Morph Privacy Policy

Last Updated: Nov 28th, 2024

At Morph Labs Limited (“Morph,” “we,” “our,” or “us”), your privacy is important to us. This Privacy Policy (the “Policy”) explains how we collect, use, disclose and share your personal data when you interact with us through our website at www.morphl2.io (the “Site”), our app or in other ways, such as when you engage with customer support or connect via social media or other third-party applications.

Please read this Policy carefully. By using or accessing the Site or app or our services in any manner, you acknowledge that you accept the practices and policies set out in this Policy and you hereby consent that we may collect, use, disclose or share your personal data as set forth below. If you do not agree with the terms of this Policy, please do not use or access the Site or app, our services, or any other aspect of our business.

We may update this Policy from time to time with prior notice as we update or expand our services, Site or app and to comply with applicable laws. If we make any changes, we will change the Last Update date above. It is recommended that you check this Policy periodically for updates and to stay informed.

1. Types of Information We Collect

Information You Provide:
We gather personal data you directly share with us when filling out forms, making purchases, contacting customer support, participating in promotions, or communicating with us in other ways. The types of information include contact and demographic information; identification information; enhanced due diligence information; institutional information; financial information; correspondence; stored content; audio, electronic or visual information; biometric data. This information may include but not limited to your name, email, address, payment details, and any other data you submit to us.

Automatically Collected Data:
When you browse our Site or app, we collect technical data about your device and how you interact with the Site or app, such as IP address, browser type, and the pages you view. We may also track your transaction history, including purchase details and timestamps.

Website Metadata and Analytics:
With your permission, we may access information including Internal Protocol (IP) addresses and precise location information from your device which you can disable at any time in your device settings, device information, data/time of visits, new or returning visits, products viewed, page response times, URL clickstreams, how long you stay on our pages, and what you do on those pages. .

Cookies and Tracking Technologies:
We, and the third parties we authorize, may use cookies, web beacons and similar technologies (collectively, “cookies”) to enhance your browsing experience and gather information about the use of our Site or app, as well as about our interactions with you. This information may include IP addresses, browser type, Internet Service Provider (ISP), referring/exit pages and operating system, date/time stamp, and clickstream data, and information about your interactions with the communications we send to you. We may combine this automatically collected log information with other information we collect about you. Cookies help us improve functionality, personalize content, and analyze traffic patterns. You can manage your cookie preferences via your browser settings.

Blockchain Data
We may analyze public blockchain data, including wallet addresses, transaction IDs, timestamps of transactions or events, transaction amounts, and digital signatures.

Additional Information from Third-Party Sources
This includes information such as information about you from other sources as required or permitted by applicable law, including third parties such as credit bureaus, identity verification services, and public databases. We may combine the information collected from these sources with the information we get from our Sites or services in order to verify your identity, comply with our legal obligations, and ensure our Sites and services are not used fraudulently or for other illicit activities.

2. How We Use Your Information

We use your information, including your personal information, in accordance with your instructions, including any applicable terms you agree to in our Terms of Use, and as required or restricted by applicable law. We may use them for various purposes, including:

• Providing, maintaining, and improving our Site, products and services, and managing our business, including as described in the Term of Use;
• Processing transactions such as payments and sending you related information such as receipts or order confirmations;
• Sending information including confirmations, notices, invoices, technical notices, updates, securities alerts, and support and administrative messages,
• Personalizing your experience on the Site based on your preferences;
• Providing customer support including investigating and addressing user concerns.
• Communicating with you about our offerings, including promotional materials (you can opt out anytime);
• Conducting data analysis to better understand user behavior and improve services. We may use the information we collect for testing, analysis and product development to improve your experience, enhance the safety and security of our Site and services, improve our ability to prevent the use of our Site or services for illegal or improper purpose, develop new features and products, and facilitate payment solutions in connection with our Site and services ;
• Ensuring and maintaining the safety, security and integrity of our Site and services, including preventing and protecting against fraud, authorized or illegal activities;
• Enforcing our agreements with third parties, and address violations of our Term of Use or agreements for other services; and
• Complying with applicable laws and regulations, fulfilling any legal obligations or responding to law enforcement when necessary. Our Site and services are subject to laws and regulations requiring us to collect, use, and store your personal information in certain ways. For example, we must identify and verify customers using our Site or services in order to comply with anti-money laundering and anti-terrorism laws. This may include collection and storage of your photo identification. We also use third parties to verify your identity by comparing the personal information you provide against third party, authoritative sources and databases, including public records. When you attempt to link a bank account to your account, we may require you to provide additional information which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law. If you do not provide information required by law, we will have to close your account. We may also use the information we collect to investigate or address claims or disputes relating to use of our Site and services, or as otherwise allowed by applicable law, or as requested by regulators, government entities, and official inquiries.
• Marketing our Site and services to you. This may include sending you communications via emails or mobile app notifications about our Site, services, features, promotions, surveys, news, updates, and events; managing your participation in these promotions and events; and to deliver targeted marketing. Our marketing will be conducted according to your advertising and marketing preferences and as permitted by applicable law.

