PRIVACY POLICIES - BETO.GROUP

**Effective Date:** July 9, 2025 **Last Updated:** June 9, 2025 Welcome to BETO.GROUP! This Privacy Policy ("Policy") explains how BETO.GROUP ("we," "us," or "our") collects, uses, shares, discloses, and protects your personal data when you access or use the BETO.GROUP website (the "Website"), our software (including any downloadable Obsidian vault and its Releases), our Digital Collectibles (NFTs), and any related content, materials, or services (collectively, the “Platform”). We are committed to safeguarding your privacy and handling your personal data in an open, transparent, and lawful manner. Please read this Policy carefully to understand our data practices. By accessing or using the Platform, or by otherwise providing us with your personal data, you acknowledge that you have read and understood this Policy. This Policy is incorporated by reference into our Terms of Service. For definitions of capitalized terms not defined herein, please refer to the Terms of Service. ## **1. Information We Collect** We collect personal data to provide and improve our Platform, communicate with you effectively, ensure a secure experience, and fulfill our legal obligations. We are committed to the principle of data minimization and only collect personal data that is adequate, relevant, and limited to what is necessary for the specified purposes. The types of personal data we may collect include: **a. Information You Provide Directly to Us:** * **Email Address:** When you sign up for an account (if applicable), subscribe to our communications (e.g., newsletters, updates), contact us with inquiries or for support, purchase a product, or interact with certain Platform features that require email verification, we collect your email address. * **Feedback, Communications, and Support Requests:** If you provide us with feedback, report an issue, or contact us via email, community channels (like Discord, subject to that platform's policies), or other means, we will collect your name (if provided), email address, and the content of your communications, including any attachments. * **Purchase Information:** If you make a purchase through our Platform (as detailed in Section 10 of our Terms of Service), we or our third-party payment processors may collect information necessary to complete the transaction, such as your name, billing address, and payment card details (though BETO.GROUP itself typically does not directly store full payment card numbers). **b. Information Collected Automatically When You Use the Platform:** * **NFT Token Identifiers and Wallet Addresses:** If you utilize features of the Platform that involve Non-Fungible Tokens (NFTs) or connect a blockchain wallet, we may collect public NFT identifiers (e.g., token ID, contract address) and your public wallet address. This information is used for account verification (if applicable), access control to specific resources or utilities, to display your ownership status on the Platform (if applicable), and to track your activities and entitlements within our Platform. We do not collect or store your private keys. * **Server Log and Device Information:** Our web servers automatically log standard access information when you visit or interact with our Platform. This includes your Internet Protocol (IP) address, browser type and version, operating system, device identifiers (if applicable), access times, pages viewed, and referring website addresses. * **Cookies and Similar Tracking Technologies:** (Please see Section 10: "Cookies and Tracking Technologies" for detailed information). Currently, we limit our use of cookies. If this changes, this Policy will be updated. **c. Information Related to Platform Use (Potential Future Analytics):** * **Usage Data:** We may in the future implement analytics tools to collect more detailed information about how you access and use specific features of the Platform. This could include information on features utilized, time spent on pages, interaction patterns, and clickstream data. Any such future collection for analytics will be primarily anonymized or aggregated to analyze trends and improve user experience. This Policy will be updated accordingly before such specific analytics collection begins, and appropriate consent mechanisms will be implemented if required by applicable law. **d. Information from Third-Party Services:** * We generally do not collect personal data about you from third parties. However, if you choose to connect your BETO.GROUP account (if applicable) with a third-party service (e.g., for single sign-on or data import, subject to availability of such features), or if you interact with us through third-party platforms (like social media or payment processors such as Crossmint for NFT delivery), we may receive certain information from that third party in accordance with your privacy settings on that service and their privacy policy. Any such collection will be subject to separate consent where required. ## **2. How We Use Your Information and Our Legal Basis for Processing** We use the personal data we collect for the purposes described below, relying on one or more legal bases for processing as required by applicable law: | Purpose of Use | Examples of Data Used | Legal Basis for Processing | | ----------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **To Provide, Operate, and Maintain our Platform** | Email, NFT Identifiers, Wallet Addresses, Server Logs | **Contractual Necessity** (to fulfill our Terms of Service with you); **Legitimate Interests** (to ensure the Platform functions correctly and securely). | | **To Manage Your Account and Provide Customer Support** | Email, Communication Content, Purchase Information | **Contractual Necessity**; **Legitimate Interests** (to respond to your inquiries and provide effective support). | | **To Communicate With You** (Important notices, updates, administrative messages, responses to inquiries) | Email, Communication Content | **Contractual Necessity** (for service-related messages); **Legitimate Interests** (to keep you informed and respond effectively); **Consent** (for optional marketing communications, see Section 13). | | **To Process Transactions and Deliver Purchased Products/Services** | Email, Purchase Information, Wallet Addresses (for NFT delivery) | **Contractual Necessity** (to fulfill your purchase orders). | | **To Verify NFT Ownership and Grant Access** (to associated utilities, features, or content) | NFT Identifiers, Wallet Addresses, Email | **Contractual Necessity** (if NFT utility is part of a purchased service/product); **Legitimate Interests** (to provide promised utility and manage access control). | | **To Improve and Personalize the Platform** (understanding usage trends, user preferences) | Aggregated/Anonymized Usage Data, Feedback | **Legitimate Interests** (to enhance user experience and develop new features); **Consent** (for specific types of personalization or non-essential analytics cookies, if implemented in the future). | | **To Ensure Security and Integrity of our Platform** (prevent fraud, enforce Terms, monitor for harmful activity) | Server Logs (IP addresses), Account Information, Usage Patterns | **Legitimate Interests** (to protect our Platform, users, and business); **Legal Obligation** (in some cases of fraud prevention or security incident response). | | **To Comply with Legal and Regulatory Obligations** | Transaction Data, Communication Records, User Information | **Legal Obligation** (e.g., tax laws, accounting requirements, responding to lawful requests from authorities). | | **To Protect Our Legal Rights** (establish, exercise, or defend legal claims) | Relevant data depending on the claim | **Legitimate Interests** (to protect our rights and interests). | | **For Any Other Purpose for Which You Provide Consent** | Data specific to the consent obtained | **Consent**. | ## **3. How We Share and Disclose Your Information** We respect your privacy and **do not sell your personal data to third parties.** We may share or disclose your personal data only in the following limited circumstances and with appropriate safeguards: - **With Your Explicit Consent:** We may share your information with third parties if you have given us your clear and informed consent to do so for a specific purpose. - **Service Providers:** We engage trusted third-party companies and individuals to perform services on our behalf or to assist us in analyzing how our Platform is used (e.g., website hosting, email delivery services, payment processors, data analytics providers, and potentially NFT minting/distribution facilitation platforms like Crossmint if you provide us with information, such as a whitelisted email or wallet address, intended for such processing). These service providers only have access to the personal data necessary to perform these tasks on our behalf and are contractually obligated to protect your data, keep it confidential, and use it only for the purposes for which it was disclosed to them and in accordance with this Policy. - **Legal Obligations, Safety, and Rights Protection:** We may disclose your personal data if we believe in good faith that such disclosure is necessary to: (a) Comply with a legal obligation, subpoena, court order, or other lawful government or regulatory request. (b) Protect and defend the rights, property, or safety of BETO.GROUP, our users, or the public. (c) Prevent, detect, or investigate possible wrongdoing, fraud, or security issues in connection with the Platform. (d) Enforce our Terms of Service or other agreements. - **Business Transfers:** In the event of a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your personal data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Platform of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data. - **Aggregated or Anonymized Data:** We may share aggregated or anonymized data, which cannot reasonably be used to identify you, with third parties for various purposes, including analytics, research, reporting, or improving our services. ## **4. Third-Party Services, Links, and Integrations** Our Platform may include embedded content (e.g., iframes), links to, or integrations with, third-party websites, platforms, and services (such as social media platforms, payment processors like Ko-fi or Stripe, NFT platforms like Crossmint, or community forums like Discord) that are not operated or controlled by BETO.GROUP. This Policy does not apply to the privacy practices of such third-party services. When you interact with these third parties or their services, they may collect your personal data under their own privacy policies. