting to our Services via a service provider that uniquely identifies your mobile device, we may receive this identification and use it to offer extended services and/or functionality.
Certain Services, such as two-factor authentication, may require our collection of your phone number. We may associate that phone number to your mobile device identification information in order to facilitate this service.
If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the e-mail in order to send you a reply.
We also collect other types of Personal Data that you provide to us voluntarily, such as your operating system and version, product registration number, Ethereum address, and other requested information if you contact us via e-mail regarding support for the Services so that we can assist in the matter(s).
We may also collect Data at other points in our Service that state that Personal Data is being collected for any of the following reasons: auditing, security, performing Services, internal research for technology development, repair, quality, and safety.
Information Collected via Technology
As you navigate through the Platform and interact with our Service(s), we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including, but not limited to:
Information Collected by Our Servers. To make our Service more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, blockchain and/or side chain address, wallet type, and/or a date/time stamp for your visit.
Log Files. As is true of most websites, we gather certain information automatically and store it in log files. This information includes IP addresses, browser type, Internet service provider (“ISP”), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, administer the Service, track users’ movements around the Service, gather demographic information about our user base as a whole, and better tailor our Services to our users’ needs. For example, some of the information may be collected so that when you visit the Service, it will recognize you and the information could then be used to serve advertisements and other information appropriate to your interests.
Pixel Tag. In addition, we use “Pixel Tags” (also referred to as transparent GIFs or Web beacons). Pixel Tags are tiny graphic images with a unique identifier, similar in function to Cookies, that are used to track online movements of Web users. In contrast to Cookies, which are stored on a user’s computer hard drive, Pixel Tags are embedded invisibly in web pages. Pixel Tags allow us to send e-mail messages in a format users can read, and they tell us whether e-mails have been opened to ensure that we are sending only messages that are of interest to our users. We may use this information to reduce or eliminate messages sent to a user. We do not tie the information gathered by Pixel Tags to our users’ Personal Data.
Do not track. Some web browsers or smartphones can set “Do Not Track” requests to block user activity from being tracked across web pages or devices. We do not honor Do Not Track mechanism as there is no industry-standard way to do so.
Information Collected from Third Party Companies.
We may receive Personal and/or Anonymous Data about you from companies that provide our Services by way of a co-branded or private-labeled website or companies that offer their products and/or services on our Service. In particular, when users choose to use a third party wallet, such as MetaMask, or other external wallets, your blockchain and/or side chain address(es) is provided to us as well as other information you choose to share with MetaMask and/or other wallets. These third party companies may supply us with Personal Data. We may add this to the information we have already collected from you via our Service in order to improve it. We do not collect Personal Data automatically, but we may tie the information that we collect automatically to Personal Data about you that we collect from other sources or that you provide to us.
What We Do With Personal Information We Collect
In general, Personal Data you submit to us is used either to respond to requests that you make, or to aid us in serving you better. However, we may use your Personal Data in the following ways:
Facilitate the creation of and secure your Account on our network;
Identify you as a user in our system;
Provide improved administration of our Service;
Provide the Services you request, including but not limited to, facilitating your digital asset transactions through MetaMask (https://metamask.io) or other wallets;
Improve the quality of experience when you interact with our Service;
Send you a welcome e-mail to verify ownership of the e-mail address provided when your Account is created;
Display your user name next to the Content you create on the Platform;
Send you administrative e-mail notifications, such as security or support and maintenance advisories;
Send you e-mail notifications related to actions on our Service, including, but not limited to, notifications of the status of your NFTs;
Respond to your inquiries related to employment opportunities or other requests;
Make telephone calls to you, from time to time, as a part of secondary fraud protection or to solicit your feedback;
In any other way we may describe when you provide the Personal Data;
Send newsletters, surveys, offers, and other promotional materials related to our Services and for other marketing purposes of NiftyKit; and/or
To contact you about our own and third parties’ goods and services that may be of interest to you.
We may also disclose your Personal Data to fulfill the purpose for which you provide it; for any other purpose disclosed by us; or with your consent. We do not sell your Personal Data.
When We May Share Personal Information
Third Party Service Providers: We may share your Personal Data with third party service providers to: provide you with the Services; conduct quality assurance testing; facilitate creation of accounts; provide technical support; and/or to provide other services to the Platform. These service providers include payment processor(s), secondary marketplace(s), analytics providers, and trusted email marketing services.
