Privacy Policy

Last Updated: 25 January 2024

This Privacy Policy outlines our commitment to safeguarding the privacy of personal information, whether obtained offline or online. It encompasses various aspects, including our provision of platforms such as Metarush, downloadable applications, mobile apps, websites, and other online services collectively referred to as "Services." In this Privacy Policy, when we mention "we," "us," or "our," we are referring to Myria including but not limited to Myria and Metarush.

This Privacy Policy complies with the privacy regulations applicable in the Cayman Islands. In addition to Cayman Islands laws, individuals located in the European Union (EU) and the United Kingdom (UK) may also have rights under the EU General Data Protection Regulation 2016/679 and the UK General Data Protection Regulation, collectively known as GDPR.

  • Appendix 1 provides comprehensive details about the specific information and rights applicable to individuals in the EU and UK, along with insights into how we manage the personal information of individuals within these regions. For individuals not covered by the GDPR (i.e., those in the Cayman Islands, the United States, and other locations outside the UK and EU).

  • Appendix 2 offers additional information about our handling of personal information. Appendix 3 discloses supplementary information and data rights granted to individuals residing in specific jurisdictions within the United States, where relevant privacy laws have been enacted.

In the context of this Privacy Policy, "Personal information" refers to data or opinions, whether accurate or not, and whether stored physically or digitally, pertaining to an identified individual or an individual who can be reasonably identified. This definition encompasses terms such as personal information, personal data (as defined by the GDPR), personally identifiable information, or similar terms as per applicable laws.

Children's Data

We do not knowingly collect, solicit, use, or disclose personal information from children under the age of 18. If you are under 18, please do not attempt to register for the Services or send any information about yourself to us. No one under age 18 may provide any personal information to us. If we learn that a child under 18 has provided personal information to us without verification of parental consent, we will delete that information immediately.

How we collect personal information

  • Directly:

    • Voluntarily: You willingly provide personal information when you sign up for Metarush, register for Myria or another Myria product or service. This may occur through the 'contact us' form on our websites or when you seek our assistance via email, our online chat, or telephone. Additionally, personal information may be collected during your participation in our sessions, functions, events, or activities.

    • Automatically: Personal information that you indirectly furnish us with may be gathered as you interact with us. This can encompass information exchanged in emails, over the telephone, or in your online inquiries. In certain instances, when a third-party service provider or data processor (e.g., analytics provider) collects Personal Information on our behalf, this may also be regarded as a direct collection by us.

  • Indirectly

    • From Third Parties: We may also obtain personal information from third parties. For instance, details about your website usage from our cookie providers and marketing providers may be collected (unless it falls under direct collection, as mentioned above). Further information regarding the utilization of cookies is detailed in the "Cookies" section below.

    • From Publicly Available Sources: Personal information may be sourced from publicly accessible repositories of information, such as data extracted from social media accounts and profiles. This occurs when it is pertinent to your interactions with us or our business relationship with you.

Personal information

The types of personal information we may collect about you include:

  • your name;

  • your contact details, including email address and name;

  • your Ethereum (and/or other public blockchain) address and wallet, and public blockchain data;

  • your preferences and/or opinions;

  • information you provide to us through customer surveys;

  • details of products and services we have provided to you and/or that you have enquired about, and our response to you, including any support requests and any bug reports;

  • where you play Metarush, game progression data, such as your game saves and your achievements in the game, and your age;

  • where you participate on Myria, your trading data;

  • where you connect or use a digital wallet in conjunction with Myria's products and services, the assets held in that wallet;

  • your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behavior, your IP address, and demographic information;

  • your connections with others whose personal information we may collect or hold;

  • information about your access and use of our Services, including through the use of Internet cookies, your communications with our Services, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider;

  • additional personal information that you provide to us, directly or indirectly, by submitting forms or through your use of our Services, associated applications, associated social media platforms and/or accounts from which you permit us to collect information;

  • publicly available information from social media accounts, posts and profiles, where relevant to your interactions with us, or to our business or relationship with you;

  • device information, such as mobile device type, mobile number, unauthorized third party applications (which allows us to identify whether our users are gaining an unfair advantage or cheating when using our games), and device specifications; and

  • any other personal information requested by us and/or provided by you or a third party.

We may collect these types of personal information directly from you or from third parties.

