This privacy policy (hereinafter the “Privacy Policy”) is effective on September 1st, 2021 (the “Effective Date”)

Modex (Gibraltar) Limited (“us”, “we”, “our” or “Modex”) operates the website and related services available on the website, which are defined in the Terms and Conditions as: Modex Marketplace, Dev Platform (Modex Development Platform), Modex IDE, Modex Academy and Modex Testnet and Modex OAuth (together referred to as the “Services“).

This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Services and the choices you have associated with that data.

We use your data to provide and improve the Services. By using any of the Services, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions for the use of the Modex Platform, accessible from

Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Service to you.

Types of Data Collected

1. Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data“). Personal identifiable information that may provide indications on the identity of a natural person may include, but is not limited to:

  • Email address
  • First name and last name
  • Phone number
  • Address, country, province, ZIP/Postal code, city
  • Cookies and Usage Data

2. Usage Data

We may also collect information on how the Services are accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

3. Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Services and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Services.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept Session cookies, you may not be able to use some portions of our Service. You can learn more how to manage cookies in the Browser Cookies Guide.

Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service.
  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
  • Security Cookies. We use Security Cookies for security purposes.
  • Use of Data

Modex uses the collected Personal data and/or Usage Data for various purposes:

  • To provide and maintain the Services
  • To notify you about changes to our Services
  • To allow you to participate in interactive features of our Services when you choose to do so
  • To provide customer care and support
  • To provide analysis or valuable information so that we can improve the Services
  • To monitor the usage of the Services
  • To detect, prevent and address technical issues

Transfer of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction, however we shall ensure upkeep and maintenance of at least the same level of protection of Personal Data, as applied at the European Union level.

If you are located outside Gibraltar and choose to provide information to us, please note that we may transfer your personal data abroad to states in the European Economic Area (“EEA”) and process it there. The EEA includes the European Union countries as well as Iceland, Liechtenstein and Norway. Transfers outside of the EEA are sometimes referred to as “third country transfers.”

If you use our Services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Modex will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there is adequate control in place including the security of your data and other personal information. This may require us to take certain additional steps to ensure that appropriate safeguards are in place, which may include use of contractual safeguards to allow you to be able to enforce your rights and ensure these are preserved. In certain circumstances, we may need to ask you for your explicit consent and will always do so in writing and giving you full information about why we need your consent and your right to withdraw that consent at any time (together with the consequences of withdrawal).

Adequate safeguards may be provided for by:

  • binding corporate rules between affiliates of Modex;
  • Standard or ‘Model’ data protection clauses in the form of template transfer clauses adopted by a supervisory authority and approved by the European Commission with Modex processors, joint processors or joint controllers;
  • compliance with an approved code of conduct approved by a supervisory authority; relevant for Modex Services or
  • certification under an approved certification mechanism as provided for in the GDPR.

Adherence to the Privacy Shield Framework

Where we use partners based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see further information on the European Commission’s website: click here.

Standard Contractual Clauses

Modex understands, acknowledges and complies with their obligations when transferring data outside EEA or within EEA and applies the requirements for Standard Contractual Clauses approved by the European Comission.

SCCs are standard sets of contractual terms and conditions, which the sender and the receiver of the personal data both sign up to. They include contractual obligations which help to protect personal data when it leaves the EEA and the protection of the GDPR. Modex has implemented template contracts ensuring that any transfer mechanism used will be in compliance with the European legislation.

If you are a California consumer (as that term is defined in the CCPA), this Section may apply to you. Under the CCPA you have the right to opt-out of the “sale” of your Personal Data on a going-forward basis, as “sale” is defined in the CCPA. You may request to exercise this opt-out by sending us an email at [email protected]

You have the right to opt-out of sales, within the meaning of the CCPA, of certain information subject to the CCPA. You are not required to have an account with us to exercise your right to opt-out of the sale of your personal information to third parties. Please submit your request to our email shown above.

We do not knowingly collect personally identifiable information from children under 13. If you are 16 years of age or older, under the CCPA, you have the right to direct us to not sell your personal information any time (the right to opt-out). We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the right to opt-in) from either the consumer, who is between 13 and 16 years old or the parent or legal guardian of a consumer less than 13 years of age. Consumers who opt-in to personal information sales may opt-out of future sales at any time, as described above.

You can ask us to stop sending you marketing messages at any time by contacting us at [email protected] at any time.

Disclosure of Data

Legal Requirements

Modex may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of Modex
  • To prevent or investigate possible wrongdoing in connection with the Services
  • To protect the personal safety of users of the Services or the public
  • To protect against legal liability and/or enforce legal rights

Security Of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Service Providers

The Data Controller of the data collected and processed through the Site is Modex (Gibraltar) Limited.