Third-party Marketing: We do not provide your information to third parties for their direct marketing purposes. However, we may share aggregate or other information that no longer personally identifies you (anonymous data) with other parties for our business purposes, marketing, analytics, or other uses. We reserve the right to use anonymous data for any purpose and to disclose anonymous data to third parties without restriction.
We also collect basic analytics data through Cookies when you access or use the Platform. A “Cookie” is a small piece of data or text file stored on the local hard disk of your computer or mobile device. These include our own first-party Cookies and third-party Cookies. Some Cookies are only stored temporarily and destroyed each time you close your web browser. Others may remain on your browser and may collect and store data for a period of time after you have left the Platform. See “How you can control your cookies” below.
Google Analytics: We use Google Analytics to understand how users interact with the Platform and offer information about products or services we think you may like. You can find out more about Google Analytics here: https://policies.google.com/technologies/partner-sites
How You Can Control Cookies (Opt-Out)
We recognize how important your online privacy is to you. If you wish to prevent Cookies from tracking your activity on our Platform or visits across multiple websites, you can set your browser to block certain Cookies or notify you when a Cookie is set. For more information on how you can customize your browser’s Cookie setting please visit the link to your web browser below:
Chrome : https://support.google.com/accounts/answer/61416
Safari : https://support.apple.com/en-us/HT201265
InternetExplorer : https://support.microsoft.com/en-us/topic/delete-and-manage-cookies-168dab11-0753-043d-7
You may opt-out of interest-based advertising in general by visiting the Digital Advertising Alliance’s or Network Advertising Initiative’s websites. We are not responsible for the completeness, effectiveness, or accuracy of any third-party opt-out options or programs.
You may opt-out of Google Analytics through a browser add-on from Google which you can get here:
If you block and/or choose to opt-out of Cookies, some features that make the Platform function property may not work and your experience may be affected. Please know that if you choose to opt-out of any of our services, you will not be discriminated against by by means of the following, including but not limited to:
Denying you access to goods or services
Charging different rates or prices for goods or services, including through the use of discounts or benefits, or by imposing penalties
Providing a different level or quality of goods or services to you depending on opt-out or opt-in status
Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services by opting out.
What steps do we take to keep your personal data secure?
We take reasonable and appropriate steps to protect the security and integrity of all Personal Information provided via our Platform, or by any other means electronic or otherwise. We use a variety of security technologies and procedures to help protect your personal details from unauthorised physical and electronic access. As effective as modern security practices are, we cannot guarantee the complete security of personal data held in our systems, nor that that information you supply through the internet or any computer network is entirely safe from unauthorised intrusion, access or manipulation during transmission. Any transmission is at your own risk. We will not be liable for any resulting misuse of your personal data.
Data Access and Control
You can view, access, edit, or delete your personal data for many aspects of the Service(s) via your account settings page. You can also make choices about NiftyKit’s use of your data. You can always choose whether you want to receive marketing communications from us. You can also opt-out from receiving marketing communications from us by using the opt-out link on the communication, or by visiting your account settings page. We may retain an archived copy of your records as required by law or for legitimate business purposes.
Data Access: You can access your Personal Data on the Platform from your account settings page.
You have a right to restrict processing of your personal information, such as where:
You contest the accuracy of the personal information;
Where processing is unlawful you may request, instead of requesting erasure, that we restrict the use of the unlawfully processed personal information;
We no longer need to process your personal information but need to retain your information for the establishment, exercise, or defence of legal claims.
Data Portability: You can request a copy of your Personal Data by submitting an email to us at email@example.com and including “Please send me my Personal Data” in the subject line. NiftyKit will verify your ability to access that email, then send you the data we hold that is associated with your email address. We will use reasonable efforts to respond to your request within 7 days, but in all events within 28 days of our receipt of the request.
Data Erasure: You can delete your Personal Data on your account settings page. Alternatively, you may request that NiftyKit delete your personal data by submitting an email to us at firstname.lastname@example.org and including “Please delete my Personal Data” in the subject line. NiftyKit will verify your ability to access that email, then delete the Personal Data associated with your email address, if able. We will use reasonable efforts to respond to your request within 7 days, but in all events within 28 days of our receipt of the request.
Data Correction: You can modify your Personal Data on the Platform on your account settings page.