Collection and use of personal information

We may gather, retain, utilize, and disclose personal information for the following objectives:

  1. Account Management:
  • Facilitating your account creation and managing it effectively.
  1. Service Access and Customization:

  • Allowing you to access and utilize our Services, including applications like Metarush and Myria.

  • Personalizing and tailoring your experiences while using our Services.

  1. Transaction Facilitation:
  • Enabling transactions within the Services.
  1. User Interaction:

  • Facilitating communication between you and other users, especially within Metarush.

  • Supporting group conversations and the creation of friend lists.

  1. Service Communication:
  • Contacting and communicating with you regarding our Services.
  1. Administrative Functions:

  • Internal record-keeping and administrative purposes

  • Invoicing and billing-related tasks.

  1. Verification and Accuracy:

  • Comparing information for accuracy and verification purposes.

  • This may include verifying your identity based on the information you've provided.

  1. Investor Relations:
  • Administering investor-related tasks, including interactions with corporate regulators.
  1. Analytics and Business Enhancement:

  • Utilizing data for analytics, market research, and business development.

  • Enhancing the functionality and performance of our Services, applications, and social media platforms.

  1. Promotions and Marketing:

  • Running promotions, competitions, and providing additional benefits.

  • Assessing the effectiveness of these activities.

  1. Advertising and Promotion:

  • Sending promotional information about our group's products and services.

  • Sharing information about third parties that may interest you.

  1. Security Measures:

  • Investigating, reviewing, and mitigating risks related to data security breaches involving your personal information.

  • Informing you or relevant authorities as required.

  1. Legal Compliance and Dispute Resolution:
  • Fulfilling our legal obligations and resolving disputes.
  1. Fraud Prevention:

  • Identifying, preventing, and responding to fraud and abuse.

  • Safeguarding our users, assets, and rights.

  1. Quality Assurance:
  • Recording telephone calls for training and quality assurance purposes.
  1. Other Purposes:
  • As otherwise notified during collection or in accordance with agreements you establish with us.

Additionally, we may aggregate personal information for reporting, statistical analysis, and business improvement. This enables us to gain insights into user preferences, enhance our products and services, and assess the effectiveness of our operations. We may also de-identify information for inclusion in aggregated databases or reports.

Disclosure of personal information to third parties

We may disclose personal information to:

  1. Third-Party Service Providers: These may include IT service providers, data storage experts, web hosting and server providers, debt collectors, maintenance or troubleshooting entities, marketing or advertising partners, professional consultants, and payment systems operators.

  2. Integration Partners: Third parties that incorporate our Services into their products and offerings.They may utilize your personal information independently of Immutable when we are not responsible for its use.

  3. In-House and Affiliated Entities: Sharing personal information within our group of companies to provide Services to you as detailed in this Privacy Policy.

  4. Government and Identity Verification Agencies: These entities may access third-party databases, official record holders, and other sources to perform identity verification services.

  5. Merchants and Digital Asset Recipients: Sharing information to identify you as the sender or receiver of digital assets during transfers.

  6. Agents and Business Partners: Current or potential agents or business collaborators.

  7. Promotions and Competition Sponsors: Sponsors or organizers of promotions or contests we run.

  8. Business or Asset Transfers: Parties involved in the acquisition of our business or assets.

  9. Debt Collection and Legal Authorities: Debt collection agencies, courts, tribunals, and regulatory bodies in case of non-payment for our goods or services. Courts, tribunals, regulatory authorities, and law enforcement agencies as required by law or for legal proceedings.

  10. Third-Party Providers: Parties assisting us in delivering information, products, services, or direct marketing, which may include entities outside of Australia.

  11. Data Processing Partners: Third parties assisting in data collection and processing, such as Google Analytics. These entities may store data outside Australia, the EU, and the UK.

  12. Legal Obligations: Any other third parties as mandated or allowed by law, including cases involving subpoenas.

Overseas Disclosure:

When personal information is disclosed to the aforementioned third parties, or when our computer systems, including IT servers and website hosting, are located overseas, your personal information may be stored, transferred, or accessed by these parties outside Australia, the EU, and the UK. This may include regions such as the United States of America, United Kingdom, Singapore, European Union (including Ireland, Greece, and Italy), New Zealand, Canada, Indonesia, and Brazil.

We take responsibility for safeguarding your personal information and will only disclose it to countries with laws that offer substantial protection. In instances where another party, with their own relationship with you, collects and uses your personal information independently (e.g., an app developer integrating our Services), we are not liable for their actions and decisions regarding your personal information, including disclosures to countries lacking substantial privacy protection as per Australian laws.

Data Transfers from EEA and UK:

When transferring personal information from the European Economic Area (EEA) or the UK, we rely on relevant contractual agreements approved by competent authorities (e.g., Standard Contractual Clauses or the International Data Transfer Agreement). If these agreements are insufficient to ensure adequate data protection at the recipient, we implement additional safeguards. Please contact us for more information on the specific mechanisms used when transferring your personal data from the EEA and/or the United Kingdom.

Your Rights and Control Over Your Personal Information

Your Choices: Please review this Privacy Policy carefully. By providing us with your personal information, you acknowledge that we will collect, store, use, and disclose your personal information in accordance with this Privacy Policy. While you are not obliged to provide us with personal information, please be aware that declining to do so may impact our ability to deliver our Services to you or affect your usage of our Services.

Information from Third Parties: In cases where we receive personal information about you from a third party, we will handle it in accordance with the principles outlined in this Privacy Policy. If you are a third party sharing personal information about someone else, you confirm that you have obtained the necessary consent from that individual to provide their personal information to us.

Anonymity: Whenever feasible, we will offer you the choice to interact with us without revealing your identity or by using a pseudonym.

Restrictions and Unsubscribing: We may contact you via phone, email, SMS, or push notifications, including notifications regarding both existing and new products and services that may be of interest to you. If you wish to object to direct marketing, unsubscribe from our marketing database, or opt out of communications (including marketing communications), please get in touch with us using the contact details provided below. You can also decline marketing messages sent through push notifications by adjusting the relevant permission settings on your device.

Access: You have the right to request access to the personal information held about you. Please be aware that there may be an administrative fee associated with providing such information. It is important to note that in certain situations, we may be legally allowed to deny access to your personal information.

Correction: If you believe that any of the information we have about you is incorrect, outdated, incomplete, irrelevant, or misleading, please contact us using the provided details below. We will take reasonable measures to promptly rectify any information that is found to be inaccurate, incomplete, irrelevant, or outdated. However, please note that in some circumstances, we may be legally authorized to retain your personal information without correction.

Complaints: Should you wish to file a complaint, please reach out to us using the contact information provided below. Include a comprehensive description of your complaint. We will initiate a timely investigation into your complaint and respond to you in writing, outlining the results of our investigation and the actions we intend to take in response to your complaint. You also retain the right to contact the relevant privacy authority.

Please refer to Appendix 1 for additional rights and additional information available to individuals residing in the EU or the UK, and consult Appendix 2 for additional rights and further details available to individuals based in the United States.

Storage and security

We will take reasonable steps to ensure that the personal information we collect is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal information and protect it from misuse, interference, loss and unauthorized access, modification  and disclosure.

While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk. Although we take measures to safeguard against unauthorized disclosures of information, we cannot assure you that the personal information we collect will not be accessed or disclosed in a manner that is inconsistent with this Privacy Policy.

Cookies

We may use cookies on our Website from time to time. Cookies are text files placed in your  computer's browser to store your preferences. Cookies, by themselves, do not tell us your email address or other personal information. However, they do recognise you when you return to our Website and allow third parties, such as Google and Facebook, to cause our advertisements to appear on your social media and online media feeds as part of our retargeting campaigns. If and when you choose to provide our Website with personal information, this information may be linked to the data stored in the cookie and that information could potentially be used to identify you. It may be possible for us to identify you from information collected automatically from your visit(s) to our Services, for example, we will be able to identify you through your user name and password when you log into our Services. Further, if you access our Services via links in an email we have sent you, we will be able to identify you.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our online Services. At this time, our websites do not respond to "do not track" signals, if received.

Links to other websites

Our Website may contain links to other websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.

Amendments

We may revise this Privacy Policy from time to time. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. If you do not agree with our changes, please do not use the Services. Your continued use of our Services following the posting of changes to this Privacy Policy and the conclusion of any legally required notice period means you accept those changes.

Appendix 1: For individuals located in the EU or UK

The GDPR extends specific rights to individuals within the EU/UK regarding their personal information. Personal information, often referred to as personal data under the GDPR, pertains to information about an identified or identifiable natural person (individual). This appendix outlines the supplementary rights granted to individuals within the EU and the UK, including our commitment to lawful, transparent, and fair personal information processing. Please review the Privacy Policy above and this Appendix thoroughly, and do not hesitate to reach out using the provided contact details if you have inquiries.

