This privacy policy (the "Policy") describes how OLYSEUM SA ("Olyseum", "we", "our" or "us") collects, uses, stores and otherwise processes the personal information of users of our Olyverse website (the "Platform"), our social networks and our Telegram group. This Policy applies to the sites, applications, products and services (collectively, "Service(s)") in which it is published, linked or refers to it.

The terms "Users", “User” or “You” refer to any natural or legal person who makes use of the Services as fans, stars, members of the community, advertisers or any other type of users of the Services.

Olyseum shall process User’s personal data in accordance with the Swiss Federal Act on Data Protection (“FADP”) and the General Data Protection Regulation of the European Union (“GDPR”).

If at any time, the User have questions or concerns about their privacy practices, they are invited to contact our Data Protection Officer (DPO) at

This Policy does not apply to information that is not directly related to the Services (for example, job applications), or to information collected through third-party websites, applications or services that the User may access through the Services or to which you may be redirected through the Platform. For example, we use Web3Auth to carry out cryptocurrency transactions. User’s interactions with Web3Auth are governed by the Web3Auth Products Privacy Policy, which is solely responsible for the company that designs them (Torus Labs Private Ltd).

At a Glance

  • Our goal is to limit the information we collect to what we need to support your use of our Services, including the Olyverse Platform.
  • We are committed to using your personal information only for the purposes for which it has been informed.
  • We do not sell or license your personal information and when we share it, it is only to enable operations and services on our behalf (for instance, sharing with the vendor of the cloud environment where the Platform reside), meet legal obligations, or protect the safety, the property or the rights of Olyseum, the Olyverse’s users, and its guests.
  • We have data processor contracts in place with all service providers who process personal data on our behalf.
  • The data you share within Olyverse will not be used to train the AI models that Olyseum makes available through this Platform. Olyseum uses STARs to offer you a customized avatar, and the OpenAI API to offer you a virtual assistant, simultaneous translation and an omnichannel chatbot, and. For these last purposes, we generate draft text using OpenAI's large-scale language generation models and fine-tune our responses to your queries to make them safer and more useful. We do not  submit end-user IDs to OpenAI in your queries, and by using these interactive features, you assume the risk that personal information provided by you may be shared with artificial intelligence providers for their own purposes. Users may always report incorrect functionality or other concerns about the behaviour of our Platform by sending an email to
  • The use of personal information we collect is adequately safeguarded.
  • This is a new service. There will be on-going updates to it and this privacy notice will be updated to reflect any changes to our use or collection of your data.
  • If you have any questions or concerns about your privacy, you can contact us at

1. Controller identity and contact details


Olyseum S.A.

Place Longemalle 1,1204 Geneva, SWITZERLAND



Representative in the European Union:

Miguel Angel Lopez Fernandez



Data Protection Officer (DPO):

Win2win S.L.

Avinguda Santa Coloma 7, AD500 Andorra la Vella, Andorra



Kindly note that an appointment is mandatory prior to any visit.

2. What personal data we process

Olyseum collects identity information about Users in a range of ways that depends on the registration method chosen by the User. Users registering through social login methods such as Facebook, Apple or Google will need to connect to Olyseum through those services and therefore their account email, name and picture may be imported into the Platform for the purposes of identification and authentication. Alternatively, Users registering with email, password, and nickname will be required to login to the Platform with that particular email and password for authentication, and will be allowed to provide a Reference Code (if available) to use in accordance with the terms and conditions of the Platform. The Platform uses email as the identifier of the User's account. Users can enter it through any access method with the same email, but not from one whose email differs from the one used to identify your account.

Personal data the User directly give us, which may include:

  • Identity information, such as the profile picture, avatar image, nickname, email and password of the User’s profile, the wallet address (public key) User has connected to their  Platform account, the UserID of their  Telegram account, or the email address they  use to contact us or to receive our newsletters;
  • Personal characteristics, such as the User's date of birth and gender (only if the User chooses to provide us with this optional information through their profile so that we can better communicate with them).
  • Social circumstances, such as how familiar the User is with blockchain technology (again, only if the User chooses to provide this optional information through their profile to allow us to tailor our communication to the level of knowledge selected by them at any time), the code that a friendly user gave to the User at the time of their affiliation to mutually benefit 
  • Feedback and correspondence, such as the information the User provide when they report a problem with Service, receive customer support, tell us about the helpfulness of an article or submit us a request, or otherwise correspond with us;
  • Transaction information, such as details about purchases you made through the Platform, OLYs and non-fungible tokens (NFT) involving a User, which include, among others, the      option they vote, the NFT (type ERC-721) and the wallet addresses involved in the transaction;
  • Usage information, such as information about how the User uses the Service and interact with us (including User’s activities in our metaverse); and
  • Additional information the User provides to us to comply with anti-money laundering (AML) laws and know-your-customer (KYC) requirements (such as nationality and place of birth).

Information we collect from you automatically, which consist basically in your Internet protocol (IP) address, device user information (e.g., telemetry*) and cookie identifiers.

Our uses of the automatic collection technologies fall into the following general categories:

  • Operationally necessary, which includes technologies that allow you access to our Services that are required to identify irregular behaviour, prevent fraudulent activity and improve security or that allow you to make use of our Services;
  • Performance related, which includes technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how the Users use the Services;
  • Functionality related, which includes technologies that allow us to offer you enhanced functionality when accessing or using our Services. This may include identifying you when you sign into our Services and keeping track of your specified preferences or past pages viewed; and
  • Advertising or targeting related, only if you consent the use of advertising cookies.

* Telemetry describes your device and how you use it, and may include its configuration, and how it is performing, as well as information about your network connection. We do not collect personal information describing your precise location using a GPS or other sensor on your device.

Information we generate in relation to our Platform, such as the number of OLY the User has in the account they logged into the Platform with.

Information we collect from others (third party sources) such as the identity information (user identifier in social network, name, e-mail and profile picture) we collect from the identity provider when the User registers or initiates a session in the Platform. We use following identity (or “sign in”) providers:

  • Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as “Google”).
  • Apple Distribution International Ltd. Hollyhill Industrial Estate Hollyhill, Cork Republic of Ireland (hereinafter referred to as “Apple”), whose Data Protection Officer the User  can contact at
  • Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (hereinafter referred to as “Facebook”), whose Data Protection Officer the User  can contact at


  • Torus Labs Private Limited, 38 Lor Stangee, Singapore 425021, which provides us with the User’s Ethereum address and nickname of User’s wallet (the wallet public encryption key). The Platform will ask the User to sign in his Web3Auth wallet to complete its integration in the Platform.
  • Our Payments Service Provider provides us with the last four digits of User’s credit card and a number that identifies the payment operation for future referral.

Information we collect automatically:

  • From cookies, local and session storage and similar technologies (we refer to this information as “cookies data“) we collect information such as a User’s Internet Protocol (IP) address, device and browser type, operating system, the pages or features of our website to which a User browsed and the time spent on those pages or features, the frequency with which the website is used by the User, search terms, the referrer web page and the code Olyseum gave the referrer in each particular marketing campaign, or the User’s friend who recommends Olyverse to them and other statistics. We use this information, and may engage third parties, to analyse trends and improve and enhance the Service by expanding its features and functionality and tailoring it to our Users’ needs and preferences. Users can control the use of cookies and local storage at the individual browser level. For more information, please see our Cookies Policy.
  • Olyseum may also collect personal data from Users’ activities that are publicly visible and/or accessible on blockchains. This may include blockchain addresses and information regarding purchases, sales, or transfers of OLY Tokens or NFTs, which may then be associated with other data Users have provided us.
  • We may also automatically collect Users’ IP address in order to charge value-added taxes and other duties during NFT payments.
  • We may also use Google Analytics to help us offer the User an optimized user experience.  You can find more information about Google Analytics’ use of User’s personal data here:

Information we will never collect. We will never ask a User to share their private keys or wallet seed. Never trust anyone or any site that asks a User to enter their private keys or wallet seed.

3. How we use personal data and what is our legal bases

3.1 To sign in in the Platform

We collect the personal data that the User provides us through the registration form in order to create an account for the User with their email, and nickname and to enforce our agreements. Said email will allow the User to log in to the Platform – the first time, by selecting Forgot Password – and use our Services. 

Alternatively, the Platform uses social logins from various identity providers, such as Meta, Google and Apple in order to let the User to complete the registration and login without needing a separate email and password (see section “Information we collect from others” in chapter 2). It means the User can set up an account in Olyseum identifying themself with the email they already have registered in the identity provider. Then, there is no need to fill out forms or choose another new password.