3. Sharing or Disclosing Your Data

We may share your Personal Data with third parties (including other Morph entities) if we believe that sharing your Personal Data is in accordance with, or required by, any contractual relationship with you (including the Terms of Use) or us, applicable law, regulation or legal process. When sharing your Personal Data with other Morph entities, we will use our best endeavours to ensure that such entities are either subject to this Notice, or follow practices at least as protective as those described in this Notice. For example, depending on where you reside and the entity responsible for running KYC checks.

We may also share or disclose your information, including your personal information, under these circumstances:

• Service Providers. We work with third-party vendors (e.g., payment processors, shipping providers) to help us deliver our services. These vendors have access to personal data as needed for their services.
• Legal Requirements. We may disclose your information with courts, law enforcement authorities, regulators, lawyers or other parties: (i) to comply with laws and legal obligations; (ii) for the establishment, exercise, or defense of a legal or equitable claim; (iii) to respond to law enforcement and regulatory requests, including (a) when we are compelled to do so by a subpoena, court order, search or seizure warrant, or similar legal procedure, or (b) for international law enforcement requests, pursuant to a mutual legal assistance treaty or letter rogatory; (iv) to comply with one or more forms of “travel rules” that require our transmitting of your information to another financial institution; (v) when we believe in good faith that the disclosure of personal information is necessary to protect the rights, property or safety of our customers, us, or others, including to prevent imminent physical harm or material financial loss; (vi) to investigate violations of our Terms of Use or other applicable policies; or (vii) to report suspected illegal activity or to assist law enforcement in the investigation of suspected illegal or wrongful activity.
• Business Transactions. In the event of a merger, acquisition, or asset sale, your information may be transferred as part of the business deal.
• Our Professional Advisors. We may disclose your information with our professional advisors such as accountants, auditors, lawyers, insurers, bankers, and blockchain forensic services in order to complete third party audits and/or to comply with our legal and regulatory obligations.
• Service Providers. We may disclose your information on a confidential basis with service providers who help facilitate business operations such as payment processing, marketing, security, or information technology services. Our legal agreements require these service providers to only use your information according to our instructions.
• Your Consent. We may share your information for any other purposes disclosed to you with your consent.

We also use aggregated, non-identifiable data for research and analysis purposes.

In order for us to provide you with the best user experience, we may also share your personal data with our marketing partners for the purposes of targeting, modelling, and/or analytics as well as marketing and advertising. You have a right to object at any time to processing of your personal data for direct marketing purposes.

4. International Data Transfers

As we operate in various jurisdictions, your data may be transferred and stored in countries outside your own, including the United States. By interacting with us, you consent to these transfers. We take steps to ensure your data is handled securely, regardless of location. In cases where we intend to transfer personal information to other countries, we put in place suitable technical, organizational and contractual safeguards to ensure that such transfer is carried out in compliance with applicable data protection rules.

5. Your Choices and Rights

Cookie Management:
You have control over the cookies used on our Site. Most browsers allow you to block cookies or notify you when they are being sent. However, note that disabling cookies may affect your experience on our Site or app.

Communication Preferences:
You may opt out of receiving promotional communications from us by following the unsubscribe link in our emails. Even after you opt out, we may still send you non-promotional messages, such as those related to your transactions or customer support inquiries.

Your Rights:
Subject to applicable law, as outlined below, you have a number of rights in relation to your privacy and the protection of your personal data. You have the right to request access to, correct, and delete your personal data, and to ask for data portability. You may also object to our processing of your personal data or ask that we restrict the processing of your personal data in certain instances. In addition, when you consent to our processing of your personal data for a specified purpose, you may withdraw your consent at any time. If you want to exercise any of your rights please contact us via official＠morphl2.io. These rights may be limited in some situations - for example, where we can demonstrate we have a legal requirement to process your personal data.

Right to access: you have the right to obtain confirmation that your personal data are processed and to obtain a copy of it as well as certain information related to its processing.

Right to rectify: you can request the rectification of your personal data which are inaccurate, and also add to it. You can also change your personal data in your account at any time.

