EEA, UK and Switzerland Privacy Notice

Last Updated: October 20, 2023

This EEA, UK and Switzerland Privacy Notice (“Notice”) explains how HairDAO complies with certain privacy rights specifically available to individuals located in the European Economic Area (inclusive of the European Union) (“EEA”), United Kingdom (“UK”), or Switzerland.

1. Our relationship with you

We are the “controller” of your Personal Information because we determine the means and purposes of processing your information when using our Services.

2. Legal bases for processing Personal Information

The laws of your country require us to rely on certain conditions to process your information. When we process your information, we rely on the following conditions or “legal bases” :

• Your consent.
• Legal obligations.
• Contracts we entered with you or to take steps at your request prior to entering into a contract with you.
• Legitimate interests to protect our property, rights or safety of HairDAO, our customers or others.

3. Privacy Rights

Residents of the EEA, UK, and Switzerland have the right to access, delete, correct, withdraw their consent, and have portability of their information. We believe all our customers should have strong privacy controls, which is why our Privacy Statement outlines how you can access, download, and delete your personal information and you can contact privacy@hairdao.xyz for further assistance. In addition, you have the right to object or restrict the processing of your Personal Information. To exercise such rights, please contact us at privacy@hairdao.xyz We will handle your request under applicable law, and, in some cases, your ability to access or control your Personal Information will be limited as required or permitted by applicable law.

4. International Transfers

We are a global business, meaning your Personal Information will likely be transferred to, stored, and processed in the U.S. and other countries outside of where you live.

When we conduct such transfers, we rely on various legal bases to lawfully transfer Personal Information around the world, including fulfillment of our agreements with you, your prior consent, adequacy decisions for relevant countries, or other transfer mechanisms as may be available under applicable law, such as the European Union Commission approved standard contractual clauses.

In cases where Personal Information may be transferred to or processed in locations outside of the European Economic Area (EEA), UK, and Switzerland, which have not been determined by the European Commission, UK ICO, or Swiss FDPIC to have an adequate level of data protection, HairDAO takes measures designed to provide the level of data protection required in the EU, UK, or Switzerland including ensuring transfers are governed by the requirements of the Standard Contractual Clauses adopted by the European Commission or another adequate transfer mechanism. HairDAO has entered into transfer agreements based on the Standard Contractual Clauses which allows for the processing and transfer of personal data.

In addition, HairDAO complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. To learn more about the Data Privacy Framework (DPF) program, please visit https://www.dataprivacyframework.gov/.

HairDAO is responsible for the processing of Personal Information it receives or subsequently transfers to a third party acting as an agent on its behalf. HairDAO complies with applicable data protection law, including Data Privacy Framework Principles for all onward transfers of Personal Information from the EEA and Switzerland, including the onward transfer liability provisions in the Data Privacy Framework Principles.

With respect to Personal Information received or transferred pursuant to the Data Privacy Framework Principles, HairDAO is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, HairDAO may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the EU-US Data Privacy Framework Principles, HairDAO commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union, Swiss and United Kingdom individuals with DPF inquiries or complaints should first contact us online at privacy@hairdao.xyz or by mail to:

Privacy Officer; HairDAO; 7750 Okeechobee Blvd, Ste 4 PMB3085, West Palm Beach, FL 33411, USA.

5. Complaints or Questions

If you have any questions about our privacy practices or believe that we have infringed your rights, we encourage you to contact us directly online at privacy@hairdao.xyz or by mail to:

Privacy Officer; HairDAO; 7750 Okeechobee Blvd, Ste 4 PMB3085, West Palm Beach, FL 33411, USA.