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We strongly advise you to review the privacy policy of every third-party service you visit or interact with. **Examples of third-party platforms we may link to or integrate with include (this list is not exhaustive and may change, and we encourage you to review their current policies directly):** - Discord - <a href="https://discord.com/privacy" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - YouTube - <a href="https://policies.google.com/privacy" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - GitHub - <a href="https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - Ko-fi - <a href="https://ko-fi.com/privacy" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - LinkedIn - <a href="https://www.linkedin.com/legal/privacy-policy" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - Instagram - <a href="https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - X (formerly Twitter) - <a href="https://x.com/en/privacy" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - TikTok - <a href="https://www.tiktok.com/legal/privacy-policy" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - Facebook - <a href="https://www.facebook.com/privacy/policy/" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - Odysee - <a href="https://odysee.com/$/privacypolicy" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - Telegram - <a href="https://telegram.org/privacy" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - Obsidian Forum - <a href="https://forum.obsidian.md/privacy" target="_blank" rel="noopener noreferrer">Privacy Policy</a> - **Crossmint (for NFT delivery/management, if applicable) - <a href="https://www.crossmint.com/privacy-policy" target="_blank" rel="noopener noreferrer">Privacy Policy</a>** - **(Other payment processors you may use, e.g., Stripe - <a href="https://stripe.com/privacy" target="_blank" rel="noopener noreferrer">Privacy Policy</a>; PayPal - <a href="https://www.paypal.com/us/legalhub/privacy-full" target="_blank" rel="noopener noreferrer">Privacy Policy</a>)** Other linked third-party sites or embedded services will also have their own privacy policies. It is your responsibility to review their privacy practices before providing them with your personal data or interacting with their services through our Platform. --- ## **5. Your Data Protection Rights** Depending on your location and applicable data protection laws (such as GDPR for EEA/UK residents or PIPEDA for Canadian residents), you may have certain rights regarding your personal data. These rights may include: - **The Right to Access:** You have the right to request copies of the personal data we hold about you. - **The Right to Rectification:** You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete. - **The Right to Erasure (or "Right to be Forgotten"):** You have the right to request that we erase your personal data, under certain conditions (e.g., if the data is no longer necessary for the purposes for which it was collected, or if you withdraw consent and there is no other legal ground for processing). - **The Right to Restrict Processing:** You have the right to request that we restrict the processing of your personal data, under certain conditions (e.g., if you contest the accuracy of the data, or the processing is unlawful). - **The Right to Object to Processing:** You have the right to object to our processing of your personal data based on our legitimate interests, under certain conditions. You also have the absolute right to object to the processing of your personal data for direct marketing purposes. - **The Right to Data Portability:** You have the right to request that we transfer the data that we have collected and that you provided to us to another organization, or directly to you, in a structured, commonly used, and machine-readable format, under certain conditions. - **The Right to Withdraw Consent:** If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time. Withdrawal will not affect the lawfulness of processing prior to withdrawal. - **The Right Not to Be Subject to Automated Decision-Making:** You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, under certain conditions. (Note: BETO.GROUP does not currently engage in such automated decision-making with significant legal effects). - **The Right to Lodge a Complaint:** If you are in the European Economic Area (EEA), the UK, or another jurisdiction with a relevant supervisory authority, you have the right to lodge a complaint with that data protection supervisory authority if you believe our processing of your personal data violates applicable data protection law. **Exercising Your Rights:** To exercise any of these rights, please contact us at [email protected]. We will respond to verifiable requests within thirty (30) days, or as otherwise required by applicable law. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. There is generally no fee to exercise these rights, but we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive, or we may refuse to comply with your request in these circumstances. Please note that some requests may be subject to legal limitations or exemptions (e.g., we may need to retain certain data for legal or accounting purposes even if you request deletion). ## **6. Data Security** We are committed to protecting the security of your personal data. We implement reasonable and appropriate technical, administrative, and organizational security measures designed to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures include, for example, access controls, secure storage practices with reputable cloud providers, encryption of data in transit (e.g., HTTPS where applicable), and internal policies on data handling. However, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. You acknowledge that you provide your personal data at your own risk to this extent. We encourage you to use strong passwords, keep your software updated, and be cautious about the information you share online. In the event of a data breach involving your personal data that poses a high risk to your rights and freedoms, we will take steps to notify you and relevant authorities as required by applicable law. ## **7. Data Retention** We will retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected and processed, as outlined in this Policy. The criteria used to determine our retention periods include: - The duration of your relationship with us and the provision of our Platform services to you. - Our legal and regulatory obligations (e.g., for tax, accounting, or financial record-keeping, which may require retention for several years). - The need to resolve disputes, enforce our legal agreements and policies, or protect our legitimate interests (e.g., retaining records to defend against potential legal claims). - Whether the purpose for which the data was collected has been achieved. When your personal data is no longer needed for these purposes, or upon your valid request for erasure (subject to legal exemptions), we will take reasonable steps to securely delete or anonymize it in accordance with applicable laws and our internal data retention policies. ## **8. International Data Transfers** BETO.GROUP is based in Alberta, Canada. Your information, including personal data, may be collected, transferred to, stored, and processed in Canada and potentially in other countries where our service providers operate, which may be outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside Canada and choose to provide information to us, please note that we transfer the data, including personal data, to Canada and process it there. Canada has been recognized by the European Commission (for the EEA) and the UK government as providing an adequate level of data protection for personal data transferred from these regions. For transfers of personal data to our service providers located in other countries that may not have an adequacy decision from your local authorities, we will take appropriate measures to ensure that your personal data receives an adequate level of protection in accordance with applicable data protection laws. These measures may include entering into Standard Contractual Clauses (SCCs) approved by relevant authorities (such as the European Commission or the UK Information Commissioner's Office), relying on the service provider's Binding Corporate Rules, or other legally recognized transfer mechanisms. Your consent to this Privacy Policy, followed by your submission of such information, represents your agreement to such transfers. ## **9. Children’s Privacy** **9.1. Platform Not Intended for Minors** Our Platform is strictly intended for use by individuals who are **eighteen (18) years of age or older, or the age of legal majority in their jurisdiction if such age is higher than 18** (the "Age of Majority"). We do not knowingly solicit, collect, use, or disclose personal data from individuals under the Age of Majority ("Minors"). **9.2. Age Affirmation and Data Collection** In accordance with our Terms of Service, we implement an **age affirmation gate** as a precondition to accessing our Platform and services. This requires users to declare that they have reached the Age of Majority. We rely on the truthfulness of this declaration. If we learn or have reason to suspect that we have inadvertently collected Personal Data from a Minor who has falsely represented their age, we will take immediate and commercially reasonable steps to delete that information from our active systems. **9.3. Notice to Parents and Guardians** We are committed to complying with applicable laws and regulations regarding the collection of data from minors, such as the Children's Online Privacy Protection Act (COPPA) in the United States and the General Data Protection Regulation (GDPR) in Europe. If you are a parent or legal guardian and you believe that your child has accessed our Platform in violation of our age policy and has provided us with Personal Data, please contact us immediately at **[[email protected]](https://www.google.com/url?sa=E&q=mailto%3Alegalis%40beto.group)**. In your message, please provide information that will help us to identify any associated data so that we may investigate and, where appropriate, delete it. **9.4. Data Deletion Process** Upon receiving a verifiable report of data collected from a Minor, we will promptly delete such Personal Data from our records, unless we have a separate legal obligation (such as for a security investigation or as required by law enforcement) to retain it. ## **10. Cookies and Tracking Technologies** **(a) Current Use:** Currently, the BETO.GROUP Website primarily uses only "strictly necessary" cookies, which are essential for the basic operation and security of the Website (e.g., session management if you log in, though this is not a current primary feature; security cookies to protect against cross-site request forgery). These cookies do not require your consent under most data protection laws as they are fundamental to providing the service you request. We do not currently use cookies for user tracking across different websites, targeted advertising, or non-essential analytics that involve personal data profiling. **(b) Future Use & Consent:** If we decide to use other types of cookies or similar tracking technologies (e.g., web beacons, pixels, local storage objects) in the future for purposes such as performance analytics (to understand how our Platform is used), personalization (to remember your preferences), or marketing, this Policy will be updated. For any such cookies that are not strictly necessary, we will: (i) Provide detailed information about the types of cookies used and their specific purposes. (ii) Obtain your prior consent before placing such cookies on your device, typically through a cookie consent banner or management tool. (iii) Provide you with clear information on how you can manage your cookie preferences and withdraw your consent at any time (e.g., through browser settings or a dedicated cookie settings tool on our Platform). **(c) Third-Party Cookies:** Some third-party services embedded in or linked from our Platform (as described in Section 4) may use their own cookies or tracking technologies. These are governed by the privacy policies of those third parties, and we encourage you to review them. ## **11. "Do Not Track" Signals** Some web browsers may transmit "Do Not Track" (DNT) signals to websites. Currently, there is no universally accepted standard for how websites should interpret DNT signals. Therefore, like many websites, our Platform does not currently respond to DNT signals. We will continue to monitor developments in DNT technology and may adapt our practices in the future. ## **12. Automated Decision-Making and Profiling** BETO.GROUP does not currently use your personal data for automated decision-making processes (i.e., decisions made solely by automated means without any human involvement) or profiling that would produce legal effects concerning you or similarly significantly affect you. If we were to implement such technologies in the future, we would update this Policy and ensure compliance with applicable laws, including providing you with information about the logic involved and your right to object or seek human intervention. ## **13. Marketing Communications (Future)** We may in the future wish to send you marketing communications (e.g., newsletters, information about new products or features, special offers) via email or other channels, but only if you have explicitly consented to receive such communications (opt-in). - **Opt-In:** You will be provided with a clear choice to opt-in to marketing communications at the point where we collect your email address for such purposes. - **Opt-Out:** If you do opt-in, you will have the right to opt-out of receiving future marketing communications at any time. You can do this by: - Clicking the "unsubscribe" link typically found at the bottom of our marketing emails. - Contacting us directly at [email protected] with your request to unsubscribe. - **Service Communications:** Please note that even if you opt out of marketing communications, we may still send you essential service-related (transactional or administrative) communications regarding your account, purchases, important updates to our Platform, or changes to our Terms or this Policy, as these are necessary for the provision of our services. ## **14. Changes to This Privacy Policy** We may update this Privacy Policy from time to time to reflect changes in our data practices, technology, legal or regulatory requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and prominently updating the "Last Updated" date at the top. For significant changes, we may also provide more direct notice, such as through the Platform interface or via email to the address associated with your account (if any). You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of the Platform after the effective date of the revised Policy constitutes your acknowledgment and acceptance of the changes. ## **15. Contact Us** If you have any questions, concerns, or comments about this Privacy Policy or our data practices, if you wish to exercise your data protection rights, or if you need to report a privacy-related issue, please contact us exclusively via: Email: [email protected] We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy.