Nomic Foundation Privacy Policy

Nomic Foundation (the “NomicFoundation,” “we,” or “us”), a Swiss Foundation, located at c/o Kaiser Odermatt & Partner AG, Baarerstrasse 12, 6300 Zug, is a software development foundation building open-source software to unlock developer productivity in the Ethereum ecosystem is the controller and processor of your personal data.

This Privacy Policy applies to the Nomic Foundation website (https://nomic.foundation) (“website”) the Hardhat software (“Hardhat”), the Hardhat tools and plugins, including the hardhat runner, the hardhat vscode, the @nomicfoundation/coc-solidity, and the hardhat network which, with any other features, tools and/or materials made available from time to time by the Foundation (the “Tools”), all of which are referred to as “services” in this Privacy Policy. Users of the website, Hardhat and the Tools are referred to collectively as “Clients.”

This Privacy Policy describes what information Nomic Foundation collects, how we use that information, and how we protect it. Nomic Foundation collects and processes personal data in order to run our organization and offer our services to Clients. We do not share Client information with third parties except for the limited purposes described in this Privacy Policy.

By using our services, Clients understand and agree that we will collect, process and use their information as described in this Privacy Policy, and in compliance with the Swiss Federal Act on Data Protection (“FADP”), the Swiss Ordinance to the Federal Act on Data Protection (“OFADP”), and the General European Data Protection Regulation (“GDPR”). We recommend that Clients read this Privacy Policy in full to ensure they are fully informed.

If you have any questions about this Privacy Policy or how we handle personal data, please contact us at privacy@nomic.foundation or use the contact information set out at bottom of this Privacy Policy.

What Personal Data Does Nomic Foundation Collect, and Why?

The information that Nomic Foundation gathers from Clients allows us to deliver and improve our services. For example, it allows us to communicate with Clients, provide support, and (with Clients’ permission) monitor deployments of Hardhat and the Tools for performance-improvement and error-correction purposes.

A.        Information Our Clients Provide

We receive and store the information our Clients supply to us when they communicate with us by email, GitHub, and social media. This information may include the Client’s name, company, email address, username, postal address, and telephone number.

Personal data processed through social media is subject to their privacy policies. You should check each social media privacy policies. The Nomic Foundation is not responsible for the data collected by these platforms.

B.        Information Automatically Collected from Clients

We also collect certain information automatically, including:

  1. Error and performance monitoring data

Hardhat collects automated error and performance monitoring data to help Nomic Foundation fix bugs and improve the performance of our software. This data is only collected and processed if the Client opts into this feature.

The information collected includes: 1) a unique cryptographic identifier to identify data from a single user; 2) the Hardhat version number; 3) whether Hardhat is running on a server or desktop; 4) the Client’s operating system (e.g. Windows, Mac, or Linux); 5) whether the Hardhat task running is a build-in or user-defined task; 6) the versions of Node.js and Sentry running on the Client’s computer; 7) error message text; 8) stack trace data; and 9) timestamps.

The Nomic Foundation uses third-party services, Sentry and Google analytics, to collect and process this data: i) Google analytics: extension version, machine Id, operating system, user agent; and ii) Sentry: extension name + version, environment, machine id as mentioned above, tags that provide context.

In the case of Sentry, the data is anonymized before being sent to Sentry’s servers. Any piece of data resembling a path or a private key is removed on a best-effort basis. The data sent to Sentry is subject to a data processing agreement limiting Sentry’s use of the data and requiring Sentry to take appropriate security measures to protect the data.

  1. Website cookies

Like many websites, the Nomic Foundation website uses cookies to obtain certain types of information when your web browser accesses our site. Cookies are used most commonly to do things like tracking page views, identifying repeat users and utilizing login tokens for a session.

Type of Cookie

Served By

How to Control These

Session cookies: these are used to anonymously track a user’s session on our website to deliver a better experience.

Nomic Foundation

You can block or delete these by changing your browser settings.

Performance and Targeting cookies: These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website for you. Such cookies may record site and display-related activity for a session so that a client does not see displays that are irrelevant or have already been dismissed.

Google

Google offers a Google Analytics Opt-Out Browser Add-on for most browsers.

You can set or amend your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use our website though your access to some functionality and areas of our website may be restricted. As the means by which you can refuse cookies through your web browser controls vary from browser-to-browser, you should visit your browser's help menu for more information.

Other information we collect and analyze includes the Internet Protocol (IP) address used to connect your computer to the Internet, computer and connection information such as browser type, version, language, and time zone setting, browser plug-in type and version, screen resolution, and operating system and platform. This information is stored in log files and is collected automatically. We collect this technical information to better understand user needs and provide Clients with an optimal online experience.

We also collect aggregate usage data for our website, which may include browsing patterns and broad demographic information, to enable us to understand how our website is being used and to develop and refine it to better serve our Clients.

