LicenChain Privacy and Cookie Policy
1. Introduction
Welcome to LICENCHAIN, UAB (further referred as "we," "our," or "us"). This Privacy and Cookie Policy explains how we collect, use, disclose, and safeguard your information when you use our software, systems and services.
2. Information We Collect
2.1 Personal Information
To maintain your account, transaction and identity, we collect information that you provide directly to us:
- Contact information (name, email address, phone number);
- Billing information (payment card details, billing address);
- Authentication information (wallet addresses, account credentials);
- Device identifiers and digital fingerprints; and
- Transaction history.
2.2 Automatically Collected Information
As an additional measure to ensure the safety and security of your account and your experience, we automatically collect certain information when you use our services:
- IP address;
- Browser type and version;
- Usage data and analytics;
- Cookies and similar tracking technologies.
3. How We Use Your Information
To ensure your best experience with us, we need to process some of your personal data. That is required to provide and maintain our services (e.g. to provide association with an asset with you, your personal details, such as contact information is required). To process your transactions and verify license ownership we also need your billing information. To prevent fraud and unauthorized access we need to collect some additional technical information. We also use your information to communicate with you, comply with legal obligations and improve our services.
4. Cookies
Cookies are small text files that are stored on your devices when you visit our website. They serve as a memory for websites, allowing them to recognize your device and remember certain information about your session. These files contain very small amounts of data that are transferred between a web server and your web browser.
You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use our services.
4.1 Cookies We Use
| Cookie Name | Purpose | Duration | Type |
|---|---|---|---|
| Essential cookies | |||
| session_id | User authentication and session management | Session | First-party |
| csrf_token | Security token to prevent CSRF attacks | Session | First-party |
| license_verify | License validation status | 24 hours | First-party |
| device_fingerprint | Device identification for security | 30 days | First-party |
| wallet_connection | Blockchain wallet connection status | Session | First-party |
| Performance Cookies | |||
| ga_id | Google Analytics identifier | 2 years | Third-party |
| _heap | Heap Analytics user tracking | 1 year | Third-party |
| perf_metrics | Performance monitoring | 30 days | First-party |
| error_logging | Error tracking and debugging | 90 days | First-party |
| Functional Cookies | |||
| lang_pref | User language preference | 1 year | First-party |
| theme_setting | UI theme preference | 1 year | First-party |
| saved_wallet | Last used wallet type | 30 days | First-party |
| ui_customization | Interface customization settings | 1 year | First-party |
| Advertising Cookies | |||
| campaign_tracker | Marketing campaign tracking | 90 days | First-party |
| conversion_pixel | Conversion tracking | 30 days | Third-party |
| referral_source | Traffic source tracking | 30 days | First-party |
5. Data Sharing and Disclosure
We may share your information with our service providers and business partners with strict oversight and contractual basis; legal authorities when required by law; and third parties with your consent.
When we transfer data outside the EU/EEA, we ensure appropriate safeguards through standard contractual requirements for service providers.
6. Data Security
We protect your data through multiple layers of security. Our systems use the latest encryption standards. When your data is stored (data at rest), we use AES-256 encryption, and when it's being transmitted (data in transit), we use TLS 1.3 protocol to keep it secure.
For our blockchain operations, we take extra precautions - all operations undergo rigorous security audits. Licensed documents are protected with end-to-end encryption, ensuring that only authorized users can access them.
We control access to data carefully through several methods. We use role-based access control, which means employees can only access the specific data they need for their job. We regularly review who has access to what data and automatically log people out after periods of inactivity.
We don't just rely on technology - we also have strict policies and procedures in place. All our employees undergo background checks and regular security training. They sign confidentiality agreements and must follow specific security policies, including keeping their desks clear of sensitive information.
7. Your Rights
As our service operates under GDPR, you have specific rights regarding your personal data.
Right to Access Your Data
You can ask us what data we have about you at any time. We'll provide a complete copy of your data, explain how we're using it, who we share it with, and how long we keep it. You'll receive this information in a clear, readable format within 30 days of your request.
Right to Correct Your Data
If you spot any mistakes in your data, you can correct them. You can either update most information directly through your user dashboard or contact us to make the changes for you. We'll verify and confirm any changes.
Right to Delete Your Data
You can request that we delete your personal data. However, it's important to note that due to the nature of blockchain technology, some data cannot be deleted from the blockchain itself. We'll clearly explain what can and cannot be deleted and why. Where we can delete data, we'll do so and confirm once it's done.
Right to Limit How We Use Your Data
You can ask us to stop using your data in certain ways while still keeping it stored. For example, you might want us to stop processing your data while you verify its accuracy.
Right to Take Your Data Elsewhere
You can get your data in a format that's easy to transfer to another service. We provide your data in common formats like JSON, CSV, or XML, making it simple to move to other services.
Right to Object
You can object to how we use your data, particularly for marketing purposes. If you object, we'll review our legal basis for using your data and respect your decision where possible.
Rights Regarding Automated Decisions
If we make automated decisions about you (using algorithms or automated systems), you have the right to:
- Know when this is happening;
- Request human review of the decision;
- Contest any automated decisions.
How to Exercise Your Rights
You can exercise any of these rights through:
- Our privacy portal: https://licenchain.io/privacy
- Email: privacy@licenchain.io
When you make a request, we'll respond within 48 hours to acknowledge it and provide a full response within 30 days. If we need more time, we'll let you know.
To process your request, we'll need:
- Your name;
- Email address;
- Account details;
- What right you are exercising;
- Specific details about your request.
We'll need to verify your identity to protect your privacy. This might involve:
- Checking government ID;
- Verifying your account credentials;
- Using two-factor authentication.
8. Data Retention
We retain your personal data for as long as necessary to: provide our services; comply with legal obligations; resolve disputes; and enforce agreements.
9. Children's Privacy
Our services are not intended for children under 16. We do not knowingly collect data from children under 16.
10. Changes to This Policy
We may update this policy periodically. We will notify you of material changes through email notifications and announcements on our website.
11. Contact Information
Data Controller: Licenchain, UAB, Filaretų g. 12-1, LT-01208 Vilnius, Lithuania
Data Protection Officer: Email: privacy@licenchain.io
13. Compliance Statement
This policy complies with:
- General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data;
- ePrivacy Directive - Directive 2002/58/EC (amended by 2009/136/EC) - Privacy and Electronic Communications Directive (ePrivacy Directive);
- Relevant national data protection laws.