We process personal data to create User’s account on the basis of the consent the User explicitly gives us by sending us the registration form, or gives the sign in provider to transfer us your login information. The User is not required to provide Olyseum with the personal data we request during the sign-in process, but if they choose not to do so, Olyseum will not be able to create their account into the Platform and provide them with the Services.

We process personal data to log the User in the Platform on the legal basis of the contract governed by the terms and conditions the User accepts during the registration process.

Users can always change the data they provide us during registration by editing their profile on the Platform. Additionally, editing the profile allows the User to provide us with optional information, such as date of birth, gender, country, and how familiar they are with blockchain technology.

We will process this information, if provided, to improve the quality and intelligibility of our future communication with the User.

3.2 To connect the User's account with the User's wallet

Once the User registers, they can connect their account with their Brave or MetaMask wallet (or create a wallet on the Platform associated with their email).

We process the personal data that the User provides us when they decide to connect their User’s account with a wallet based on the consent that the User explicitly gives us upon successful completion of the connection process. The User is not required to provide Olyseum with the personal data that we request during the connection process, but if they choose not to do so, Olyseum will not be able to connect their wallet to the Platform and provide them with the related Services.

3.3 To provide you our Services

We will use User’s personal information in the following ways:

  • To authenticate and verify their individual identities before enabling them to access and use the Services.
  • To provide and deliver products and services that User may request, including facilitating cryptocurrency transactions through User’s wallet.
  • To connect a wallet to your User’s account.
  • To buy and mint NFTs with User’s credit card, OLYs or ETHs.
  • To provide User with the NFTs or OLYs they bought.
  • To process and complete acquisitions and transactions (through a secure third-party - payment processor), including those involving credit cards, ETHs or OLY tokens, and send them related information, including purchase confirmations.
  • To send information, including confirmations, technical notices, updates, security alerts, and support and administrative messages.
  • To collect face blendshape information and synchronize the collected information with User’s avatar (to create personalized users’ avatars from their images**) .
  • To provide access to certain areas, functionalities, and features of the Services.
  • To allow you to register for events.
  • To provide you a virtual assistant.
  • To provide you with an omnichannel chatbot.
  • To provide you with simultaneous translation.
  • To let User invites friends or finds other Users.

Unless otherwise stated herein in relation to the legal basis for the processing of personal data, our processing of the User’s personal information is necessary to perform the contract governing our provision of the Services or to take steps they request before signing up for the Service.

Finally, we may use personal information and other information about you related to our Services to create de-identified and/or aggregated information, such as de-identified demographic information, de-identified location information, de-identified or aggregated trends, reports, or statistics, or other analyses we create, and we may use and disclose such information, which will be not personal information, in a number of ways, including marketing and research, internal analysis, analytics, and any other legally permissible purposes.

**Your avatar image and nickname are not required to identify you, and the fact that you provide us with personally identifiable data is, in fact, your express consent to its use in the context of the Platform.

3.4 To comply with law

We use personal information as we believe necessary or appropriate to comply with applicable laws (including value-added taxes duties, anti-money-laundering laws and know-your-customer requirements), lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

The legal base of this processing is our legal obligation.

3.5 To execute our agreements or contracts, and to keep their records

Olyseum collects the data you provide directly, or those provided by third parties on your behalf (identification, contact, employment and, often, financial data), during the signing of agreements or contracts in which Olyseum and you (or the entity that represents you) are parties, in order to formalize them, manage them, execute, keep you informed about everything that may be of interest to you (or the entity that represents you) in relation to the object of our agreement or contract, resolve disputes, and to protect the rights, property, or safety of you, Olyseum and our business partners.

The processing of your data for the purpose of keeping you informed in relation to the object of our agreement or contract is based in our legitimate interest in sending commercial communications to our customers as long as they do not object to receiving them.

Likewise, the processing of your data to resolve disputes, and to protect the rights, property, or safety of you, Olyseum and our business partners is legitimated as it is necessary to fulfill the legitimate interest in defending or making complaints.

Finally, the processing of your data for the rest of the purposes is legitimate, in these cases, as it is necessary to execute the terms and conditions of the corresponding agreement or contract, to establish pre-contractual conditions when you so request, or to comply with applicable laws.

3.6 To communicate with our Users

We use personal information to send the User the invoice for NFTs they  purchased and other transactional data, to provide the User with information about their login activity on the Platform and other functional purposes (for example, to complete a password change request), to provide the User with information about the current values of the aggregated vote of each of the options that will determine the evolution of an episode, and to communicate to the Users our promotions, contests or raffles, upcoming events, send them our newsletters and keep them informed about our stars, the episodes or the Services.

The legal base of this processing is our legitimate interest. We make sure we consider and balance any potential impacts on User (both positive and negative) with User’s rights before processing personal information for our legitimate interests. We do not use User’s personal information for activities where our interests are overridden by any adverse impact on the User  (unless we have their consent or are otherwise required or permitted to by law).

The User may alwayss oppose our legitimate interest by exercising their right as explained below, or by clicking on the link that will always be in the messages other than the merely technical or administrative ones that are necessary to maintain the relationship between the User and Olyseum.

3.7 To send our newsletters to non-registered data subjects

We process the User’s email address with their consent, expressed at the time they voluntarily subscribe to our newsletters, to provide them with information of interest, news and promotions related to the Platform and our Services.

User has the right to withdraw their consent at any time by contacting us at or by clicking on the link provided at the bottom of each newsletter to that effect.

3.8 For customer support and bug removal

We use personal data to track and respond to data subject requests and inquiries, and to manage data subject claims or complaints, and the bug or vulnerability reports that could be submitted to us, as well as to include the submitter, where appropriate, in our bounty program.

We may also use data subject email address to provide general customer service.

We process User’s inquiries, complaints and bug reports with their consent, expressed at the time they voluntarily contact us, which they have the right to withdraw at any time in the manner indicated by our Service Desk or by contacting us at Additionally, where appropriate, we process their personal data to execute our bounty program agreement.

We keep the data necessary to manage possible data subject claims, or ours, based on our legitimate interest in defending ourselves to safeguard our rights.

3.9 To optimize Olyverse services and develop new ones

We may use personal information to operate, maintain and improve the Platform and our Services, always with the aim of optimizing user experience. To achieve this, among other data sources we use the information provided by “cookies” and other type of storage objects accepted by the data subject web browser as detailed in our cookies policy.

The legal basis for its processing is our legitimate interest after considering your rights and the balance of interests between them and us.

We inform you that the European Data Protection Committee has already establish that the best legal basis for the use of analytical cookies would be legitimate interest if it were not for Directive 2002/58/EC which requires obtaining the prior consent. This directive does not apply to us, and Swiss telecommunications law permits the use of cookies based on Ol’seum's legitimate interests. 

3.10 For fraud prevention and safety

We may use personal information to protect, investigate and deter against fraudulent, unauthorized or illegal activities, and the legal base of this processing is our legitimate interest.

3.11 For giving media coverage to events and awards ceremonies

If User participates in person or virtually in our events or we give them a prize, the independent press and our own professionals may record their image, and on previously agreed occasions, their voice, in the context of the (digital) event.

The legal basis for this processing is our legitimate interest in media coverage of events we organize or sponsor in order to use the recordings in our promotional materials, including our website and social media accounts.

Users are not required to appear on the recordings. If they wish, they have the right to oppose our legitimate interest and ask us to remove the material in which they are identified. In order to evaluate their opposition against our legitimate interest, and, if necessary, immediately remove the images that identify them, we will ask them to indicate where they have seen them.

3.12 To extract aggregate statistics in surveys

We use the data that data subject provides us when they agree to participate in a survey, for example, a satisfaction survey, for the purpose or purposes indicated in the survey itself (for exemple, measuring interest and engagement in the Services, or ensuring perceived quality control and safety).

The basis that legitimizes us to process this personal data is the participant’s consent to answer the survey.

3.13 To improve the interest of the advertising you receive (marketing cookies)

If you authorize us, we will use third-party marketing cookies, pixel tags, local storage, or other similar technologies. These advertising partners may use the information they collect regarding your activities in the Platform and your device (e.g., your IP address, cookie identifiers, page(s) visited, location, time of day), and similar information collected from other websites, for purposes of delivering targeted advertisements to you when you visit third party services within their networks. This practice is commonly referred to as “interest-based advertising” or “personalized advertising”.

We will not download or use these cookies unless we have your consent, and withdrawing it will have no effect other than that your visit to our website couldnot be used to enhance those third parties' knowledge of your interests, for personalized advertising purposes.

You can obtain more information about these cookies in our cookie policy.

