Bakkt Marketplace Privacy Notice: Effective Date: January 1, 2020
In this Privacy Notice (“Notice”), Bakkt (also referred to as “Bakkt,” “we,” “us,” or “our”) describes the types of personal information we may collect from you in connection with your interaction with us, including when you visit our websites or mobile application, or use our online products, services or content (the “Services”). These Services are available through Bakkt.com, the Bakkt mobile application, and social media pages.
1. Personal Information We Collect
a. Personal information We Collect Directly from You
We collect personal information from you when you use our Services and interact with us (such as speaking with Bakkt representatives). The information we collect may include your name, state or country of residence, date of birth, address, phone number, social security number, account number, job title, company, email address, marketing and communications preferences, and other information you choose to provide us, including information provided when you register with us. In some circumstances, we may be required to collect information such as a government-issued ID, proof of address, photograph(s) (if you elect to provide them to us), and video (if you elect to provide it to us). We may also collect information relating to:
- Records and copies of your correspondence (including email addresses), if you contact us.
- Your responses to surveys, such as those that we might ask you to complete for research purposes.
- Details of transactions you carry out using our Services. You may be required to provide financial information before using our Services.
b. Personal information We Collect Automatically
c. Personal Information We Collect From Third Parties
We also collect information about you from third parties, such as money laundering and fraud prevention information providers, marketing agencies, identity and creditworthiness verification services, and analytics and information providers. We may combine information we collect about you with information from third parties.
2. How We Use Your Information
We use the information we gather to provide services to you and to respond to your inquiries. This includes to:
Provide Services, including to:
- Register, create, and maintain your account;
- Authenticate your identity and/or your access to an account;
- Initiate, facilitate, process, and/or execute transactions;
- Communicate with you regarding your account or any Services you use;
- Perform creditworthiness, fraud prevention or other similar reviews;
- Evaluate applications; or
- Compare information for accuracy and verification purposes.
- Manage our business and protect ourselves, you, other persons, and the Services.
- Provide a personalized experience and implement your preferences.
- Better understand our customers and how they use and interact with the Services.
- Market to you and provide personalized services, offers, and promotions on our websites and on third-party websites.
- Provide you with location-specific options, functionalities, and offers.
- Comply with our policies and obligations, including but not limited to, disclosures made in response to any requests from law enforcement authorities and/or regulators in accordance with any applicable law, rule, regulation, judicial or governmental order, regulatory authority of competent jurisdiction, discovery request, advice of counsel or similar legal process.
- Resolve disputes, collect fees, or troubleshoot problems.
- Provide customer service to you or otherwise communicate with you.
We may also process your personal information to fulfill the purposes for which you provide it, or with your consent.
3. How We Share Information
We may disclose the information we gather to our affiliates and to third parties. For example, we may share information with:
- Service providers and/or data processors: We may share personal information with third party service providers that perform services and functions at our direction and on our behalf. These third party service providers may, for example, provide you with services, verify your identity, assist in processing transactions, or provide customer support.
- Other parties to transactions: We may share information with the other parties to your transactions, including retailers with whom we have partnered to provide the Services.
- Financial Institutions: We may share information with financial institutions involved in carrying out the transactions in which you engage.
Other third parties: We may share information with other third parties for our business purposes or as permitted or required by law, including:
- To comply with any legal, regulatory or contractual obligation, or with any legal or regulatory process (such as a valid court order or subpoena) or with the advice of counsel;
- To market our or their products or services to you;
- To establish, exercise, or defend legal claims or our policies;
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of ourselves, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud prevention and credit risk reduction; or
- In connection with the purchase, sale, merger, consolidation or transfer of all or part of Bakkt’s business.
We may also disclose data to fulfill the purposes for which you provide it, or with your consent.
4. Changes To This Privacy Notice
We reserve the right to modify this Notice from time to time, and, we will notify you of changes to this Notice by revising this Notice and updating the Effective Date above. If you have an account with us, we will notify you of material changes to this notice by e-mail.
5. Your Choices
If you wish to stop receiving marketing communications, you can opt out by emailing us at email@example.com. We may continue to send you non-marketing messages, such as messages relating to your transactions with us.
As of the Effective Date listed above, there is no commonly accepted response for Do Not Track signals initiated by browsers. Therefore, we do not respond to such signals or to other mechanisms that provide the ability to exercise choice regarding the collection of personally identifiable information regarding your online activities over time and across third-party websites or online services.
If you are a registered user of the Services, you may access your personal account information online and make changes by logging into your account.
Bakkt has implemented administrative, physical and technical safeguards designed to protect your personal information. Still, Bakkt cannot guarantee the security or confidentiality of information you transmit to us or receive from us.
7. California Privacy Practices and Your California Rights
If you are a California resident, see the Bakkt California Privacy Rights Addendum below for more information about our privacy practices and your rights under California law.
8. Contact Us
We take your privacy concerns seriously. If you have any questions about this Notice or if you believe that we have not complied with this Notice with respect to your personal information, you may write to firstname.lastname@example.org.
Bakkt California Privacy Rights Addendum
If you are a California resident, the following provisions apply to our processing of information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“California Personal Information”). For such residents, the provisions of this California Privacy Rights Notice prevail over any conflicting provisions of this Notice.
California Personal Information We Collect
We may have collected the following categories of California Personal Information within the last 12 months about you.