Relevant Personal Information:

This Appendix is relevant to the personal information listed in the main Privacy Policy. This encompasses sensitive information also referred to as 'special categories of data' under the GDPR.

Our Pledge to You:

Your personal information will:

  • Be processed lawfully, fairly, and transparently by us.

  • Only be collected for the specific purposes identified in the 'collection and use of personal information' section in the primary Privacy Policy, and personal information will not be processed in an incompatible manner.

  • Be collected adequately, relevantly, and in a limited manner to what is necessary for the purpose of processing.

  • Be kept up-to-date when feasible and within our control (please inform us if you wish to correct any of your personal information).

  • Be stored in a form that allows us to identify you, but only for the duration necessary for the original purpose of collection.

  • Be processed securely and with protection against unauthorized or unlawful processing, as well as against accidental loss, destruction, or damage.

Processing of Personal Information:

We will solely employ your Personal Information when permitted by law. Typically, we will use your Personal Information under the following circumstances:

  • When it is necessary for the contract we are either about to enter into or have entered into with you.

  • When it is essential for our legitimate interests (or those of a third party), and your interests and fundamental rights do not outweigh those interests.

  • When we are obligated to comply with legal requirements.

  • We generally do not rely on consent as the legal basis for processing your Personal Information, although we will obtain your consent before sending third-party direct marketing communications via email or text message.

You have the right to withdraw your consent to marketing at any time, either by contacting us or by utilizing the unsubscribe link provided in each marketing email from us.

We will only use your Personal Information for the purposes for which it was collected unless we believe that we need to use it for another purpose that is compatible with the original one. If we need to use your Personal Information for an unrelated purpose, we will notify you and explain the legal basis allowing us to do so.

If you choose not to provide specific Personal Information or provide incomplete or inaccurate information required for contract performance or compliance with legal obligations, please be aware that we may not be able to provide all or parts of the service you require.

We only collect Special Categories of Personal Data when you have given explicit consent, it is necessary to protect vital interests or those of others, or when you have deliberately made it public.

Refer to the main section of this Privacy Policy (under 'Purposes for which we will use your personal information - UK and EU') to learn more about the lawful bases on which we will rely to process your Personal Information.

Data Retention:

We will retain your personal information only as long as necessary to fulfill the purposes for which we collected it, including compliance with legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider factors such as the type, volume, and sensitivity of the personal information, the potential risk of unauthorized use or disclosure, our processing purposes, alternative means to achieve those purposes, and applicable legal obligations.

In certain cases, you can request the deletion of your data. Please refer to 'Your legal rights' below for further details.

We may also anonymize your personal information for analytics, research, or statistical purposes, rendering it unassociated with you. In such cases, we may use this anonymized information indefinitely without prior notice to you.

Data Transfers:

We may transfer your personal data to third parties situated outside the European Economic Area and the United Kingdom. Adequate safeguards will be provided for such transfers.

When transferring personal data outside the European Economic Area or the United Kingdom, we will rely on either the "Standard Contractual Clauses" approved by the European Commission or the United Kingdom Government (as applicable) or any other contractual agreement approved by competent authorities as the basis for the transfer.

If these contractual agreements do not ensure sufficient data protection at the recipient, we will introduce supplementary safeguards. Feel free to contact us for more information on the specific mechanisms employed when transferring your personal data outside the European Economic Area and/or the United Kingdom.

Your Legal Rights:

Under certain conditions, you possess rights related to your personal information as per data protection laws. You have the right to:

  • Request access to your personal information (commonly known as a "data subject access request").

  • Request correction of your personal information.

  • Request erasure of your personal information.

  • Object to the processing of your personal information.

  • Request restriction of processing of your personal information.

  • Request the transfer of your personal information.

  • Withdraw consent to the processing of your personal information.

To exercise these rights or for any inquiries, please contact us using the provided details.

You will not incur a fee for accessing your personal information or exercising any other rights. However, we may charge a reasonable fee for unfounded, repetitive, or excessive requests or may refuse to comply with such requests. We may request specific information to verify your identity, ensuring that personal information is not disclosed to unauthorized individuals.