Data Retention: We may retain your personal information as long as you continue to use the Service, have an account with us, or for as long as is necessary to fulfill the purposes outlined in this Policy. You can ask to close your account by contacting us as described above, and we will delete your Personal Data from the Platform on request. We may, however, retain Personal Data for an additional period as is permitted or required under applicable laws, for legal, tax, or regulatory reasons, or for legitimate and lawful business purposes.
Data Protection: We implement various security measures to ensure the safety of your Personal Data when you enter, submit, or access your Personal Data. All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential
You also have the right to object to processing of your personal information under certain circumstances, such as where the processing is based on your consent and you withdraw that consent. This may impact the services we can provide and we will explain this to you if you decide to exercise this right.
We do not store any user’s financial information, such as credit card information, as a way to protect our users.
HOWEVER, WHEN INTERACTING WITH THE BLOCKCHAIN, AS IT IS A PUBLIC DECENTRALIZED NETWORK, WE WILL LIKELY NOT BE ABLE TO PREVENT EXTERNAL PARTIES FROM PROCESSING ANY PERSONAL DATA WHICH HAS BEEN WRITTEN ONTO THE BLOCKCHAIN. IN THESE CIRCUMSTANCES WE WILL USE OUR REASONABLE ENDEAVOURS TO ENSURE THAT ALL PROCESSING OF PERSONAL DATA HELD BY US IS RESTRICTED, NOTWITHSTANDING THIS, YOUR RIGHT TO RESTRICT TO PROCESSING MAY NOT BE ABLE TO BE FULLY ENFORCED.
Tips for protecting yourself against fraud
When you use Our Services, we (or third parties) may ask you to provide information relating to your identity, credit status and payment methods, and delivery addresses. NiftyKit uses technology to protect your data in its systems but we also recommend that you take some basic security precautions when creating or using your online Account or responding to emails and other communications that appear to come from NiftyKit.
Using your account on www.NiftyKit.com
Verify that you are on this page https://www.niftykit.com/when you create your new account, and when you return to your account to register for sales, pay online for your purchases or edit or add information to your account. You may want to add this URL to your browser’s Favorites or Bookmarks menu.
Create a strong account password for your Account and set up your Account Security Questions within your online profile (go to “My Account” and select “Complete Profile”).
Do not share your Account login details with any other person
Change your password on a regular basis.
Always end your secure session on NiftyKit.com by clicking the Log Out link at the top right-hand side of the page and by closing your browser’s window.
Responding to emails:
Check the sender email domain name. Verify that the sender email domain is spelled correctly “@NiftyKit.com.” Fraudsters often attempt to send emails from lookalike domains (for example, N1ftykit.com) to deceive clients.
Examine the sender display name and email address. Sender display names can be easily spoofed. When viewing on smartphones, tap on the sender’s display name to see the complete email address which will include the email domain.
Scrutinise the email signature in the message body. Sender name and contact details in the email body can easily be forged and are not a reliable way to ascertain message authenticity. Do not trust phone numbers in such email signatures—please only use confirmed NiftyKit contact details when calling or emailing us, or go to our Platform.
Check if the message contains a mismatched URL or misleading domain name. If the message contains a URL with the NiftyKit name in it, hover your mouse over the URL to see the actual hyperlink address. If the hyperlink address is different from the text displayed, the message is likely to be fraudulent.
Do not respond to requests to provide your NiftyKit Account user ID or password. NiftyKit will never ask you to provide those details.
Remain vigilant. If you unexpectedly receive an email about an unknown topic, it may be fraudulent. If in doubt, it is always safer to contact NiftyKit.
If you receive any emails that appear to be from NiftyKit and you believe they are suspicious, please forward them to email@example.com.
Users Outside of the United States
Minors and Children
The Platform is not intended for use by children under the age of 18, and we do not knowingly collect personal information, including but not limited to Personal Data, from children under the age of 13. If we learn we collected Personal Data from a child under 13 we will delete that information from our files. Do not use Our Services if you are under 18 years-old.
The Digital Millennium Copyright Act
Important Limitations and Disclosures
Nothing in this Policy restricts our ability to:
Comply with applicable law, rules, or regulations, including, but not limited to, the DMCA;
Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or lawful court order;
Cooperate with law enforcement agencies about conduct we reasonably and in good faith believe may violate the law;
Protect our rights or our property;
Prevent behavior that is (or that we think may be) illegal or unethical.
Changes to this Policy
Notice to You