Personal Data and Privacy Policies

Following are the privacy policies of Algorand Foundation and CoinList. Where there is any conflict, Algorand Foundation's policy controls.

Algorand Foundation Personal Data and Privacy Policies

Effective Date: May 23, 2019

1. General Privacy Policy

The issuer of the Algorand Tokens (“Tokens”) and the corporate entity launching the Algorand Blockchain Network (altogether “Service”) is Algorand Foundation Ltd., a company limited by guarantee incorporated in Singapore with its registered address at 1 George Street, #10-01, One George Street, Singapore (049145) (the “Foundation”). Please note that we take the protection of your personal data very seriously. We treat your personal data confidentially and according to the prevailing legal data protection regulations and this privacy policy (this “Privacy Policy”).

Your provision of personal data, such as names, addresses or e-mail addresses, is strictly on a voluntary basis. However, if you choose not to provide, or to permit the use, disclosure and/or processing of, the personal data we require, it may not be possible for us to provide you with the information, products and/or services you want. Subject to the terms of this Privacy Policy, this data will not be passed on to third parties without your permission or without being required by law.

However, we would like to point out that data transmissions via internet (e.g. e-mail communication) cannot be entirely secure and may have security vulnerabilities. A complete protection of personal details against unauthorised access by third parties is not possible.


1.1 Database requests

In order to comply with international sanctions and applicable regulation for securities and to fight money-laundering or the financing of terrorism, we may need to check any personal data provided by you against publicly available databases.

1.2 Contact form

We use Hubspot for contact form management and by submitting forms, you acknowledge and agree that the information you provide will be transferred for processing in accordance with their prevailing terms, conditions and privacy policies. If you send enquiries to us via these forms, your data entered into the contact form, including the stated contact data, are stored for the purpose of dealing with your enquiry and in case of additional enquiries.

1.3 Newsletter

We may issue newsletters to you to give updates on the Service. If you would like to receive the newsletter offered on this Service, we require your email address as well as information which allow us to check that you are the owner of the provided email address and that you agree to receiving the newsletter. Further data may also be collected, if necessary. We use those data exclusively for the conduct of checks as mentioned above and the sending of the requested information. Subject to the terms of this Privacy Policy, we do not transmit such data to third parties.

The given permission to the storage of the data, the email address as well as the use of such for the purpose of sending the newsletter can be withdrawn at any time via the "Unsubscribe" link within the newsletter.

1.4 Processing of data (customer data and contract data)

We collect, process, use and disclose personal data about the use of our Service (usage data) insofar it is necessary for enabling, improving or updating information on the use of the Service.

In addition, you acknowledge that the purpose of this Service is to provide information about the Foundation, the Service and the Auctions . If you wish to submit or have submitted personal data to us for the purpose of being registered for participation in the Auctions and/or as a potential acquiror of Tokens, you consent to our collection, processing, use and disclosure of such personal data for the purposes of such registration and also the issuance of Tokens for the purposes of the Auctions.

We also reserve the right to monitor, check and process your personal data if necessary to investigate or obtain evidence concerning any complaint, claim or dispute or any actual or suspected illegal or unlawful conduct or to aid in such investigation or evidence gathering by any law enforcement or regulatory authorities.

We may also collect, process, use and disclose personal data where required or permitted by law for any purpose.

Notwithstanding anything to the contrary in this Privacy Policy, we may disclose personal data to third parties in order to achieve any purposes stated herein. The third parties include:

  • our service providers and contractors, including third party vendors that provide data processing or management services;
  • our business partners and affiliates;
  • other holders or users of Tokens;
  • the Auction Operator or any person or entity involved in the payment for Tokens or Services provided to you; and
  • law enforcement authorities, regulatory authorities, statutory bodies or public agencies for the purposes of complying with their requirements, policies, directives or requests.

1.5 Transmission of data on contract conclusion for services and digital contents

Except as otherwise stated in this Policy above or expressly agreed on, we transmit personal data to third parties only if it is necessary in relation to the Service including transmitting data to the commissioned credit institution in charge with the payment.