- (A) Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
- (B) Personal information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to their name, signature, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, bank account number, credit card number, debit card number, or any other financial information.
- (C) Characteristics of protected classifications under California or federal law (such as race, gender, age, disability status.)
- (D) Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- (E) Biometric information.
- (F) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with a website, application or advertisement.
- (G) Geolocation data.
- (H) Audio, electronic, visual, thermal, olfactory, or similar information.
- (I) Professional or employment-related information.
- (J) Education information that is not publicly available personally identifiable information.
- (K) Inferences drawn from any of the information identified in this subdivision to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Within the next 12 months, within the meaning of the California Consumer Privacy Act, we will likely sell California Personal Information identified in the above categories (A)-(K).
Within the last 12 months, we have disclosed California Personal Information identified in the above categories (A)-(K) for our business purposes. To learn more about the categories of third parties with whom we share such information, please see HOW WE SHARE DATA section of this Notice.
For each of these categories, we obtain California Personal Information from a variety of sources. These sources include: yourself with respect to both online and offline interactions you may have with us or our service providers; other entities with whom you transact business; others with whom you maintain relationships who may deal with us on your behalf; the devices you use to access our websites, mobile applications, and online services; credit bureaus; identity verification and fraud prevention services; marketing and analytics providers; public databases; social media platforms; and others consistent with this Notice. For more information, please see PERSONAL INFORMATION WE COLLECT section of this Notice.
We do not disclose personal information of individuals we know to be under the age of 16 to business or third parties for monetary or other valuable consideration as a “sale” under California law, without affirmative authorization.
Use of California Personal Information
For each of the above categories, we use the California Personal Information we collect for the business purposes disclosed in HOW WE USE YOUR INFORMATION section of this Notice. Please note that the business purposes for which we use your information may include:
- Audits and reporting relating to particular transactions and interactions, including online interactions, you may have with us or others on our behalf;
- Detecting and protecting against security incidents and malicious, deceptive, fraudulent or illegal activity, and prosecuting the same;
- Debugging to identify and repair errors in our systems;
- Short-term, transient use including contextual customization of ads;
- Providing services on our behalf or on behalf of another, including maintaining or servicing accounts, providing customer service, fulfilling transactions, verifying identity information, processing payments, and other services;
- Conducting internal research to develop and demonstrate technology; and
- Conducting activity to verify, enhance, and maintain the quality or safety of services or devices which we may own, control, or provide.
- We may also use the information we collect for our own or our service providers’ other operational purposes, purposes for which we provide you additional notice, or for purposes compatible with the context in which the California Personal Information was collected.
Your California Rights
If you are a California resident, you have certain rights related to your California Personal Information, including:
The right to request that we disclose to you:
- Specific species of personal information we have collected;
- Categories of California Personal Information we have collected about you;
- Categories of sources from which the California Personal Information is collected;
- Our business or commercial purpose for collecting or selling California Personal Information; and
- Categories of third parties with whom we share California Personal Information.
- The right to request that we delete California Personal Information about you which we have collected from you.
- To the extent that we sell your California Personal Information within the meaning of the California Consumer Privacy Act or disclose such information for a business purpose, you may request that we disclose to you the categories of California Personal Information we have collected about you as well as the categories of California Personal Information we have sold, the categories of third parties to whom the California Personal Information was sold, by category or categories of personal information for each third party to whom the California personal information was sold; and the categories of California Personal Information about you that we disclosed for a business purpose.
- The right to opt-out. We may sell your information within the meaning of the California Consumer Privacy Act. You have the right to opt out of such sales here. To submit an opt-out request, please email us at email@example.com
You may request to exercise these rights by:
- Logging in to your account (if you have an account) and submitting a request;
- Emailing us at firstname.lastname@example.org; or
As required under applicable law, please note that we may take steps to verify your identity before granting you access to information or acting on your request to exercise your rights. We may require you to provide additional personal information as necessary to verify your identity in response to exercising requests of the above type. We may limit our response to your exercise of the above rights as permitted under applicable law.
Subject to applicable law, we may not discriminate against you because of your exercise of any of the above rights, or any other rights under the California Consumer Privacy Act, including by:
- Denying you goods or services;
- Charging different prices or rates for goods or services, including through the use of discounts or other benefits or by imposing penalties;
- Providing you a different level or quality of goods or services; or
- Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
- Under California law, you may designate an authorized agent to make a request on your behalf. You may make such a designation by providing the agent with written permission to act on your behalf. As permitted by law, we may require you to verify your own identity in response to a request even if you choose to use an agent. We may deny a request by an agent if they fail to submit proof that they act on your behalf.
If you use assistive technology and the format of this Privacy Notice interferes with your ability to access information, please contact us at Privacy@Bakkt.com. To enable us to respond in a manner most helpful to you, please indicate the preferred format in which to receive the material and provide your contact information.
You may contact us with questions and concerns about our privacy policies or practices by contacting us at email@example.com.
Do Not Sell My Personal Information
If you are a California resident, you have the right to opt out of our sales of certain information relating to individuals and households subject to the California Consumer Privacy Act. To exercise this opt-out right, please login to your account (if you have an account) or, if you do not have an account, please submit the following information to us at firstname.lastname@example.org:
- Your email and mobile phone number.
This California-specific addendum was last updated: January 1, 2020.