Privacy Policy

Effective as of: March 12, 2024

About this Privacy Policy

This Privacy Policy describes the privacy practices of Arkham Intelligence, Inc. (“Arkham,”) , and the Arkham Foundation (“the Foundation”) (collectively, “we,” “us” and “our”), and how we collect, use, and disclose personal data on our platform (collectively, the “Services”). We may update this Privacy Policy from time to time, as detailed below. You should not use the Services if you have any objections to our Privacy Policy, which is binding upon all users of the Services. If you have a question about how your personal data is being used, you can contact us through the methods provided in the “Contact Us” section at the end of this Privacy Policy.

Our Privacy Approach

First, here are a few key points about Arkham’s and the Foundation’s privacy practices:

  • Our Services are designed to provide a software platform for accessing blockchain information and analysis on entities, individuals, and transactions. We provide technology for linking cryptocurrency activity to real world individuals and institutions, including a searchable database of crypto users and their activities, customizable alerts for on and off chain activity, and network maps of crypto currency transactions across entities, individuals and geographies.
  • To provide you with our Services, we collect information directly from you, your use of the Services and public sources, such as blockchains.
  • We respect the privacy of our users. User labels, user created entities, and user imported addresses are stored securely and will not be used for the public dataset on the Arkham platform. We do not sell user personal information.

What Do We Mean by “personal data”?

Personal data is information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. Personal data that is publicly available, processing in connection with journalistic purposes or expression or a matter of public concern, aggregated, or de-identified is not considered personal data for the purposes of this Privacy Policy.

What Personal Data Do We Collect and How Do We Collect It?

Information you provide us.

Personal data you may provide to us through the Services includes:

  • Account and contact data, such as your first and last name, organization name (if applicable), biography (if you choose to add one), email and mailing address, Ethereum public address, phone number, profile picture, and username.
  • Interests, usage, and connections, including information about how you use the Services, such as the types of content you engage with, content you share, features you use, actions you take, and people or accounts you interact and connect with.
  • Marketing data, such as your preferences for receiving our marketing communications, and details about your engagement with them.
  • ‍Communications that we exchange with users when they contact us, including with questions or feedback.
  • Transaction information. Please note that for conducting any transactions through the Service, we work with third-party electronic wallet extensions such as MetaMask and WalletConnect. Your interactions with third-party electronic wallet extensions are governed by those businesses’ own privacy policies.
  • Blockchain addresses, including account information from third party wallet providers, and the associated crypto holdings and transaction data.
  • Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Intel Marketplace. Our platform provides a web app interface for users to interact with the Arkham Intel Exchange, a decentralized smart contract system, to facilitate—between users—the exchange of information, potentially including personal data, about individuals who are not users of the Services (“non-users”). In these instances, we may not know how or from where the personal data was originally collected. Personal data collected about non-users may come from a variety of internet or other sources. This information could include: non-users’ personal identifiers and the details of non-users’ blockchain transactions, including current and historical point-in-time holdings; balance history and historical profit and loss; and transaction history.  The Foundation processes this personal data of non-users when it uses its proprietary technology to verify a user’s intelligence. The Foundation may contract the Company to provide services related to the Intel Exchange which may involve the Company processing Intel Exchange data.  ‍

Third party sources. We may combine personal data we receive from or about you with information we obtain from other sources, such as:

  • Public sources, including blockchains and social media companies.
  • Marketing partners, such as companies that have entered into joint marketing relationships with us.

Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Services, our communications, and other online services, such as:

  • Device data, such as device IP address (and derived location), device name, browser type and settings, telecommunications provider, operating system, the date and time of Services use, and interactions with the Services.
  • Online activity data, such as information about your use of and actions on the Services, including pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, frequency, and length of access. This information may be collected on our Services using cookies, browser web storage (also known as locally stored objects, or “LSOs”), web beacons, third-party software development kits (“SDKs”) and similar technologies described below.

Cookies and similar technologies. We may use the following technologies:

  • Session and third-party cookies, which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns.  Our website may include Mixpanel, Hubspot, Google Analytics, and other cookies.
  • Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
  • Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.

We also use pixels. These pixels may provide us and third parties with information regarding how users interact with video content, audiovisual content, or content of a like nature (collectively, “Video Content”). Video Content is provided for the purpose of enhancing the user experience on the Services. By continuing to use the Services and interacting with Video Content, you understand that your personal information, including your video viewing history, may be processed and disclosed according to this privacy policy.

Job Applicant Information. When you apply for employment with us, we may collect certain personal data from you for the purpose of evaluating your candidacy for a particular position. The information collected for these purposes may include:

  • Information you provide in connection with your application.
  • Information about you that is publicly available.
  • Health information, including disability information (if applicable).
  • Information that you authorize us to collect via third parties, including former employers or references.
  • Any other information provided in connection with your application.

We only use your personal data to assess your skills and experience in relation to the applicable job requirements. We may also use your personal data to contact you during the hiring process.

In certain circumstances, you may submit your application for employment through a third-party service that displays our job posting. We do not control the privacy practices of these third-party services. Please review their privacy policies carefully prior to submitting your application materials.