We employ third-party service providers which provide important functions to us that allow us to be an easier, faster, and safer way to deliver our Services and other business partners. We need to disclose user data to them from time to time so that the Services can be performed.

We have listed in this Privacy Policy the third-party service providers and business partners to whom we may disclose your data, together with the purpose of disclosure and type of information disclosed:

Third party service providerRole in relation to Modex (Gibraltar) Ltd.Personal Data processedCommentsReason for data transfer isWhich in detail means Data is transferred to countryData retention period Right to be forgotten request form a user is directed to
Amazon Web ServicesprocessorPERSONALcloud server’s providerholds application entire architecture, including the database
offers S3 Bucket service, where media files (like document links and user profile photos) are kept
USas long as the application is liveN/A – data is controlled by Modex (Gibraltar) Ltd.
Mandrill (Mailchimp)processorPERSONALonly Full Name and Emailemailing servicesused to send any application automatic email from an address owned by an application domain to a user or to an address owned by an application domainUS

30 days – for delivered message
90 days – for bounced message data

N/A – for automatic messages sent from the application
[email protected] – when is about a request to not receive Marketing emails anymore

By accepting this Privacy Policy and maintaining an account with us, you expressly consent to the transfer of your data to those third parties for the purposes listed.

We reserve the right to update the list of third-party service providers. We acknowledge that we will only start transferring any data to any of the new entities or for the new purposes or data types indicated in each update after 30 days from the date when that list is made public through this Privacy Policy.

You should review the list regularly in order to become acquainted with the new list of recipient entities. If you do not object to the new data disclosure, within 30 days after the publication of the updated list of third parties, you are deemed to have accepted the changes to the list and to this Privacy Policy. If you do not agree with the changes, you may close your account and stop using our Services.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. When disclosing, we ensure protection of Personal Data by concluding data processing agreements.

Legal Basis for Use of Personal Data

You understand that we use your Personal Data under two legal bases: (i) your specific consent as laid out above and under the legal basis, which speaks about our legal and regulatory responsibility to utilize your Personal Data to satisfy its legal requirements and/or (ii) the legitimate interest that allows us to process such Personal Data and information, only to the extent required to provide you with the Services on the Site, as described herein.


We may use third-party Service Providers to monitor and analyze the use of our Service:

How long do we store Personal Data?

The Personal Data that is required to be given by you is retained/stored for a period for as long you are using the Services and are a registered used on our website and for an additional period of up to the statutes of limitation period in case of claims for damages and to the extent we are required under the applicable laws to store and archive such Personal Data.

When exporting the data and information that you provide to us, we shall use an appropriate export solution that allows delivery of data and information in a structured way to you. When doing so, you are entitled to (i) obtain a copy of the solution, (ii) the source of the data (if not the data subject him/ herself) and (iii) whether obtained from a public source, and (iv) more information on wholly automated processing.


You are at any time entitled to:

  • have Personal Data pertaining to you transmitted to you or another controller in a commonly used machine-readable format (data portability);
    • ask that we provide you with a confirmation on the fact that we process or not Personal Data pertaining to you and in a positive case, access to those data and information on how the Personal Data is stored. Such right may be exercised gratuitously once per year (access right).
    • ask that your Personal Data is being erased, without any undue delay, in any of the following cases, or when these are no longer required for the purposes for which they have been initially collected or processed; he/she withdraws his/her consent and there is no other legal ground to process the personal data; he/she objects against the processing of the Personal Data and there are no legitimate interests prevailing; Personal Data have been illegally processed; Personal Data must be erased in order to comply with a legal obligation; Personal Data have been collected solely for the purpose of offering services of information technology (right to be forgotten);
    • oppose the storage and processing of Personal Data, when the processing is only required for the fulfilment of a task which serves a public interest or when it serves a legitimate interest of the undersigned. When the undersigned processes Personal Data in the scope of direct marketing, you may oppose such processing at any moment (right to oppose);
    • request more information about our automated processing capabilities (export solution, storage limits) through a subject access request and we are obliged to provide this information in a commonly used electronic form;
    • require data to be marked as restricted whilst complaints are resolved;
    • be notified without undue delay in the case of breach in the protection of your Personal Data.

Should we receive such notice on the exercise of your rights, we must be taken action within maximum one month of having received your request. Please refer such requests to the contact details under the “Contact Us” section below.

Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Children’s Privacy

Our Service does not address to anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the Effective Date specified at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Law and Jurisdiction

This Privacy Policy shall be governed exclusively by the laws of the Gibraltar. All Services shall be deemed to have taken place at the head office of Modex (Gibraltar) Limited. The courts of Gibraltar shall have exclusive jurisdiction for settling disputes arising from this Privacy Policy and both parties submit to this jurisdiction.

Contact Us

If you have any questions about this Privacy Policy, please contact us: