1. Introduction
Earniform Ltd ("we", "us", "our") operates the Earniform digital participation platform accessible at earniform.com and associated subdomains. This Privacy Policy applies to all personal data collected through our website, platform, mobile applications, and customer communications.
We process your personal data only where we have a lawful basis to do so, and we are committed to being transparent about how and why we use your information.
2. Data Controller
Earniform Ltd is the data controller for the personal information collected through the Platform. If you have any questions about how we handle your data, you can contact our Data Protection Officer at:
Email: [email protected]
Post: Earniform Ltd, Data Protection Officer, [Registered Address]
3. Data We Collect
We collect the following categories of personal data:
3.1 Data You Provide Directly
- Account registration data: email address, username, and password (stored in encrypted form);
- Profile information: name, date of birth, country of residence (optional, provided at your discretion);
- Payment information: wallet addresses or payment method identifiers (we do not store full card numbers);
- Communications: messages sent to our support team, survey responses, and feedback submissions.
3.2 Data Collected Automatically
- Usage data: pages visited, features used, time spent on the Platform, click patterns;
- Device and connection data: IP address, browser type and version, operating system, device identifiers;
- Cookies and tracking data: as described in our Cookies Policy;
- Activity logs: records of completed activities, submission timestamps, and quality scores.
3.3 Data From Third Parties
We may receive limited personal data from identity verification services, fraud detection providers, and analytics platforms, used solely to ensure Platform security and integrity.
4. How We Use Your Data
| Purpose | Types of Data | Legal Basis |
|---|---|---|
| Account creation and management | Email, profile information | Contract performance |
| Delivering Platform services and activities | Usage data, activity logs | Contract performance |
| Processing withdrawals and payments | Payment identifiers, activity data | Contract performance |
| Fraud prevention and security | IP address, device data, activity logs | Legitimate interest |
| Platform analytics and improvement | Anonymised usage data | Legitimate interest |
| Legal and regulatory compliance | All categories as required | Legal obligation |
| Marketing communications (opt-in only) | Email address | Consent |
5. Legal Basis for Processing
We rely on the following legal bases under GDPR Article 6:
- Contractual necessity (Art. 6(1)(b)): processing required to fulfil our obligations under the User Agreement;
- Legitimate interests (Art. 6(1)(f)): fraud prevention, security monitoring, and platform improvement;
- Legal obligation (Art. 6(1)(c)): compliance with applicable laws and regulatory requirements;
- Consent (Art. 6(1)(a)): marketing communications and non-essential cookies.
6. Sharing Your Data
We do not sell your personal data. We share data only with trusted third parties where necessary:
- Payment processors: to facilitate withdrawal transactions;
- Cloud infrastructure providers: for secure data hosting and processing;
- Analytics providers: using anonymised or pseudonymised data only;
- Fraud and identity verification services: to maintain Platform integrity;
- Legal authorities: where required by law, court order, or regulatory obligation.
All third-party processors are subject to data processing agreements requiring GDPR-equivalent protections.
7. Data Retention
We retain personal data only as long as necessary for the purposes described in this Policy:
- Account data: retained for the duration of your account plus 2 years after closure;
- Activity and transaction records: retained for 7 years for financial compliance purposes;
- Support correspondence: retained for 3 years;
- Anonymised analytics data: retained indefinitely in non-identifiable form.
8. Security
We implement industry-standard technical and organisational measures to protect your personal data, including:
- AES-256 encryption at rest for all stored personal data;
- TLS 1.3 encryption in transit for all data communications;
- Multi-factor authentication for internal system access;
- Regular penetration testing and security audits;
- Strict role-based access controls for all staff.
9. Your Rights
Under GDPR, you have the following rights regarding your personal data:
- Right of access: request a copy of the data we hold about you;
- Right to rectification: request correction of inaccurate data;
- Right to erasure: request deletion of your data (subject to legal retention obligations);
- Right to restrict processing: request that we limit how we use your data;
- Right to data portability: receive your data in a structured, machine-readable format;
- Right to object: object to processing based on legitimate interests or for direct marketing;
- Right to withdraw consent: where processing is based on consent, you may withdraw at any time.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.
10. International Transfers
Where we transfer personal data outside the European Economic Area, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or adequacy decisions where applicable.
11. Children's Privacy
Our Platform is not directed at or intended for children under the age of 18. We do not knowingly collect personal data from minors. If you become aware that a minor has provided us with personal data, please contact us immediately at [email protected].
12. Cookies
We use cookies and similar tracking technologies on our Platform. For detailed information about the cookies we use and how to manage your preferences, please see our Cookies Policy.
13. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. We will notify you of material changes by updating the "Last Updated" date and, where appropriate, by direct notification. We encourage you to review this Policy periodically.
14. Contact Us
For any privacy-related queries, requests, or concerns:
Data Protection Officer
Earniform Ltd
Email: [email protected]
Response time: within 2 business days