3.14 To be able to use Google services

Additionally, as an obligation that Google LLC imposes on the entities that, like us, use the Google Analytics services and may use others to collect anonymized or aggregate information regarding user behaviour and user demographics on the Services, we inform the User that these services are operated by Google Inc., domiciled at 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, and that Google Inc. is a beneficiary party of them.

The information generated by the cookies about the User’s use of this website and their advertising preferences is generally transmitted to a Google server in the USA and stored there. If the User  wants more information, they can consult the page that describes how Google uses the information on our website and/or Google’s privacy policy regarding the aforementioned services.

We inform Users that we have activated the IP anonymization function to our website, in order to add additional safeguards in the standard contractual clauses that protect this international data transfer to the USA. With this, Google will shorten User’s IP address before transmitting it to the USA (identity obfuscation process). Only in exceptional cases is the full IP address sent to a Google server in the USA and abbreviated there. Google guarantees that the IP address transmitted by User’s browser to Google Analytics will not be processed together with any other data held by Google.

User can review the categories of personal data processed by these services at

3.15 To notify Users of security breaches

At Olyseum we assume security measures appropriate to the level of risk to protect personal information against loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information; however, if we determine that personal data has been misappropriated (including by an employee or former employee of Olyseum), exposed by a security breach, or improperly acquired by a third party, exposing data subjects to high risk, we will inform those data subjects immediately about this security breach, misappropriation or acquisition, and about the measures we have taken and those that are recommended to the data subject so that the breach does not affect them.

The basis that legitimizes this treatment is the legal obligation set forth in article 24 of the FADP and 34 of the GDPR, and our legitimate interest in preventing this security breach from harming data subjects.

3.16 For new compatible purposes

Finally, we may use User’s personal information for reasons not described in this Policy, where we are permitted by law to do so and where the reason is compatible with the purpose for which we originally collected it. If we need to use their personal information for an unrelated purpose, we will notify them and explain the applicable legal basis for that use. If we need to use their personal information for an unrelated purpose, we will notify them and explain the applicable legal basis for that use.

4. With whom we share User’s personal data

Your Profile is publicly visible and searchable within the Platform.

Aside this and what is described below, we do not share the personal information that Users provide us with third parties without their express consent. We disclose personal information to third parties under the following circumstances: 

  • We may share information with those who need it to do work for us (our service providers). These recipients may include third party companies and individuals to administer and provide the Service on our behalf (such as customer support, hosting, email delivery and database management services).
  • We use third party APIs and software development kits to share information with business partners (IA providers, wallet providers and payment service providers, for example)that is strictly necessary to execute the terms and conditions of the Services we provide Users at their request, as long as Users do so on their behalf. For more information about our use of APIs and SDKs, please contact us as set forth below. Please be aware that Olyseum has little or no control over how other Users or business partners may use what you share with them while using the Services.
  • We may share personal information to comply with legal, regulatory, protection, and safety purposes, as well as to respond to lawful requests of authorities, regulators, self-regulatory authorities or courts and legal processes.
  • We may share information when Users request it, based on their consent, such as when they share their vote on social networks.
  • We may share information to protect the rights and property of Olyseum, our agents, customers, and others. This includes enforcing our agreements, policies, and terms of use.
  • We may share personal information when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding.
  • We may share information in an emergency. This includes protecting the safety of our employees and agents, our customers, or any person.
  • If you give us your consent, we may allow third party advertising partners to set cookies and other tracking tools to collect personal information regarding your activities in our website and your device.
  • Finally, if we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your personal information may be transferred as part of such a transaction as permitted by law and/or contract.

5. Transfer of data abroad

Users are informed that in order to provide the Service personal data may have to be transferred outside of Switzerland, to member estates’ of the European Economic Area and countries that have been granted an adequacy decision according to the Federal Data Protection and Information Commissioner (FDPIC) and the European Commission. In the event that User’s personal information needs to be transferred to a country that does not benefit of such adequacy decision, Olyseum undertakes to base the transfer on a data transfer mechanism recognized by the FDPIC and the European Commission as providing adequate protection for the User’s personal information, or to inform them and obtain their prior written consent regarding such processing. User may contact us if they want further information on the specific mechanism used by us when transferring their personal information to such third-party countries.

6. Data conservation

Olyseum shall only store Users’ personal data for as long as Users use the Platform and as long as their personal data are necessary for Olyseum to comply with its contractual and legal obligations (in particular the tax regulations and the Swiss code of obligations).

We retain information we collect as long as it is necessary and relevant to fulfil the purposes outlined in this privacy policy. In addition, we retain personal information to comply with applicable law where required, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigation, enforce our terms and conditions of use, and other actions permitted by law. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of Users personal information, the purposes for which we process this personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. For detailed information, please, contact our Data Protection Officer at

In some circumstances we may anonymize Users personal information (so that it can no longer be associated with any data subject), in which case we may use this anonymized information indefinitely.

7. Rights and Requests of Users

Under the GDPR and the FADP, you have the right to obtain confirmation as to whether or not we have any personal data about you.

We remind you that, when we share personal data with other controllers, you will have to exercise your rights directly against those controllers following the instructions provided in their own privacy policies. Specifically, in relation to the data that our cookies share with Google, we inform you that you can install in your browser Chrome, Internet Explorer, Safari, Firefox and/or Opera, the add-on to not send Google Analytics data or Google Ads at Google Inc.

The User has the following rights regarding their personal information:

  • Right to opt-out: withdraw the consent for the processing activities that the User has previously consented, without this affecting the lawfulness of the processing performed by Olyseum before the withdrawal of the consent. In such circumstances, Users understand that Olyseum may not be able to provide the Service that depended on that consent.
  • Right to access: Provide User with information about our processing of their personal data and give them access to their personal information
  • Right to have their personal data corrected: Update or correct inaccuracies in User’s personal information.
  • Right to restrict: Restrict the processing of User’s personal information.
  • Right to object: Object to our processing of User’s personal data, in particular our reliance on our legitimate interests as the basis of our processing of their personal information.
  • Right to have their data deleted: Delete User’s personal information.
  • Right to data portability: Transfer a machine-readable copy of User’s personal information to the User or a third party of their choice.
  • Right to file a complaint with a supervisory authority, in particular in the state of the User’s habitual residence or at the place of the alleged infringement, if they consider that our processing of their personal data breaches the applicable data protection laws.

User can submit all the above requests by email to We may request specific information from the User to help us confirm their identity and process their request. Applicable law may require or permit us to decline User’s request. If we decline their request, we will tell them why, subject to legal restrictions. 

If the User would like to submit a complaint about our use of their personal information or response to their requests regarding their personal information, they may contact us at or submit a complaint to the Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, CH-3003 Berne, phone +41 58 462 43 95, fax +41 58 465 99 96,

Please note that our Services are not directed to persons under the age of 18 (Minor). We do not knowingly collect personally identifiable information from any Minor. If you are a parent or guardian and you are aware that a Minor has provided us with personal data, please contact us. If we become aware that we have collected personal data from a Minor, we will take steps to remove that information from the Platform.

Finally, we inform the User that regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. For more information, please see our Cookies Policy.

8. Security measures

We are fully committed to protecting User’s privacy and personal data. We have prepared a record of all the personal data processing activities (ROPA) that we carry out, we have analysed the risk that each of these activities may pose to them, and we have implemented the appropriate legal, technical and organizational safeguards to avoid, as far as possible, the alteration of their personal data, its misuse, loss, theft, unauthorized access, or unauthorized processing. We keep our policies up to date to ensure that we provide them with all the information we have about the processing of their personal data, and to ensure that our staff receive the appropriate guidelines regarding how they should treat their personal data. We have signed data protection clauses and or data protection agreement with all our service providers, taking into account the need that each one has to process personal data.

We restrict access to personal data to those employees who really need to know it to carry out any of the processing activities referred to in this policy, and we have trained and made them aware of the importance of confidentiality and maintaining the integrity and availability of information, as well as on the disciplinary measures that any possible infraction in this matter would imply.

However, if we determine that User’s data has been misappropriated (including by an employee or former employee of Olyseum), exposed by a security breach, or improperly acquired by a third party, exposing them to high risk, we will notify them immediately about this security breach, misappropriation or acquisition, and about the measures we have taken and those that we recommend them take so that the breach does not affect them or affects the minimum.

9. Changes to this Privacy Policy

Olyseum may periodically update this Privacy Policy. The amended version of the Privacy Policy will be posted on the Platform Olyseum website. By continuing to use the Platform after those changes become effective, Users agree to be bound by the revised Privacy Policy.

Last update: 6 April 2024