1.6 Data processors

For the purposes of the Auctions, we have contracted authorized data Processors to process your personal data on our behalf for the given purposes herein. The personal data you provide may be processed outside Singapore in accordance with applicable data protection law(s).

  1. Data processor: CoinList:

For further information, please see CoinList Terms of Service and CoinList Privacy Policy.

1.7 Commercial use policy

Only in the event and for the time that you give us your consent, we will use your personal data and/or transmit it to our business partners and affiliates of Algorand Foundation in order for us or our business partners to inform you via e-mail about upcoming opportunities or to market and promote our respective products and services.

You may view, withdraw and (re-)give your declaration of consent at any time by sending an e-mail to the provider of this Service. To withdraw your consent, you may also contact us under the address published in the footer of the e-mail/imprint/legal notice.

1.8 Right of access to and correction of personal data

You have the right to be informed about your personal data in our possession or under our control, their origin and addressee and the purpose of data processing as well as the right to correction of those data at any time. For further questions and questions concerning personal data, feel free to contact us under the address published in the imprint/legal notice or send an email to : [email protected].

1.9 Objection to commercial mails

The providers of this Service or the information, products or services featured on this Website may publish their contact information in the Footer of e-mails/Legal Note/Imprint. The use of such contact information by third parties for the purpose of distributing unsolicited advertisements or other commercial information is prohibited. The operators of this Service reserve the right to take legal measures in case of being sent unsolicited commercial information, e.g. spam mails etc.

1.10 Amendment of this privacy policy

We may amend this Privacy Policy from time to time and will make available the updated Privacy Policy via this website. Each time we collect, process, use or disclose personal data, the latest version of this Privacy Policy in force at the time will apply.

2. Privacy Policy EU

The Foundation (or, “we”, “us” or “our”) is a Singapore based public company limited by guarantee having its registered address at 1 George Street, #10-01, One George Street, Singapore (049145). Its mandate is to ensure open access to the Algorand blockchain technology, mint and launch the Algo Tokens (“Tokens”), provide long-term governance, community and ecosystem, and be a custodian of funds raised (the “Services”).

The Foundation is committed to demonstrating the highest level of integrity in dealing with our customers, Token holders, investors and other business partners. When you are using the Foundation’s Services and electronic media, we may collect, process and/or disclose data that identify you or make you identifiable (“Personal Data“) in accordance with this privacy policy (“Policy”). Further, we may either receive your Personal Data directly from you when you are sending e-mails to us or provide your Personal Data otherwise in the course of other interactions with us, or indirectly from third parties who legally provide your Personal Data to us.

This Policy is meant to inform you, which Personal Data we collect, store, process, use and/or disclose, for which purposes and on which legal basis. We further inform you about your rights to protect your Personal Data.

This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of Personal Data, or changes in applicable law. We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make in accordance with the terms of this Policy. Your continued use of our Services or website constitutes your agreement to be bound by this Policy, as amended or updated from time to time.

2.1 Consent to international transfer in countries with lower level of data protection

If you do not wish your Personal Data to be transferred to third countries outside the EU/EEA, please do not tick the consent box and do not send any Personal Data to the Foundation.

Please note that the Foundation collects your Personal Data directly from the country where you are based and may store it on servers outside EU/EEA, which may be operated by third party service providers. The Foundation needs to involve the third party service providers due to their legitimate interests in having a secure and sufficient data storage system. The Foundation chooses the respective third party service providers with due care and pays attention that such service providers respect the applicable privacy laws, are aware of the importance of protection of personal data and implement “state-of-the-art” technical and organizational measures. Therefore, your potential interests in not transferring your personal data do not outbalance the legitimate interest of Algorand Foundation.



In the rare circumstances where we ask for your consent to process your Personal Data, any consent is provided freely. If you give your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of Processing based on consent before its withdrawal. After your withdrawal we will stop to Process your Personal Data, including storage. This paragraph is only relevant for Processing that is entirely voluntary – it does not apply for Processing that is necessary or obligatory in any way. To withdraw your consent, please send us an e-mail to [email protected] or send a letter to Algorand Foundation Ltd, 1 George Street, #10-01, One George Street, Singapore (049145).

2.2 Which Personal Data we process

For the purposes of providing the Services and the conducting of the Auctions, the categories of Personal Data about you that we or our authorized third party data Processors may Process include:

  • Personal details: name, gender, date of birth / age, nationality, passport or national ID number, social security number, tax identification number;
  • Contact details: address, e-mail address, telephone number, social media account details;
  • Financial details: bank information for payments, credit card information for payments, utility bill, credit report, other financial details with respect to ‘Accredited Investor’ verification;
  • Corporate details: name, place of registration, registration number, transparency register number, details with respect to articles of association and other similar documents / certificates, details with respect to shareholders and/or beneficial owners (including their personal and contact details);
  • technical information of your device which you use for orders and communication (cell phone, tablet, notebook, personal computer, etc. (e.g. IP address),
  • log in information (e-mail address, password); and
  • your public cryptocurrency wallet address.

2.3 How we collect your Personal Data

We may collect Personal Data about you from the following sources:

  • When you contact us via e-mail, telephone or by any other means;
  • We may collect your Personal Data in the ordinary course of our relationship with you;
  • When we provide you with access to the Algorand blockchain protocol;
  • Where you have manifestly chosen to make such Personal Data public, including via social media profiles;
  • When we receive your Personal Data from third parties who legally provide it to us, such as credit reference agencies or law enforcement agencies;
  • When you visit any of our websites or use any features or resources available on or through our websites. When you visit our website, your device and browser may automatically disclose certain information (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to a website and other technical communications information), some of which may constitute Personal Data;
  • When you submit your resume/CV to us for a job application;
  • When you acquire the Tokens; and
  • When you are participating in the Auctions (as defined which is accessible at the Auction Terms).

2.4 Creation of Personal Data

In the course of your interaction on the Algorand blockchain platform, we may also create Personal Data about you, such as records of your interactions with us and details of your transaction history.

2.5 For which purposes we use your Personal Data

We use your Personal Data to provide, maintain and improve our Services, to grant you access to Algorand blockchain and enable you the use of the Tokens. For marketing purposes, we use your Personal Data only if and as long as we have received your explicit prior consent and in accordance with respectively applicable additional legal requirements in your jurisdiction. We do not sell your Personal Data to third parties.

In addition, you acknowledge that the purpose of our Service is to provide information about the Project and the Auctions . If you submit Personal Data to us or our authorized Processors for the purposes of participation in the Auctions and/or as a potential acquiror of the Tokens, we will collect, process and disclose such personal data for the purposes of registration for the Auctions and also the issuance, distribution, use and circulation of or exchange for the Tokens.

2.6 Lawful basis for Processing Personal Data

In Processing your Personal Data in connection with the purposes set out in this Policy, we may rely on one or more of the following legal bases, depending on the circumstances:

  • we have obtained your explicit prior consent to the Processing (this legal basis is only used exceptionally in relation to Processing that is entirely voluntary – it is not used for Processing that is necessary or obligatory in any way);
  • the Processing is necessary in connection with any contractual relationship that you may enter into with us;
  • the Processing is required by applicable law;
  • the Processing is necessary to protect the vital interests of any individual; or
  • we have a legitimate interest in carrying out the Processing for the purpose of managing, operating or promoting our business, and that legitimate interest is not overridden by your interests, fundamental rights, or freedoms.

When we are involving third party Processors into the performance of our services and contractual obligations and such involvement requires the sharing of Personal Data, we have entered with our third party Processors into data processing agreements according to Art. 28 of the European General Data Protection Regulation (“GDPR”) and, as far as required, further appropriate safeguards according to Art. 46 – 49 GDPR. The list of third party Processors to which we disclose your Personal Data can be requested by e-mail to [email protected]

Specifically we can already name the following Processors:

  1. Data processor CoinList:

Our data processor CoinList Services LLC, 850 Montgomery Street, Suite 350, San Francisco, CA 94133 (“CoinList”), is processing personal data on our behalf including for customer identification, anti-money-laundry, accreditation, and contribution purposes.

For further information, please see CoinList Terms of Service and CoinList Privacy Policy.

Categories of third parties “Non-Processors” to whom we may disclose your Personal Data.

We may also disclose your Personal Data to third parties who are not Processors in terms of Art. 28 of the GDPR. The categories of such Non-Processors are:

  • banks, credit agencies and other financial and/or payment service providers
  • our group affiliates (list of which can be found requested by email: [email protected]
  • other holders or users of Algo Tokens
  • IT-service providers

2.7 Processing your Sensitive Personal Data

We do not seek to collect or otherwise Process your Sensitive Personal Data, except where:

  • the Processing is required or permitted by applicable law (e.g., to comply with our diversity reporting obligations);
  • the Processing is necessary for the detection or prevention of crime (including the prevention of fraud);
  • the Processing is necessary for the establishment, exercise or defence of legal rights; or
  • we have, in accordance with applicable law, obtained your explicit consent prior to Processing your Sensitive Personal Data (as above, this legal basis is only used in relation to Processing that is entirely voluntary – it is not used for Processing that is necessary or obligatory in any way).

2.8 Consequences if we may not collect your Personal Data

We need your Personal Data to provide our Services to you and/or perform our contractual obligations towards you. Without providing such Personal Data, we may not be able to provide you the services you are intending to receive.

2.9 Consent and withdrawal

Any consent is provided freely. If you give your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of Processing based on consent before its withdrawal. After your withdrawal we will stop to Process your Personal Data, including storage. This paragraph is only relevant for Processing that is entirely voluntary – it does not apply for Processing that is necessary or obligatory in any way.

To withdraw your consent, please send us an e-mail to [email protected] or a letter to Algorand Foundation Ltd, 1 George Street, #10-01, One George Street, Singapore (049145).

2.10 Cookies

We may use cookies from time to time. A Cookie is a unique text file that a Web site can send to your browser software. Cookies do not include any Personal Data. We may use Cookies to identify the browser you are using so that our website displays properly. We also use cookies in various places on our website in order to document your visit to our website and allow for a more efficient website design.

If you do not want to allow us to use Cookies, you can disable Cookie installation via your browser setting or refuse the installation of Cookies when prompted to this effect. You also have the option of deleting Cookies from your computer’s hard disk at any time. The Cookies will be deleted automatically after the web session of the browser ended.

2.11 Marketing Activities

In case you consented to receiving information / newsletters from us, we may transfer your Personal Data to our business partners in order for us or our business partners to inform you via e-mail about upcoming opportunities and promote our respective products and services.

2.12 Links to Business Partner and Co-Branded Sites

Certain links contained on Algorand Foundation web sites may direct you to co-branded web sites maintained by Algorand Foundation or to companies which Algorand Foundation has established business relationships. When you submit information to one of these co-branded sites or partner companies, you may be submitting it to both Algorand Foundation and these business partners. Under no circumstances may Algorand Foundation be held responsible for the privacy practices of these business partners and we therefore strongly encourage you to read their respective privacy policies as they may differ from ours.

2.13 When we erase your Personal Data

We erase your Personal Data automatically when they are no longer required for the purposes listed above. We also erase your Personal Data according to your request and if further storage is neither required nor permitted by applicable laws.

2.14 Your rights related to data privacy

You have the right to request access to and rectification or erasure of your Personal Data, or restriction of their Processing. Furthermore, you have the right to object Processing as well as to request data portability. If you are in the EU you have the right to file a complaint to the responsible European Data Protection Authority.

2.15 Our contact information, Data Controller

If you have a direct business relationship with us, we are Data Controller according to Art. 4 para. 7 GDPR. For any requests you can contact us as follows:

1 George Street, #10-01, One George Street, Singapore (049145)

Our data privacy officer is John Bridgewater and you can contact us as follows: [email protected]

We may process your data on behalf of a contract partner of yours (e.g. internet-shop, vendor, seller, service provider). In this case, the privacy policy of your partner applies. Please contact your contract partner for more information.

2.16 Definitions

  • ‘Controller’ means the entity that decides how and why Personal Data is Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.
  • ‘Data Protection Authority’ means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws.
  • ‘EEA’ means the European Economic Area.
  • ‘Personal Data’ means information that is about any individual, or from which any individual is identifiable. Examples of Personal Data that we may Process are provided above in this Policy.
  • ‘Process’, ‘Processing’ or ‘Processed’ means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • ‘Processor’ means any person or entity that Processes Personal Data on behalf of the Controller (other than employees of the Controller).
  • ‘Services’ means any services provided by Algorand Foundation.
  • ‘Sensitive Personal Data’ means Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, or any other information that may be deemed to be sensitive under applicable law.

CoinList Privacy Policy

LAST UPDATED: May 21, 2019

Amalgamated Token Services Inc. dba CoinList, together with its affiliates ("CoinList", "we", "us") values the privacy of individuals who visit our investment platform, available at and any of our other websites, applications, or services that link to this Privacy Policy (collectively, the "Service"). The Service allows accredited and other investors ("Investors") to make investments in token sales by blockchain companies ("Token Developers"). This Privacy Policy ("Policy") is designed to explain how we collect, use, and share information from users of the Service, including Investors and Token Developers. This Policy is incorporated by reference into our Terms of Service. By agreeing to this Policy in your account setup or by using the Service, you agree to the terms and conditions of this Policy.

Information We Collect

Information You Provide to Us

We collect any information you provide to us when you use the Service. You may provide us with information in various ways on the Service.

Registration : If you register with us or one of our customers as an Investor, you are required to provide us with your name and email address and to designate a password. In order to participate in certain token sales as an Investor, we also require certain information to confirm your status as an accredited investor. For example, Investors hoping to participate in a token sale in an individual capacity, and not on behalf of a corporation or trust, must provide their full name, social security number, phone number, address, date of birth, and proof of required assets (such as an asset appraisal) or income (such as tax filings or pay stubs). More information regarding investor accreditation is available here. We may also require Investors to complete a short questionnaire regarding their interest in specific types of token sales.

Token Developers will provide us with information about their project and token offering, certain of which will be provided to potential Investors to assist in making an investment decision.

Financial Information : Investors may invest in token sales using traditional currency and/or cryptocurrency. To facilitate these transactions we will collect necessary financial information, such as your bank's routing number and your account number.

Communications : If you contact us directly, we may receive additional information about you. For example, when you email our Customer Support Team, we will receive your email address, the contents of a message or attachments that you may send to us, and other information you choose to provide.

Information We Collect Automatically From Your Use of the Service

When you use our Service, we may collect information from you through automated means, such as cookies, web beacons, and web server logs. By using the Service, you consent to the placement of cookies, beacons, and similar technologies in your browser and on emails in accordance with this Policy. The information collected in this manner includes IP address, browser characteristics, device IDs and characteristics, operating system version, language preferences, referring URLs, and information about the usage of our Service.

We may use this information, for example, to ensure that the Service functions properly, to determine how many users have visited certain pages or opened messages, or to prevent fraud. We also work with analytics providers which use cookies and similar technologies to collect and analyze information about use of the Service and report on activities and trends. If you do not want information collected through the use of cookies, there is a procedure in most browsers that allows you to automatically decline cookies or be given the choice of declining or accepting the transfer to your computer of a particular cookie (or cookies) from a particular site. You may also wish to refer to If, however, you do not accept cookies, you may experience some inconvenience in your use of the Service.

How We Use Your Information

We may use the information we collect:

  • To verify the identity and accreditation status of investors, which may include conducting a soft pull on your credit history, and to facilitate investments in listed tokens.
  • To operate, maintain, enhance and provide features of the Service, to provide services and information that you request, to respond to comments and questions, and otherwise to provide support to users.
  • To understand and analyze the usage trends and preferences of our users, to improve the Service, and to develop new products, services, features, and functionality.
  • To contact you for administrative or informational purposes, including by providing customer service or sending communications, including changes to our terms, conditions, and policies.
  • For marketing purposes, such as developing and providing promotional and advertising materials that may be useful, relevant, valuable or otherwise of interest.
  • To personalize your experience on the Service by presenting tailored content.
  • We may aggregate data collected through the Service and may use and disclose it for any purpose.
  • For our business purposes, such as audits, security, compliance with applicable laws and regulations, fraud monitoring and prevention.
  • To enforce our Terms of Service or other legal rights.

How We Share Your Information

We may disclose information that we collect through the Service to third parties in the following circumstances:

  • To credit bureaus and other third parties who provide Know Your Customer and Anti-Money Laundering services, including verifying users as accredited investors.
  • Information collected from and about Investors may be shared with Token Developers to facilitate Investor directed investments.
  • To our third party service providers who provide services such as website hosting, data analysis, customer service, email delivery, auditing, and other services.
  • To a potential or actual acquirer, successor, or assignee as part of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in bankruptcy or similar proceedings).
  • If required to do so by law or in the good faith belief that such action is appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

In addition, we may use third party analytics vendors to evaluate and provide us with information about your use of the Service. We do not share your information with these third parties, but theses analytics service providers may set and access their own cookies, pixel tags and similar technologies on the Service and they may otherwise collect or have access to information about you which they may collect over time and across different websites. For example, we use Google Analytics to collect and process certain analytics data. Google provides some additional privacy options described at

We may use and disclose aggregate information that does not identify or otherwise relate to an individual for any purpose, unless we are prohibited from doing so under applicable law.

Third Party Services

We may display third-party content on the Service. Third-party content may use cookies, web beacons, or other mechanisms for obtaining data in connection with your viewing of and/or interacting with the third-party content on the Service. This Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Service link. The inclusion of a link on the Service does not imply endorsement of the linked site or service by us or by our affiliates.


We use certain physical, organizational, and technical safeguards that are designed to maintain the integrity and security of information that we collect. Please be aware that no security measures are perfect or impenetrable and thus we cannot and do not guarantee the security of your data. It is important that you maintain the security and control of your account credentials, and not share your password with anyone. In addition, we offer our users two-factor authentication which is designed to protect their account.

Your Choices

You may, of course, decline to share certain information with us, in which case we may not be able to provide to you some of the features and functionality of the Service. From time to time, we send marketing e-mail messages to our users. If you no longer want to receive such emails from us on a going forward basis, you may opt-out via the "unsubscribe" link provided in each such email.

Use of Service by Minors

The Service are not directed to individuals under the age of eighteen (18), and we request that they not provide personal information through the Service.

International Cross-border Data Transfer

CoinList uses servers hosted in the United States. Please note that we may be transferring your information outside of your region for storage and processing in the United States and around the globe. By using the Service you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.

Updates to this Privacy Policy

We may make changes to this Policy. The "Last Updated" date at the top of this page indicates when this Policy was last revised. If we make material changes, we may notify you through the Service or by sending you an email or other communication. We encourage you to read this Policy periodically to stay up-to-date about our privacy practices. Your use of the Service following these changes means that you accept the revised Policy.

U.S. Consumer Privacy Notice

Companies choose how they share your personal information. Under federal law, that means personally identifiable information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read the U.S. Consumer Privacy Notice, available here, carefully to understand what we do.

Contact us

If you have any questions about this Policy, please contact us at [email protected].

For your security, please re-enter your password.
Your CoinList account password