Our Legal Bases for Processing Personal Information

For personal data under Nomic Foundation’s control, we rely on two bases to lawfully obtain and process personal information. First, where Clients have given us valid consent to use their data in certain ways, we rely on that consent. Second, as described in more detail below, in certain cases we may process information where this is necessary to meet legal obligations, such as compliance with law enforcement subpoenas or warrants, and/or to further our legitimate interests, so long as any such legitimate interests are not overridden by your rights or interests.

How and When Do We Share Information?

Nomic Foundation does not sell your information. As set out below, we only share information on a limited basis in order to enable us to offer our services. We do not otherwise make Client data available to third parties.  

Service Providers

We employ other organizations and service providers to perform certain functions on our behalf. These third parties have only limited access to your information, may use your information only to perform these tasks on our behalf, and are obligated to Nomic Foundation not to disclose or use your information for other purposes.

All Service Providers warrant to be in compliance with the GDPR and provide sufficient security to the information they access to.

Our use of Service Providers includes:

If you have any questions about the specific Service Providers we currently use, please contact us at privacy@nomic.foundation or by using the contact information set out at the bottom of this Privacy Policy.

Legal Compliance / Protection of the Public and Our Business / Legitimate Interests 

We will release personal and account information: to comply with a subpoena, court order, legal process, or other legal requirement when we believe in good faith that such disclosure is necessary to comply with the law; to protect, establish, or exercise our legal rights or defend against legal claims; when we believe doing so is reasonably necessary to prevent harm to an individual; or take action regarding illegal activities, suspected fraud, threats to our property, or violations of our legal terms.

We may also share your information during an organizational transaction like a merger or distribution of our assets to a successor organization. If such a transaction occurs, we will provide notification of any changes to control of your information, as well as choices you may have.

Children’s Privacy

The services are not intended for children under the age of 16. We do not knowingly collect personal information from anyone under the age of sixteen. If you are under the age of sixteen, your parent or guardian must provide their consent for you to use the services.

Data Transfers

Nomic Foundation provides a voluntary service and Clients can choose whether or not they wish to use it. Consequently, when decided to use our Services you entitled Nomic Foundation to transfer your personal data to the Services Providers for the purposes of the data processing described in this Privacy Policy.

When your data is moved from its home country to another country, the laws and rules that protect your personal information in the country to which your information is transferred may be different from those in the country where you reside. Because we offer our services to people in different countries and use technical infrastructure based in different jurisdictions, we may need to transfer your personal information across borders in order to deliver our services.

Our Services Providers are obliged to protect data privacy at least to the same extent as ourselves. We contractually ensure that the protection of your personal data corresponds to the applicable laws by using the standard contractual clauses to comply with the GDPR.

How Secure Is Your Information?

We maintain administrative, technical, and physical safeguards designed to protect the privacy and security of the information we maintain about you. The connection between your computer and our website server is encrypted using Secure Sockets Layer (SSL) software that encrypts that information.

We use a Digital Certificate and secure pages will be identified by a padlock sign and “https://” in the address bar. Likewise, all Hardhat error and performance monitoring data is transmitted over HTTPS transport layer security (TLS)-secured connections.

However, no method of transmission or storage is 100% secure. As a result, while we strive to protect your personal information, you acknowledge that: (a) there are security and privacy limitations inherent to the Internet which are beyond our control; and (b) security, integrity, and privacy of any and all information and data exchanged between you and us through this Site cannot be guaranteed.

What Are Your Rights?

Upon request, Nomic Foundation will provide Clients with information about whether we hold any of their personal information (“Right to confirmation”). In certain cases, subject to relevant legal rights, Clients have the right to object to the processing of their personal information, to request changes, corrections, or the deletion of their personal information, and to obtain a copy of their personal information in an easily accessible format (“Right to access”, “Right to object”, “Right to rectification”).

In order to do this, Clients can contact us using the contact information set out at the bottom of this Privacy Policy. We will respond to every request within a reasonable timeframe and may need to take reasonable steps to confirm identity before proceeding.

You can also withdraw your consent to our processing of your information and the use of our services, and/or delete your Client account at any time, by using the contact information below to request that your personal information be deleted (“right to be forgotten”).

If you are an EU resident and believe that our processing of your personal data is contrary to the EU General Data Protection Regulation, you have the right to lodge a complaint with the appropriate supervisory authority.

If you withdraw your consent to the use or sharing of your personal information for the purposes set out in this policy, we may not be able to provide you with our services. Please note that in certain cases we may continue to process your information after you have withdrawn consent and requested that we delete your information if we have a legal basis/need to do so.

Data Retention

For personal data under its control, Nomic Foundation will retain such data only for as long as is necessary for the purposes set out in this policy, or as needed to provide Clients with our services.

If a Client no longer wishes to use our services then it may request deletion of its data at any time.

Notwithstanding the above, Nomic Foundation will retain and use Client information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, and enforce our agreements.

We may also retain log files for the purpose of internal analysis, for site safety, security and fraud prevention, to improve site functionality, or where we are legally required to retain them for longer time periods.

Contact Us

If you have any questions, comments or suggestions about how we handle personal information you can contact Nomic Foundation at privacy@nomic.foundation