We aim to respond to legitimate requests within one month. Complex or multiple requests may necessitate a longer response time, and we will inform you accordingly.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO). We encourage addressing your concerns with us initially before contacting the ICO.

Appendix 2: For individuals not covered by the GDPR

This section supplements the primary Privacy Policy and pertains to individuals residing outside the EU/UK, including those in Australia, the United States, and other locations beyond the UK and EU.

Methods of Personal Information Collection:

In addition to the methods detailed in the core Privacy Policy, we may gather Personal Information directly or indirectly as you engage with us. This includes interactions with our websites and Services, such as Metarush and Myria.

Types of Personal Information Collected:

Beyond the information outlined in the primary Privacy Policy, when you use or visit our Services, we may collect the following types of data, as described in the Cookies Policy:

  • Browser session and geo-location data

  • Device and network information

  • Statistics on page views and sessions

  • Acquisition sources

  • Search queries and browsing behavior

  • IP address

  • Demographic information

  • Information regarding your use and access of our Services, facilitated through Internet cookies

  • Communications with our Services

  • Browser and operating system details

  • Domain name of your Internet service provider

  • Device specifics, including mobile device type, mobile number, and unauthorized third-party applications used, which aids in identifying unfair advantages or cheating in our games.

Collection and Utilization of Personal Information:

In addition to the information covered in the primary Privacy Policy, we may collect, retain, use, and disclose Personal Information for the following purposes:

  • For contractors, suppliers, or service providers collaborating with us, facilitating the management of our relationship with you or your employer, including activities related to our operations or the supply of goods or services.

  • When evaluating employment applications submitted to us.

  • As required or authorized by applicable laws.

Appendix 3: For individuals located in the US

The California Consumer Privacy Rights Act (CCPA) extends specific rights to California residents concerning their personal information. This appendix outlines additional rights granted to residents of California and residents of other US jurisdictions such as Virginia and Colorado, as applicable privacy legislation evolves over time.

Sale or Sharing of Your Personal Information:

We do not engage in the "selling" or "sharing" of your personal information, as defined in the California Privacy Rights Act.

Data Retention:

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting obligations.

Determining the appropriate retention period involves considering factors such as the amount, nature, and sensitivity of the personal information, potential risks associated with unauthorized use or disclosure, the purposes for processing the information, alternative means to achieve those purposes, and applicable legal requirements.

You can request the deletion of your data in certain circumstances, as further detailed in this appendix. Additionally, we may anonymize your personal information for analytics, research, or statistical purposes, enabling indefinite use without notice.

Your Rights to Access, Delete, and Correct:

You have the right to request information about our collection and use of your personal information over the past 12 months. Upon receipt and validation of your request, we will provide a list of your personal information that may have been disclosed and the categories of third parties it may have been disclosed to.

You may request the deletion of personal information collected from you, subject to certain exceptions. After receiving and verifying your request, we will review it and may deny the request if retention is appropriate or if exceptions apply.

You can also request corrections to outdated or incorrect personal information.

If your request is approved, we will delete, correct, or de-identify the relevant information and instruct our service providers to do the same.

Exercising Your Rights to Know, Delete, or Correct:

California residents and residents of other US jurisdictions with relevant privacy laws can exercise these rights by emailing us at privacy@myria.com. Requests can only be made by you or a legally authorized representative.

You may submit a request to know twice within a 12-month period. We aim to respond substantively to a Verifiable Consumer Request within 45 days, unless an extension is necessary, in which case we will inform you of the reason and the extended period.

Non-Discrimination:

Exercising your data subject rights will not result in discrimination against you. We do not charge a fee unless the request is excessive, repetitive, or manifestly unfounded. If a fee is warranted, we will explain our decision and provide a cost estimate before proceeding.

California's Shine the Light Law:

California residents using our Services can request specific information about the disclosure of their provided information through the Services to third parties for direct marketing purposes under California Civil Code Section 1798.83. To make such a request, please email us at privacy@myria.com.

Requests should include "California Privacy Rights Request" in the subject line, along with your name, street address, city, state, and ZIP code. Please note that we are required to respond to one Shine the Light request per consumer per year, submitted via the provided email or mailing address.

Participation in Financial Incentive Programs:

In the event we offer financial incentives for the use of your personal information, we will notify you. Participation in incentive programs is optional, requiring your affirmative opt-in. You can opt out of each program prospectively by following the provided program description and terms.