TransferChain

Privacy Policy
Last Updated February 10, 2023

TransferChain was founded on the premise of impregnable privacy and security for the cloud. Our mission is to provide a privacy and security enhancing cloud solution that is unrivaled within the industry.

TransferChain prioritizes privacy in the design, architecture and operation of its products and services. We respect and understand the importance of your privacy and are therefore committed to extending complete protection to the personal information of our customers who use our products and services. Ensuring complete transparency in our practices for using and storing any data is our number one priority.

Legal Framework

This Privacy Policy (this “Policy”) has been prepared by TransferChain AG (“TransferChain” or “We”) having its principal address at Lättichstrasse 6, 6340 Baar, Switzerland.

In line with our commitment towards maximum privacy and transparency, we prepared this Privacy Policy that covers any data you choose to provide to us through the usage of TransferChain Platforms. For the processing of personal data received in connection with career opportunities at TransferChain and the hiring process, please see Privacy Policy for Prospective Employees here.

Capitalized terms used in this Policy but not defined separately shall have the meanings assigned to them in TransferChain’s Terms of Use .

1. Information you provide

Our overarching objective is to collect as little user information (including personal data) as possible in order to provide a completely private user experience when using our Services. Nevertheless, Your content (including, but not limited to audio, visual and video works and alphanumeric figures and signs) can never be accessed or used to identify any individual.

Personal data processing is limited to the following:

i. Account Information (“Personal Data”)
  • Email Address: In cases where, You choose to register for our products or services on TransferChain with the email option, and/or You volunteer to participate in the beta testing of new applications and/or features, and/or You contact the TransferChain Support Team, and/or You choose to subscribe to our email newsletter, we will be receiving Your email address. However, even if You provide Your email address directly to us, TransferChain is not capable of associating an email address with customers’ content (including, but not limited to audio, visual and video works and alphanumeric figures and signs) uploaded to TransferChain's blockchain based end-to-end encrypted platform, in any way.
  • Performance Information: In order to provide our Services in accordance with our contractual relationship (like the information we need regarding the amount of Your storage), we process activity usage of the Services. Examples include: the size information of the stored content, the amount of transferred content etc. This is solely done for the purpose of providing the necessary account size limits (e.g. 1 TB of storage).
  • Payment Data: If You upgrade Your account to one of our paid offers, You may, depending on Your preferred method of payment, need to provide certain payment and billing information via our third-party secure payment processor (Stripe, Inc). In that regard, please also see Stripe Inc’s Privacy Policy here . If You delete Your account, we will also wipe Your Stripe profile.
ii. Content Uploaded by You (“Content”)

This is the content (including, but not limited to audio, visual and video works and alphanumeric figures and signs) our customers upload to our systems for the use of services provided by TransferChain. We maintain the confidentiality and accessibility of Content uploaded to our blockchain based distributed cloud systems, through an end-to-end encryption of each file with encryption keys that are generated, derived, encrypted entirely on the client-side, splitting each file into pieces on the client-side, and distributing pieces to the safest providers around the world, while utilizing our blockchain with the user and file authentication and authorization. As a result, any data that is uploaded to TransferChain can only be accessed by You and the intended recipients.

We would like to once again make it very clear that TransferChain acts as a data controller only with respect to the Personal Data and it has no access to and capability to access and/or process Content. Hence, it is of crucial importance that TransferChain should not be considered a data controller related to Content.

iii. De-Identified Website Analytics

We do not use cookies. No personally identifiable information (PII) is collected, and absolutely no cookies are implemented. TransferChain uses privacy-preserving Fathom Analytics on marketing websites to analyze our website performance anonymously. We don’t know who each visitor individually is when they browse our website.

All Content is only stored by TransferChain until deleted by the user. Once the Content is deleted from TransferChain Platform, it cannot be restored.

2. Purposes and Legal Basis for Processing

See the table below which sets out our purpose for processing Your Personal Data, which you chose to provide, our legal justifications (basis) under data protection regulations:

Purpose for Processing of Your Personal DataLegal Basis that Permits the PurposeCategories of Personal Data That Can Be Used for the Purpose
To provide TransferChain’s ServicesPerformance of a Contract
  • Email Address
  • Performance Information
  • Payment Data
To process your payment.Performance of a Contract
  • Email Address
  • Performance Information
  • Payment Data
To understand, diagnose, troubleshoot, and fix issues with TransferChain’s Services. Performance of a Contract
  • Performance Information
To provide any Support Services initiated by YouLegitimate Interest
  • Email Address
  • Performance Information
  • Payment Data
For marketing or advertising where the law requires us to collect your consent. For example, when the law requires consent for email marketing. Consent
  • Email Address
  • Performance Information
  • Payment Data
To comply with a legal obligation that we are subject to. This might be due to an obligation under the law of the country/region You are located in or Swiss Law (as we are headquartered in Switzerland). Compliance with Legal Obligations
  • Email Address
  • Performance Information
  • Payment Data
To comply with a request from authorities. This will only apply, in principal, when a competent Swiss authority contacts us. Compliance with Legal Obligations
  • Email Address
  • Performance Information
  • Payment Data
To establish, exercise, or defend legal claims.Compliance with Legal Obligations
  • Email Address
  • Performance Information
  • Payment Data
3. Disclosure of Information

TransferChain utilizes state-of-the-art cryptography, end-to-end encryption, distributed data and blockchain to deliver all-in-one private and secure cloud services for its customers. According to the current state of technology and the public knowledge of the human race, TransferChain is unable to access your Content, at any given time.

