Privacy Policy
Last Updated: August 2024
Privacy Policy
Last Updated: 08-08-2024
- General Background
This Privacy Policy describes how the Foundation for the New Creative Economies, Dammstrasse 16, 6300 Zug, incorporated under the laws of Switzerland (also “we”, “us” or “our”) collects, protects, and uses your personal data when you use our website (in this context, the term “website” also includes our web portals or Apps), obtain products or services from us, interact with us in relation to a contract, communicate with us, or otherwise deal with us. We explain what we do with your personal data, for what purposes and on what legal foundation we do so, and what rights you have on that basis. When appropriate, we will provide just-in-time notice to cover any additional processing activities not mentioned in this Privacy Policy. In addition, we may inform you about the processing of your data separately, for example, in consent forms, terms and conditions, additional Privacy Policies, forms, and other notices. We use the word “data” here interchangeably with “personal data”.
If you provide information to us about any person other than yourself, your employees, counterparties, your advisers, or your suppliers, you must ensure that the data is accurate, that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.
This Privacy Policy is aligned with the EU General Data Protection Regulation (“GDPR”) and the Swiss Data Protection Act (“DPA”). However, the application of these laws depends on each individual case.
- The Controller and the Data Protection Officer/Data Protection Advisor
The responsible person for processing your data under this Privacy Policy (“Controller”) unless we tell you otherwise in an individual case is:
Foundation for the New Creative Economies
Dammstrasse 16
6300 Zug
https://new-creative-economies.foundation
You may contact us regarding data protection matters and to exercise your rights at:
- Data processed by us
The processing of personal data is limited to data that is required to operate a functional website and for the provision of content, products, and services. The processing of personal data of our users is based on the purposes agreed or on a legal basis. We only collect personal data that is necessary to implement and process our tasks and services or if you provide data voluntarily. Depending on the reason and purpose of the processing, we process different data about you:
- Technical Data
When you use our website or other online offerings, we collect the IP address of your terminal device and other technical data to ensure the functionality and security of these offerings. This data includes logs with records of the use of our systems. We generally keep technical data for a maximum of 6 months. To ensure the functionality of these offerings, we may also assign an individual code to you or your device (for example, as a cookie, see Section 15). Technical data as such does not permit drawing conclusions about your identity. However, technical data may be linked with other categories of data (and potentially with your person) in relation with user accounts, registrations, access controls, or the performance of a contract.
- User Account and Registration Data
Some of our services may only be used with a user account or a registration (e.g., competitions, newsletters, etc.). Such data will be kept for 12 months from the date the use of the services ceases or the user account is closed.
- Communication Data
When you get in contact with us via contact form, e-mail, telephone, chat, or by letter or other means of communication, we collect the data exchanged between you and us, including your contact details and the metadata of the communication. If we record telephone conversations, we will tell you specifically. If we have to confirm your identity, for example, in relation to a request for information, a request for press access, etc., we collect data to identify you (for example, a copy of an ID document). We generally keep this data for 12 months from the last exchange between us. This period may be longer where required for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons. E-mails in personal mailboxes and written correspondence are generally kept for at least 10 years. Chats are generally stored for 2 years.
- Master Data
Master data is the basic data that we need, in addition to contract data (see below), for the performance of our contractual and other business relationships or for marketing and promotional purposes, such as name and contact details, and information about, for example, your role and function, your bank details, your domicile, your date of birth, customer history, powers of attorney, signature authorizations and declarations of consent, as well as Know Your Customer (KYC) data, Know Your Business (KYB) data and further data relating to fraud prevention and the combating of money laundering and terrorist financing, export restrictions, sanctions, and embargoes. We process your master data if you are a customer or other business contact or work for one (for example as a contact person of the business partner), or because we wish to address you for our own purposes or for the purposes of a contractual partner (for example as part of marketing and advertising, as part of our grants and bounty programs, for invitations to events, for vouchers, newsletters, etc.). We receive master data from you (for example when you make use of our services provided), from parties you work for, or from third parties such as contractual partners, associations and address brokers, and from public sources such as public registers or the internet (websites, social media, etc.) or from activity that is publicly visible and/or accessible on blockchains (e.g., Blockchain address, information regarding purchases, sales, or transfer of NFTs, which may then be associated with other data you have provided to us). We generally keep master data for 10 years from the last exchange between us but at least from the end of the contract. This period may be longer if required for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons. For contacts used only for marketing and advertising, the period is usually much shorter, usually no more than 2 years from the last contact.
- Contract Data
We collect contract data in relation to the conclusion or performance of a contract, e.g., information about the products and services provided or to be provided, as well as data from the period leading up to the conclusion of a contract, information required or used for performing a contract, and information about feedback (e.g., complaints, feedback about satisfaction, etc.). We generally collect this data from you, from contractual partners and from third parties involved in the performance of the contract, but also from third-party sources (for example credit information providers) and from public sources. We generally keep this data for 10 years from the last contract activity but at least from the end of the contract. This period may be longer where necessary for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons.
- Behavioral and Preference Data
Depending on our relationship with you, we try to get to know you better and to tailor our products, services, and offers to you. For this purpose, we collect and process data about your behavior and preferences. We do so by evaluating information about your behavior. Based on this data, we can, for example, determine the likelihood that you will use certain services or behave in a certain way. The data processed for this purpose is already known to us (for example where and when you use our services), or we collect it by recording your behavior (for example, how you navigate our website). We anonymize or delete this data when it is no longer relevant for the purposes pursued, which may be - depending on the nature of the data - between 2-3 weeks and 24 months (for product and service preferences). This period may be longer for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons.
- Other Data
We also collect data from you in other situations. For example, data that may relate to you (such as files, evidence, etc.) is processed in relation to administrative or judicial proceedings. We may also collect data for health protection (for example as part of health protection concepts). We may obtain or create photos, videos, and sound recordings in which you may be identifiable (for example at events, with security cameras, etc.). We may also collect data about who enters certain buildings, and when or who has access rights (including in relation to access controls, based on registration data or lists of visitors, etc.), who participates in events or campaigns, e.g., competitions, and who uses our infrastructure and systems and when. The retention period for this data depends on the processing purpose and is limited to what is necessary. This ranges from one or two days for many of the security cameras, to usually a few weeks in case of data for contact tracing and visitor data that is usually kept for 3 months, to several years or longer for reports about events with images.
Much of the data set out in this Section is provided to us by you, e.g., through forms, in relation to communication with us, in relation to contracts, when you use the website, etc. You are not obliged or required to disclose data to us except in individual cases, for example within the framework of binding health protection concepts (legal obligations). If you wish to enter into contracts with us or use our services, you must also provide us with certain data, in particular master data,contract data, and registration data, as part of your contractual obligation under the relevant contract. When using our website, the processing of technical data cannot be avoided. If you wish to gain access to certain systems or buildings, you must also provide us with registration data. However, in the case of behavioural and preference data, you have the option of objecting or not giving consent.
We provide certain services to you only if you provide us with registration data, because we or our contractual partners wish to know who uses our services or has accepted an invitation to an event, because it is a technical requirement, or because we wish to communicate with you. If you or the person you represent (for example your employer) wishes to enter into or perform a contract with us, we must collect master data, contract data, and communication data from you, and we process technical data if you wish to use our website or other electronic offerings for this purpose. If you do not provide us with the data necessary for the conclusion and performance of the contract, you should expect that we may refuse to conclude the contract, that you may commit a breach of contract or that we will not perform the contract. Similarly, we can only submit a response to a request from you if we process communication data and - if you communicate with us online - possibly also technical data. Also, the use of our website is not possible without us receiving technical data.
As far as it is not unlawful, we also collect data from public sources (for example debt collection registers, land registers, commercial registers, the media, or the internet including social media) or receive data from other companies within our group, from public authorities, and from other third parties (such as credit agencies, address brokers, associations, contractual partners, internet analytics services, etc.).
The categories of personal data that we receive about you from third parties include, in particular, information from public registers, information that we receive in relation to administrative and legal proceedings, information in relation to your professional functions and activities (so that we can, for example, conclude and process transactions with your employer with your assistance), information about you in correspondence and meetings with third parties, credit information (where we conduct business with you in a personal capacity), information about you that persons related to you (family, advisors, legal representatives, etc.) share with us so that we can conclude or perform contracts with you or involving you (for example references, your delivery address, powers of attorney, information about compliance with legal requirements such as those relating to fraud prevention and the combating of money laundering and terrorist financing and Know Your Customer (KYC) data, Know Your Business (KYB) data, sanctions, export restrictions, information from banks, insurance companies, sales and other contractual partners of us about your use or provision of services (for example payments, purchases, etc.), information from the media and the internet about the use or provision of services by you (for example payments made, purchases made, etc.), information from the media and the internet about you (where appropriate in a specific case, e.g., in the context of an application, marketing/sales, press review, etc.), your address and potentially interests and other socio-demographic data (especially for marketing and research purposes) and data in relation with the use of third-party websites and online offerings where such use can be linked to you.
- Purposes of the Processing of data
We process your data for the purposes explained below. Further information is set out in Sections 15 et seq. for online services. These purposes and their objectives represent interests of us and potentially of third parties. You can find further information on the legal basis of our processing in Section 5.
- Communication
We process your data for communication purposes, in order to communicate with you, in particular, when you contact us in order to respond to your queries or when you exercise your rights. For this purpose, we use in particular communication data, master data, and registration data to enable us to communicate with you and provide our services or respond to requests. We keep this data to document our communication with you, for training purposes and quality assurance.
- Performance of a Contract
We process your data for entering into a contract with you, perform, and administer it. In particular, we process communication data, master data, registration data, and contract data about you. This might include data about third parties, e.g., if you order products or services for the benefit of a third party. This also includes data about potential customers that we receive from communication with you, on a trade fair, or any other business event. As regards the conclusion of a contact, we use this data to assess your creditworthiness and to open up a business relationship with you. Administering and performing the contract with you might involve third parties, such as logistic companies, advertising service providers, banks, insurance companies, or credit information providers in order to provide our products and services to you.
- Marketing and Relationship Management
We process your data for marketing and relationship management purposes. For example, we send personalized newsletters for products and services from us and, if applicable from selected third parties (e.g., advertising partners). Marketing and relationship management might include contacting you via e-mail, telephone, or other channels for which we have contact information from you. We and, if applicable, selected third parties, only display personalized content or advertising based on your usage behaviour or send e-mails for marketing purposes (e.g., newsletters) if and to the extent you give your consent to us if required under applicable law. You can object to such marketing activities or withdraw your consent at any time (please see Sections 13 and 14).
- Product/Service Improvement and Innovation
We process your data for market research and to improve our products and services (including our website).
- Safety or Security Reasons
We process your data to protect our IT and other infrastructure (e.g., buildings). For example, we process data for monitoring, analysis, and testing of our networks and IT infrastructures including access controls. We might also use surveillance systems, e.g., cameras for security purposes. In such a case, we will inform you at the relevant locations separately.
- Compliance with Law
We process your data to comply with legal requirements, e.g., health security concepts, money laundering and terrorist financing, tax obligations etc. and we might have to request further information from you to comply with such requirements (“Know Your Customer”, “KYC”; “Know Your Business”, “KYB”) or as otherwise required by law and legal authorities.
- Risk Management, Corporate Governance, and Business Development
We process your data as part of our risk management and corporate governance in order to protect us from criminal or abusive activity. As part of our business development, we might sell businesses, parts of businesses, or companies to others or acquire them from others or enter into partnerships and this might result in the exchange and processing of data based on your consent, if necessary.
- Legal Ground for Processing Your Data
- Your Consent
Where we asked for your consent (e.g., for receiving newsletters and for personalized content or advertising based on your usage behavior or for processing sensitive data), we process your data based on such consent. You may withdraw your consent at any time with effect for the future by providing us written notice (e-mail sufficient), see our contact details in Section 2. If you like to withdraw your consent for online tracking, please see Sections 15 et seq. Withdrawal of your consent does not affect the lawfulness of the processing that we have carried out prior to your withdrawal, nor does it affect the processing of your data-based on other processing grounds.
- Where we did not ask for your consent, we process your data on other legal grounds, such as:
- A contractual obligation
- A legal obligation
- A vital interest of the data subject or of another natural person
- A legitimate interest, which includes compliance with applicable law and the marketing of our products and services, the interest in better understanding our markets and in managing and further developing our company, including its operations, safely and efficiently.
- Profiling and Automated Decision Taking
We might analyze aspects of your individual's personality, behavior, interests, and habits to make predictions or decisions about them for the purposes laid out in Section 4, e.g., to perform statistical analysis or to prevent misuse and security risks. This analysis identifies correlations between different behaviors and characteristics to create profiles for individuals. For example, we may use profiling to determine in which products or services you might be interested. We may also use profiling to assess your creditworthiness. We do not use profiling that can produce legal effects concerning you or similarly significantly affect you without human review.
In certain circumstances, automated decision-taking might be necessary for reasons of efficiency and consistency. In such cases, we will inform you accordingly and take the measures required by applicable law.
- On-Chain Data (Blockchain)
By using our blockchain-based services you acknowledge that your wallet address and related transactions, which are considered personal data if relating to an identified or identifiable natural person, are permanently and publicly stored on the blockchain, publicly available to anyone, and neither we, nor any third party, has any power to delete such data published by its users to the blockchain. If you want to ensure that your privacy rights are not affected in any way, you should not transact on blockchains as certain rights may not be fully available or exercisable by you or us due to the technological infrastructure of the blockchain.
You hereby release and indemnify us of any data privacy liability associated with data that you published to the blockchain by using our services.
- Disclosure of Data to Third Parties and Social Plug-ins
In order to perform our contracts, fulfill our legal obligations, protect our legitimate interest and the other purposes and legal grounds set out above, we may disclose your data to third parties, in particular to the following categories of recipients:
- Group Companies
You hereby release and indemnify us of any data privacy liability associated with data that you published to the blockchain by using our services.
- Offerings of Third Parties
Our Website may contain third-party offerings. If you click on such an offer, we will transfer data to the respective third party to the extent necessary (e.g., the information that you found this offer on our website or app and, if applicable, further information that you provided for this purpose on our website or app). We have no control over, do not review, and cannot be responsible for these third-party websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these third-party websites or their content, or to any collection of your data after you click on links to such third-party websites. We encourage you to read the privacy policies of every website you visit. Any links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.
- Third-Party Wallets
To use our services or interact with us, you may use a third-party wallet that allows you to engage in transactions on public blockchains. The applicable terms of service and privacy policy of that third party govern your interactions with any third-party wallet provider.
- Service Providers
We may share your information with service providers and business partners around the world with whom we collaborate to fulfill the above purposes (e.g., IT providers, shipping companies, advertising service providers, security companies, banks, insurance companies, telecommunication companies, credit information agencies, address verification providers, lawyers) or who we engage to process personal data for any of the purposes listed above on our behalf and in accordance with our instructions only.
- Contractual Partners Including Customers
If required under the respective contract we share your data with other contractual partners. If we sell or buy any business or assets, we may disclose your data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.
- Legal Authorities
If legally obliged or entitled to make disclosures or if it appears necessary to protect our interests, we may disclose your data to courts, law enforcement authorities, regulators, government officials, or other legal authorities in Switzerland or abroad, e.g., in criminal investigations and legal proceedings including alternative dispute resolution as well as to prevent and combat money laundering and terrorist financing (e.g., duties in the event of a suspicion of money laundering, duty to report to Money Laundering Reporting Offices Switzerland or abroad) or due to further reporting duties.
- Social Plug-ins
We do not use social media plug-ins on our website. If our website contains icons of social media providers (e.g., X, Mirror, etc.), we use these only as passive links to the websites of the respective social media platforms.
