Privacy policy

Welcome to Guild.xyz!

Guild.xyz is an online platform for automated membership management of communities based on blockchain. This notice summarizes how we collect, use and safeguard the information you provide to us and what choices you have with respect to your privacy.

This notice applies to the data processing of Z Gen Kibernetika Korlátolt Felelősségű Társaság (registered seat: 6720 Szeged, Kelemen László utca 11., company registration number: Cg.06-09-025397, tax number: 26787015-2-06) ("Us") and its relevant Affiliates (as specified below) in relation to our Services and our Website available at https://guild.xyz/.

As a Customer, Guild Admin or Subscriber of our Services, the collection, use and sharing of your personal data is subject to this notice. Please note that this notice does not apply to any Third-Party Platforms connected with your profile via the Services, or to the privacy practices of any Guilds that you join. Unless defined otherwise, capitalized terms in this notice will have the same meaning as in the Terms of Use.

What type of data do we collect?

When you use our Services, we need to process some information about you to make our Services work and to evaluate how you use our Services. This information may include personal data about you, such as:

  1. Registration data: When you create your profile, we will request certain information about you, such as your public wallet address, a social media ID or you email address. If you do not provide this information, you may not be able to enjoy all features of the Services

  2. Social account information: If you decide to connect a certain third-party account with our platform, by providing your credentials and authorizing the relevant platform to share certain data with us, we will access and process such data relating to your social account. Such data may include:

    Third-party PlatformScope of data
    DiscordUsername, avatar, global name, the Discord servers you have joined, and specific server information (such as nickname, avatar, roles)
    X (formerly Twitter)Username, profile picture, description, followers and following counts
    GoogleEmail address and profile information (including name, profile picture and verified email status)
    YouTubeChannel ID, channel title, custom URL, avatar, subscriber count, video count
    GitHubUser profile data, username, avatar, public and private repositories
    InstagramUsername, display name, profile picture, followers and following counts (Business/Creator accounts)
    TikTokUsername, display name, avatar, follower and following counts
    TelegramUser ID, first name, last name, username, profile photo
    FarcasterFID, display name, avatar, username, bio, connected addresses
    World IDVerification level (orb, device, document), name
    EmailEmail address (verified via one-time code)

    Whether or not you will share such information with us is entirely up to you. Upon your consent, we may also share such information with the Guilds selected by you.

  3. Membership information: When you create or join a Guild, we will process information about your Roles, Rewards as well as any Requirements that you have set or completed. Such data is necessary for us to provide the Services. Please note that this information will also be available for others you collaborate with, in particular for the relevant Guilds that you have joined and with whom you decide to share your Profile.

  4. Blockchain information: Depending on your choices, you may enter into different transactions with others via our platform. In such cases, information about your transactions (such as the public address of your digital wallet, the public address of the addressee’s digital wallet, block number, timestamp and other input data) that may also include personal data about you may be stored on a blockchain through the execution of smart contracts.

  5. Content that you upload to the Services: You may also upload content to the Services, such as your profile picture and background. Such content may include personal data about you.

  6. Billing and subscription information: If you subscribe to a paid Service, you need to provide certain billing information (such as your name, address and VAT number). You will also be required to provide payment information, such as payment card details, which we collect via our secure payment processing service providers, Stripe Inc and Coinbase Ireland Limited. This data is necessary to provide you with our Subscription Services.

  7. Other information: You may decide to share further information, including personal data, with us when you contact us, provide feedback to us regarding the Services or otherwise communicate with us. It is solely your decision to share any other data with us during such communications, so our processing of such data will be based on your consent.

  8. Information about your use of the Services: As most websites and services provided through the Internet, we gather certain information and store it in log files when you interact with our Services. This information includes internet protocol (IP) address, as well as browser type and browser version, operating system, screen resolution and device type.

  9. Cookie information: When you access our websites and Services, we use cookies and other information gathering technologies for a variety of purposes. These technologies may provide us with personal data, information about devices and networks you utilize to access our website, and other information regarding your interactions. For detailed information about the use of cookies, please see our Cookie Notice

Why do we process your data?

We may process your personal data for several purposes. How we use your personal data depends on your on how you use the Services and your preferences you have communicated to us.

  1. Services: We will use some of your personal data for the provision and maintenance of your profile, and for authentication purposes. E.g. We use your public digital wallet address to enable you to login to our Services.
  2. Billing: We will process certain information, such as financial data for billing purposes, i.e. to complete transactions, and send you purchase confirmations and invoices.
  3. Customer support: If needed, we use data (which can include your communications) to investigate, respond to and resolve complaints relating to our Services.
  4. Developing Services: We use analytics to better understand the behavior of our users to grow our business. For this purpose, we collect certain information, such as how often our Services are used, and the events that occur while using our websites. We use this aggregate information to identify usage patterns and trends.
  5. Communication: We may send you information regarding the Services, such as administrative messages, to your email address or public wallet address provided to us. Upon your consent, we may also enable communications between you and others through our Services.
  6. Marketing: Upon your consent, we may use your email address to send you marketing communications and to provide you with updates about our services and products.
  7. Security: We use information about you to secure your profile, verify accounts, to monitor suspicious or fraudulent activity and to identify violations of our Terms of Use or Master Subscription Agreement.
  8. Protecting our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of our business.
  9. Other: We may also process your data for any other purposes for which we obtain your consent where necessary or otherwise in accordance applicable law and this policy.

If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. This means we collect and use your information only where:

Do we share your data with third parties?

We never sell your personal data to third parties. However, in certain cases we need to share your personal data with our Affiliates and third parties. In any case, we will share your personal data only in accordance with applicable laws and this notice, and in the following cases:

  1. Guild owners: Depending on your use of the Services, you may decide to share certain personal data with others. In particular, if you join a Guild, the Administrators of the relevant Guild may get access to your personal data in the course of the management of their Guild. Besides, you may also decide to share additional information, such as enhanced details with our Subscribers. If you have any questions about the data processing practices of the relevant Guild, you should consult their Privacy Policy.

  2. Public blockchain: When you initiate a blockchain transaction, then your data will be shared with the blockchain so that a verifiable proof is created of your transaction, your membership or attendance of certain events.

  3. Third-party service providers: In certain cases, we use third party data providers. For example, we may outsource billing and payment transactions to third parties, we may engage hosting service providers, IT providers, operating systems and platforms, internet service providers, and data analytics companies.
    Currently, these third parties include the following providers:

    • Railway Corp, for application hosting and infrastructure,
    • Cloudflare Inc, for content delivery and object storage,
    • Functional Software Inc (Sentry), for error monitoring,
    • PostHog Inc, for product analytics (with user consent),
    • Intercom R&D Unlimited Company, for customer communications (with user consent),
    • Resend Inc, for transactional email delivery,
    • Alchemy Insights Inc, for blockchain data indexing,
    • Pinata (IPFS), for decentralized file storage.

    If you purchase through our website, depending on the payment method you choose, your payment and subscription information will be processed by:

    • Stripe Inc, in accordance with its Privacy Policy, or
    • Coinbase Ireland Limited, in accordance with its Privacy Policy.In the case of certain transactions, your transaction data may also be stored on the blockchain as specified in section b) above.

  4. Professional advisors: We may share your data with professional advisers acting as service providers, processors, controllers, or joint controllers - including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your data.

  5. Legal compliance: We may transmit personal data if the applicable legal provisions so require, or when such action is necessary to comply with any laws, e.g. with criminal authorities if we are required to cooperate for such purposes. We may also need to share personal data for the protection of our rights and interests, to protect your safety or the safety of others or to investigate fraud, in accordance with the applicable laws.

  6. During a change to our business: If we are involved in a merger, acquisition, bankruptcy, dissolution, reorganisation, sale of some or all of our assets, or a similar transaction or proceeding, or steps in contemplation of such activities, certain information may be shared or transferred, subject to standard confidentiality arrangements.

International data transfers

Our Services are hosted by Railway Corp in the EU (europe-west4 region). Certain third-party service providers we use are based outside the European Economic Area, including in the United States. Where we transfer personal data outside the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission or the EU-US Data Privacy Framework. By using our Services, you acknowledge that some processing may occur outside your country of residence in accordance with these safeguards.

How long will we retain your data?

We retain your personal data only as long as necessary for the purposes described above, or as required by law. Below are the specific retention periods for each category of data:

Data categoryRetention period
Account and identity dataUntil you delete your account or disconnect your last identity
Guild membership recordsUntil you leave the guild or delete your account
Reward and points historyUntil you delete your account
Form submission responsesUntil you delete your account or the form owner deletes the form
Billing and subscription dataAs required by applicable tax and accounting laws (typically 5-7 years)
Application logs (including IP addresses)30 days
Error monitoring data (Sentry)90 days
Analytics data (PostHog)As configured by PostHog's retention settings
Cookie consent preferences180 days (6 months), refreshed on update

Upon your lawful request or when we have no ongoing legitimate business need to process your personal data, we will delete it in accordance with our deletion procedures described below.

With respect to data stored on a public blockchain, due to the immutable nature of the blockchain, your transaction data that may also include your public wallet address cannot be modified or deleted.

Your data privacy rights

You may ask us to:

If you are from a country where the General Data Protection Regulation of the EU (GDPR) applies, you may have additional rights such as:

How to exercise your rights

To request access to, correction of, or deletion of your personal data, you can:

Who is responsible for the processing of your data?

Guild.xyz services are provided by Z Gen Kibernetika Korlátolt Felelősségű Társaság (registered seat: 6720 Szeged, Kelemen László utca 11., company registration number: Cg.06-09-025397, tax number: 26787015-2-06) and it acts as a data controller with respect to the processing of your data.

Where you decide that you would like to share data with a Guild, then they will be considered as a data controller with respect to their processing. To learn more about their data processing practices, you should consult the Privacy Policy of the relevant Guild.

Children’ privacy

Our Site and the Service are not directed to anyone under the age of 18. The Site does not knowingly collect or solicit information from anyone under the age of 18, or allow anyone under the age of 18 to sign up for the Service. In the event that we learn that we have gathered information from anyone under the age of 18 without the consent of a parent or guardian, we will delete that information as soon as possible. If you believe we have collected such information, please contact us at [email protected]

Changes

We reserve the right to change this notice from time to time. Changes will be published on this website and any material changes will go into effect eights days following such notification. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of our website or our Services constitutes your agreement to be bound by such changes to this notice. Your only remedy, if you do not accept the terms of notice, is to discontinue use of our Website and Services.

Any further questions?

If you have any further questions in relation to the processing of your data, please contact [email protected].