To clarify, due to its technical architecture TransferChain cannot and will not be able to disclose or provide access to any Content to authorities or other third parties even if it is required by applicable local regulations. However, if public authorities contact TransferChain with an information request that relates to Content, TransferChain will redirect the authorities to request that data directly from You. TransferChain will promptly notify You and provide a copy of such demand unless legally prohibited from doing so.

However, as stated above, You agree and acknowledge that, TransferChain could be obliged by applicable local regulations to disclose limited information we have regarding the Services we provide to You, to public authorities. In such a case, in principle, TransferChain will only disclose such information by a binding request coming from the competent Swiss authorities. TransferChain’s general policy is to challenge requests whenever possible and where there are doubts as to the validity of the request or if there is a public interest in doing so. In such situations, we will not comply with the request only after all legal or other remedies have been exhausted.

In addition, TransferChain may allow You to voluntarily access, use, or interact with third-party websites, apps, content, and other products and services, which You may also integrate our Services with. An example of a third-party service is our payment processors. TransferChain is not responsible for the content or practices of such third-party services. The collection, use, and disclosure of Your information will be subject to the privacy policies of such third-parties, and not this Privacy Policy. We urge You to read the privacy and security policies of third parties.

TransferChain pays extreme attention to what security and privacy measures that the potential third party service providers take, before enabling any kind of their integrations to our Services. We only work with third party service providers who contractually undertake to use their best endeavors to protect personal data.

4. Retention, Storing and Protection of your Information

When you sign up for an account with us, we will retain any information you store on our Services (Content) for the purposes described under Section 1. If you deactivate your account, we will delete your Content immediately after your deactivation initiation. In addition, we will delete your Personal Data within 30 days after the deletion initiation (We only retain this necessary information for a short period of time to comply with our legal obligations, resolve disputes, or enforce our agreements).

If you would like your Personal Data or Content to be deleted earlier, then You can submit a data subject request as detailed under Section 6.

We do everything we can to protect Your Data from loss or misuse, and from unauthorized access, disclosure, alteration and destruction. This section describes some of the measures we take to ensure that Your Data is secure:

  • We use technologies that have a high level of application and infrastructure security measures to host and protect Your data and our systems, TransferChain is also ISO 27001 certified;
  • We conduct independent penetration tests on an annual basis and are continuously scanning our systems and applications for vulnerabilities in our systems; if You ever think that You have found a security issue or vulnerability in one of our systems please let us know at support@transferchain.io
  • We use TLS 1.2 and 1.3 to ensure the security of your Personal Data and Content whilst it is in transit;
  • We perform periodic internal and external data protection and security audits;
  • The corresponding encryption keys that are used to encrypt Your Content is solely available, in an encrypted format, on your device and in the blockchain, thus Your Content can only be decrypted by you and the individuals with whom you explicitly share with;
  • We can NEVER access your encryption keys or passwords;
  • We NEVER receive any of Your Content that is not encrypted and not split into pieces;

Please visit our Security Page for more detailed information about our data security measures.

Our website may from time to time contain links to and from other websites. If You follow a link to any of those websites, please note that those websites ought to have their own privacy policies and that we do not accept any responsibility or liability for those websites. Please check those privacy policies before You share Your personal data with those websites.

5. Your rights

Depending on the applicable data protection laws, You may have certain rights in relation to the Personal Data that we hold about You, which are designed to give You more choice and control over Your Personal Data. These rights are explained below:

Your RightWhat does this mean?
The right to request access to Personal Data You can request a copy of the data we hold about You and related information; the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
The right to request rectification of Personal Data You can ask us to correct any inaccurate data about You, to complete any incomplete data that we hold about You, and to notify third parties to whom Your data have been transferred to, about such correction
The right to request erasure of Personal Data You can request that we delete or destruct the Personal Data we hold about You, and to notify third parties to whom we have shared Your data, about Your request
The right to learn purpose of processing You can learn the purpose of processing of Your Personal Data and whether Your data are used in accordance with the said purpose
The right to learn third parties You can learn the third parties those which Your Personal Data have been transferred to
The right to withdraw consent / unsubscribe You can withdraw Your previously given explicit consent without providing any reason
The right to object You can object to the adverse consequences that may arise due to Personal Data processing activities carried out exclusively through automated systems
The right to lodge a complaint You have the right to lodge a complaint with a supervisory authority
The right to request compensation You have the right to request compensation for the damages in case you incur damages due to unlawful processing of your personal data.

You can exercise any of the data subject rights that You are entitled to according to the applicable privacy regulations by sending an email to privacy@transferchain.io.

6. How to contact us

If You have questions about this Policy, about how we receive, store and use Personal Data, or if You have a grievance You wish to raise with us, You can contact our Data Protection Officer through privacy@transferchain.io.

If You have any questions, concerns or feedback of a more general nature, please contact us at support@transferchain.io .