How Do We Use Personal Data?

We use personal data for the following purposes or as otherwise described at the time of collection:

Services delivery, including to:

  • Operate the Services and our business, including verifying research and reports using non-user information;
  • Maintain and improve the Services and the Services’ features;
  • Create and maintain your account;
  • Facilitate user connections on our Services;
  • Process your transactions;
  • Communicate with you about the Services, including regarding your transactions on the platform, and by sending you announcements, updates, security alerts, and support and administrative messages; and
  • Provide support for the Services, and respond to your requests, questions, and feedback.

Research and development. We may create and use anonymous, aggregated, or de-identified information for our business purposes, including to analyze the effectiveness of our Services, to improve and add features to our Services, and to analyze the general behavior and characteristics of users of our Services. We may use this anonymous, aggregated, or de-identified data and share it with third parties for our lawful business purposes.

Support and maintenance. We use third party analytics services to automatically log certain information about your device and how you interact with the Services. The information collected is used to troubleshoot and prevent errors, perform data analysis, and enhance the Services, and develop new features.

Compliance and protection. We may use personal data to:

  • Protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims);
  • Enforce the Terms of Service that govern the Services;
  • Audit our internal processes for compliance with legal and contractual requirements and internal policies;
  • Prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft; and
  • Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

Direct marketing. We may send you marketing communications via text message and/or email as permitted by law. You will have the ability to opt-out of our marketing and promotional communications as described in the “Opt-out of marketing communications and other push notifications” section below.    

Interest-based advertising. We may engage advertising partners, including third party advertising companies and social media companies, to advertise our and our customers’ and partners’ Services. We and our advertising partners may use cookies and similar technologies to collect information about your interaction (including the data described in the “Cookies and similar technologies” section above) over time across the web, our communications, and other online services, and use that information to serve online ads. You can learn more about your choices for limiting interest-based advertising in the “Online tracking opt-out” section below.

How Do We Share Personal Data?

We may share personal data with:

Service providers. Companies and individuals that provide services on our behalf or help us operate the Services or our business (such as hosting, analytics, customer support, email and SMS delivery and email verification and deliverability services, payment services, and identity verification services).

Professional advisors. Professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties as we believe necessary to: (a) protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims); (b) enforce the Terms and Conditions and Terms of Service that govern the Services; and (c) protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity.

Business transferees. Acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale, or other disposition of all or any portion of the business or assets of, or equity interests in, Arkham or our affiliates (including, in connection with a bankruptcy or similar proceedings).

Third-party platforms and social media networks. If you have enabled features or functionality that connect the Services to a third-party platform or social media network (such as by logging into Arkham using your account with a third-party, providing your API key or similar access token for the Services to a third-party, or otherwise linking your account with the Services to a third-party’s services), we may disclose the personal data that you authorized us to share. We do not control the third-party platforms’ use of your personal data, which is governed by that third party’s privacy policy and terms and conditions.

We may facilitate the exchange of personal information about non-users by our users via the Arkham Intel Exchange on the platform, such as between bounty posters and bounty hunters, or between intel merchants and intel collectors.

Public Posting Areas and Community Chat Features

Please note that any personal data you include in the community chat feature on the platform or within the free text field, or elsewhere in the Services, is available to anyone with access to the platform or Services. If you don't want people to know your email address, for example, don't include it in a community chat message or in any free text fields. PLEASE BE EXTREMELY CAREFUL WHEN DISCLOSING ANY PERSONAL DATA IN THE PLATFORM'S COMMUNITY CHAT FEATURE OR FREE TEXT FIELDS, OR ELSEWHERE IN THE SERVICES. WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF THE PERSONAL DATA THAT YOU DISCLOSE IN THE PLATFORM’S COMMUNITY CHAT FEATURE OR THE FREE TEXT FIELDS, OR ELSEWHERE IN THE SERVICES.

Third-Party Links

The Services may contain links to social media websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions. We encourage you to review their privacy policies to understand how they handle personal data.

Children’s Personal Data

The Services are not intended for use by children under 16 years of age. If we learn that we have collected personal data through the Services from a child under 16 without the verifiable consent of the child’s parent or guardian as required by law, we will delete it.

Security and Data Retention

We employ a number of reasonable technical, organizational, and physical safeguards designed to protect the personal data we collect. However, no security measures are failsafe, and we cannot guarantee the security of your personal data due to the inherent risks of data transmission over the Internet. Consequently, we cannot ensure or warrant the security of any information you transmit to us, and you understand that any information that you transfer to us is done at your own risk. If we learn of a security system breach, we may attempt to notify you so that you can take appropriate protective steps. By using the Services or providing personal data to us, you agree that we can communicate with you, including electronically, regarding security, privacy and administrative issues relating to your use of the Services. We may post a notice on the Services if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

We will retain your personal data for as long as needed to fulfill the purpose for which it is collected and to comply with our legal obligations, resolve disputes, and enforce our agreements.