Right to object: you can object, for reasons relating to your situation, to the processing of your personal data For instance, you have the right to object where we rely on legitimate interest or where we process your data for direct marketing purposes;

Right to restrict processing: You have the right, in certain cases, to temporarily restrict the processing of your personal data by us, provided there are valid grounds for doing so. We may continue to process your personal data if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law;

Right to contest to a decision based solely on automated processing: You have the right to require that decisions be reconsidered if they are made solely by automated means, without human involvement; we use automated tools to make sure that you are eligible to be our customer taking into account our interests and legal obligations; if these automated tools indicate that you do not meet our acceptance criteria, we will not onboard you as our customer;

Right to portability: in some cases, you can ask to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format, or, when this is possible, that we communicate your personal data on your behalf directly to another data controller;

Right to withdraw your consent: for processing requiring your consent, you have the right to withdraw your consent at any time. Exercising this right does not affect the lawfulness of the processing based on the consent given before the withdrawal of the latter;

Right to lodge a complaint with the relevant data protection authority: We hope that we can satisfy any queries you may have about the way in which we process your personal data. However, if you have unresolved concerns, you also have the right to complain to the data protection authority in the location in which you live, work or believe a data protection breach has occurred.

If you have any questions or objection as to how we collect and process your personal data, please contact us at official＠morphl2.io.

6. California Privacy Rights

If you are a California resident, you are entitled to certain rights under the California Consumer Privacy Act (CCPA). These rights include the ability to request information about what personal data we collect and request deletion of your data. You may also opt out of data sales, although we do not sell personal information. You can exercise these rights by contacting us at official＠morphl2.io.

7. European Residents' Data Rights

For residents of the European Economic Area (EEA), the United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR), including the right to access, correct, or request deletion of your personal data. You can also object to certain processing activities or request that we restrict data processing. To exercise your rights, please contact us at official＠morphl2.io.

8. Online Tracking Opt-Out Guide

Like many companies, we use cookies, pixels, web beacons, SDKs, and other tracking technologies (“cookies”) to collect information about your browsing activities, your interactions with websites (including our Sites) and apps (including our mobile app), and to serve tailored ads.

9. Data Retention

We retain your personal data for as long as necessary to provide our services, for as long as it is required in order to fulfill the relevant purposes described in this Notice or as required by law such as for tax and accounting purposes, compliance with Anti-Money Laundering laws, or to resolve disputes and/or legal claims or as otherwise communicated to you.. If you request deletion of your data, we will make reasonable efforts to honor your request, except where we need to retain information for legal or regulatory obligations.

While retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your personal data are described below.

Personal Identifiable Data collected to comply with our legal obligations under financial or anti-money laundering laws may be retained after account closure for as long as is required under such laws.

Contact Information such as your name, email address and telephone number for marketing purposes is retained on an ongoing basis and until you (a) unsubscribe, or we (b) delete your account. Thereafter we will add your details to an unsubscribed list to ensure we do not inadvertently market to you.

Content that you post on our website such as support desk comments, photographs, videos, blog posts, and other content may be kept after you close your account for audit and crime prevention purposes.

Recording of voice calls with you may be kept for a period of up to six years, for audit/ compliance purposes and to resolve disputes and/or legal claims.

Information collected via cookies, web page counters and other analytics tools is kept for a period of up to one year from the date of the collection of the cookie of the relevant cookie.

10. Mobile Privacy

Our app uses software code provided by our business partners (software development kits or SDKs) that let our software interact with the services these business partners provide. These interactions may involve that partner collecting some information from the device on which the software is run.

11. Children’s Privacy

We do not allow use of our services and Site by anyone younger than 18 years old. If you learn that anyone younger than 18 has unlawfully provided us with personal information, please contact us at official＠morphl2.io and we will take steps to delete such information, close any such accounts, and prevent the user from continuing to use our Services.

12. Links to Third Party Sites

Our Site or services may contain links to other websites or services. We do not exercise control over the information you provide or is collected by these third-party websites. We encourage you to read the privacy policies or statements of the other websites you visit.

13. Security

We design our systems with your security and privacy in mind. We have appropriate security measures in place to prevent your information being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We work to protect the security of your personal data during transmission and while stored by using encryption protocols and softwares. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your personal data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

Our security procedures mean that we may ask you to verify your identity to protect you against unauthorised access to your account. We recommend using a unique password for your account that is not utilized for other online accounts and to sign off when you finish using a shared computer.

14. Contact Us

For any questions or concerns about this Policy or your personal data, please reach out to us at official＠morphl2.io