- Our Appearance on Social Networks
We are present on the following social media platforms: [e.g., X, LinkedIn, Instagram, YouTube, TikTok, Mirror, Farcaster, Lens] and collect data about you as described in Section 3 and below. We receive this data from you and the platforms when you enter into contact with us via our online presence (e.g., when you communicate with us, comment on our content, or visit our presence).
At the same time, the platforms evaluate your use of our online presence and link this data with other data about you known to the platforms (e.g., about your behavior and preferences). They also process this data for their own purposes under their own responsibility, in particular for marketing and market research purposes (e.g., to personalize advertising) and to control their platform (e.g., which content they show to you). This also happens if you do not have a profile on the social media platform.
We process this data for the purposes described in Section 4, in particular for communication, marketing purposes, and market research. You will find information on the legal basis in Section 5.
We would like to point out that you use our presence on social media platforms and their functions on your own responsibility. This applies, in particular, to the use of interactive functions (e.g., commenting, sharing, rating).
The individual data processing activities and their scope differ depending on the social media provider. For details about the collection and storage of your personal data and about the type, scope, and purpose of its use by the social media provider, please refer to the privacy policy of the respective social media provider.
The data collected about you in this context is processed by the platforms and may be transferred to countries outside the European Union, in particular the USA, which is considered not to provide adequate data protection from a Swiss/EU perspective. Therefore, we have agreed to so-called standard data protection clauses (SCCs) with the social media providers in order to ensure compliance with an appropriate level of data protection in third countries.
We do not know how the social media platforms use the data from your visit to our account and interaction with our posts for their own purposes, how long this data is stored, and whether data is passed on to third parties. The data processing may differ depending on whether you are registered and logged in to the social network or visit the site as a non-registered and/or non-logged-in user. When you access a post or the account, the IP address assigned to your terminal device is transmitted to the provider of the social media platform. If you are currently logged in as a user, a cookie on your end device can be used to track how you have moved around the network. Buttons embedded in websites enable the platforms to record your visits to these website pages and assign them to your respective profile. Based on this data, content or advertising can be offered tailored to you. If you wish to avoid this, you should log out or deactivate the "stay logged in" function, delete the cookies on your device, and restart your browser.
To exercise your data subject rights, you can contact both us and the provider of the social media platform. To the extent that one party is not responsible for responding or must obtain the information from the other party, we or the provider will then forward your request to the respective partner. Please contact the provider of the social media platform directly for questions about profiling, and processing of your data when using the website. For questions about the processing of your interaction with us on our site, write to the contact details provided by us above.
For further information on the purpose and scope of data collection and processing by the social media platform, please review the Privacy Policys of these social media platforms, where you will also receive further information about your rights and about setting options for protecting your privacy.
- Transfer of Data Abroad
As we have explained in Section 7, we disclose data to other parties, not all of them located in Switzerland. Your data may be processed in the European Economic Area (EEA) and in exceptional circumstances also in countries outside the EEA and around the world, which includes countries that do not provide the same level of data protection as Switzerland or the EEA and are not recognized as providing an adequate level of data protection. We only transfer data to these countries when it is necessary for the performance of a contract or for the exercise or defence of legal claims, or if such transfer is based on your explicit consent or subject to safeguards that assure the protection of your data, such as the European Commission approved standard contractual clauses.
- Storage of Your Personal Data
We only process your data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of complying with legal retention requirements and where required to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled. Upon the expiry of the applicable retention period, we will securely destroy your data in accordance with applicable laws and regulations.
- Security of Your Personal Data
We take appropriate organizational and technical security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed.
However, we and your personal data can still become victims of cyber-attacks, cybercrime, brute force, hacker attacks, and further fraudulent and malicious activity including but not limited to viruses, forgeries, malfunctions, and interruptions which are out of our control and responsibility.
We have also implemented procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
- Your Rights
You have various rights in relation with our processing of your personal data, depending on the applicable data protection law:
- Right of Access
You have the right to request a copy of the personal data that we hold about you. However, there are exceptions to this right, so access may be denied if, for example, making the information available to you would reveal personal data about another person or if we are legally prevented from disclosing such information.
- Right to Rectification
We aim to keep your personal data accurate, current, and complete. We encourage you to contact us to let us know if any of your personal data is inaccurate or changes so that we can keep it up to date.
- Right to Erasure
You have the right to require us to erase your personal data when the personal data is no longer necessary for the purposes for which it was collected, or when, among other things, your personal data has been unlawfully processed.
- Right to Restriction
You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Right to Data Portability
You have the right to ask that we transfer the personal information you gave us to another controller or to you, in certain circumstances.
- Right to Withdraw Consent
Where we process data based on your consent, you have the right to withdraw your consent. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.
- Complaints
If you believe that your data protection rights might have been breached, please
let us know or contact the applicable supervisory authority. The Federal Data Protection and Information Commissioner is the competent data protection authority in Switzerland. The contact details are available here: www.edoeb.admin.ch.
If you are residing in the European Union, you also have the right to complain to your local data protection supervisory authority. You can find some contact details of the respective authorities of the Member States of the European Union here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
- Right to Object
Under applicable data protection law, you have the right to object at any time to the processing of personal data pertaining to you under certain circumstances, in particular where your data is processed in the public interest, on the basis of a balance of interests or for direct marketing purposes.
If you would like to exercise the above-mentioned rights, please contact us at dataprotection@fnce.foundation or the contact details provided under Section 2 unless otherwise specified or agreed. Please note that we need to identify you to prevent misuse, e.g., by means of a copy of your ID card or passport, unless identification is possible otherwise.
- Newsletter
If you subscribe to one of our newsletters, you may cancel the subscription at any time by using the option to unsubscribe contained in the newsletter.
- Cookies
We use cookies on our website and may allow certain third parties to do so as well. Cookies are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. For further information, please see also our Cookie Policy.
- Monitoring Tools
We use social media monitoring tools that help us to identify and monitor content on third-party websites, e.g., in posts, tweets, blogs, news, forum posts, and social media platforms. This gives us a detailed insight into customer opinions and any topics on the internet that mention our company name(s) or talk about our brand(s). In doing so, so-called "crawlers" search available online sources to seek out the relevant hits. Some monitoring tools search both publicly available data on the internet and closed-loop third-party networks with which they have directly concluded contracts in order to access their data.
Our use of monitoring tools is based on our legitimate interests of market and opinion research for marketing and PR purposes. Data processing by such monitoring tools is external and separate from our web and social media sites and we are not responsible for any data processing by such monitoring tools.
If you would like to object to the use of your information by such monitoring tools, or require information about the data stored by them, or if you wish to exercise any other right that you are entitled to, please contact the respective monitoring tool.
- Tracking Tools
Based on your consent, we use tracking tools to ensure a tailored design and the continuous optimization of our website. We also use the following tracking tools to statistically record the use of our website and evaluate it for the purpose of optimizing the content we show you:
- Google Analytics:
Google Ireland (based in Ireland) is our provider of “Google Analytics” and acts as our processor. Google Ireland relies on Google LLC (based in the USA) as a processor for its services (both “Google”). Google uses performance cookies (see above) to track the behavior of visitors to our website (duration, frequency of pages viewed, geographic origin of access, etc.) and compiles reports for us on the use of our website on this basis. We have configured the service so that the IP addresses of visitors are shortened by Google in Europe before being forwarded to the US and thus cannot be traced. We have turned off the "Data Forwarding" and "Signals" settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can draw conclusions about the identity of visitors from this data for its own purposes, create personal profiles, and link this data to the Google accounts of these persons. If you consent to the use of Google Analytics, you explicitly agree to such processing, which also includes the transfer of personal data (in particular usage data for the website and app, device information, and individual IDs) to the US and other countries not offering adequate data protection from a Swiss/EU perspective. Information on the data protection of Google Analytics can be found here: (https://support.google.com/analytics/answer/6004245) and if you have a Google account, you can find further details on processing by Google: here (https://policies.google.com/technologies/partner-sites?hl=de).
- Updating and Changing this Privacy Policy
Due to the continuous development of our website and its contents, changes in law or regulatory requirements, we might need to change this Privacy Policy from time to time. Our current Privacy Policy can be found at our website.