International Data Transfers

We are headquartered in the United States with employees, affiliates, and services providers that operate in other countries. If you choose to provide us with personal data, we may transfer that personal data to our affiliates and subsidiaries or to other third parties, in accordance with local law. We may also transfer your personal data across borders, from your country or jurisdiction to other countries or jurisdictions, including the United States, which may not provide the same level of protection for your personal data as your home country.  By using the Service, you agree to this data transfer.

Your Privacy Choices

Update or delete. You can contact us to ask us to update or correct your personal data. You may also delete your account or your contacts’ phone numbers from our active systems. Please note that we will need to verify that you have the authority to delete the account and certain activity generated prior to deletion may remain stored by us and may be shared with third parties as detailed in this Privacy Policy.

Disconnect social media companies. When you connect your social media accounts to Arkham, we notify those platforms. You may disconnect your social media accounts directly on the Services at any time.

Opt-out of marketing communications and other push notifications. You may opt out of marketing-related communications by following the opt out or unsubscribe instructions contained in the marketing communication we send you. You may opt out of other notifications we may send you via push notification by changing the settings on your mobile device.

Online tracking opt-out. There are a number of ways to limit online tracking, which we have summarized below:

  • Opt-Out of Interest-Based Advertising. We recognize the Global Privacy Control in a frictionless manner. You can also opt-out of interest-based advertising by participating companies using the following links:
  • Blocking cookies in your browser. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.
  • Using privacy plug-ins or browsers. You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, Ghostery, or uBlock Origin, and configuring them to block third party cookies/trackers. You can also opt out of Google Analytics by downloading and installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout.
    • Platform opt-outs. The following advertising partner offers opt-out features that let you opt-out of use of your information for interest-based advertising:  Google: adssettings.google.com

Note that because these opt out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to "Do Not Track" or similar signals. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.

California “Shine the Light” Law. If a company shares personal data of California residents with third parties for their marketing purposes (e.g., to send offers and information that may be of interest to you), California law requires either providing a mechanism by which consumers can obtain more information about such sharing over the prior calendar year or providing a mechanism by which consumers can opt out of such sharing. We do not share your personal data with third parties for their direct marketing purposes.

Nevada Disclosure. Residents of Nevada have the right to opt out of the sale of certain personal data to third parties. We currently do not sell your personal data as defined by Nevada law.

Jurisdiction-Specific Disclosures

PRIVACY RIGHTS FOR THE EUROPEAN ECONOMIC AREA, THE UNITED KINGDOM, AND SWITZERLAND

We process personal data as that term is defined in the European Union’s General Data Protection Regulation (“GDPR”) and the equivalent UK law. If you are located in the EEA, U.K., or Switzerland, you have the following rights:

  • You have the right to access information about the categories of personal data we have collected about you. You may also request a copy of the personal data we have collected, and upon request, we will provide this data to you in electronic form or transfer it to a third party.
  • You have the right to correct your personal data if inaccurate.
  • You have the right to request erasure of your personal data when such data is no longer necessary for the purposes for which it was collected, when you withdraw consent and no other legal basis for processing exists, or when you believe that your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing.
  • You have the right to restrict our processing of personal data if there is a dispute about the accuracy of the data; if the processing is unlawful; if the processing is no longer necessary for the purposes for which it was collected but is needed by you for the establishment, exercise or defense of legal claims; or if your request to object to processing is pending evaluation.
  • You have the right to object to processing of your personal data based on our legitimate interests or for direct marketing (including profiling). We will no longer process the data unless there are compelling legitimate grounds for our processing that override your interests, rights, and freedoms, or for the purpose of asserting, exercising, or defending legal claims.
  • You have the right to obtain information about, and a copy of, the safeguards we use to transfer personal data across borders.

In processing personal data, we may rely upon the following lawful bases:

  • Consent. We may process personal data with the consent of the individual whose data is being processed and/or in reliance upon the consent of the administrator of the account, who must affirm that s/he has obtained appropriate consent from all participants.
  • Contract.  When we enter a contract with you and/or an administrator for your account, we process personal data on the basis of our contract in order to prepare and enter into the contract, as well as to perform and manage our contract. This is necessary for us to provide the Services to you.
  • Vital interests. In a case where the personal data is required to protect your vital interests or the vital interests of another natural person, then this may be used as the lawful basis of the processing. For example, we may need to process personal data in the event of a pandemic.
  • As required by law. We may process personal data as required to comply with legal obligations to which we are subject for the for the purpose of compliance with EEA, UK, or Swiss public, governmental, judicial, or other regulatory authorities.
  • For legitimate business purposes. We may process personal data of non-users included in research and reports that are the subject of an auction or other transaction posted on the platform. This also includes, but is not limited to, legal compliance and the purposes described above.

Users who are located in the European Economic Area (“EEA”), the European Union, the U.K., or Switzerland have the right to lodge a complaint about our data collection and processing actions with the relevant supervisory authority in their country of residence. Contact details for data protection authorities are available here: https://edpb.europa.eu/about-edpb/about-edpb/members_en. If you would like to exercise any of these rights, please contact us at the information provided below.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the website.

Contact Us

You can reach us by email at [email protected] or at the following address:

750 N Saint Paul St Ste 250 PMB 54019, Dallas, Texas 75201-3206.