Introducing the ZK token

Privacy Policy

The Verein zur Förderung des digitalen Ökosystems zkSync ("Association") currently provides a method of access to, and certain information about, ZK Nation, a community and governance system that empowers holders of protocol tokens to drive the continuous development of the ZKsync protocol by allowing the submission of proposals and voting on protocol upgrades and network parameter changes (referred to herein as "ZK Nation") as well as related content and functionality about ZK Nation through websites located at,,,,,,, and, a "Website" and collectively, the "Websites"). For the purposes of this Privacy Policy, "we," "us," and "our" means the Association, and "you," "your," and "user" means any authorized person accessing or using the Website(s).

This Privacy Policy sets forth our practices regarding the confidentiality and disclosure of personal data. Personal data is information that relates to individuals whose identity is identified or identifiable (e.g., name, contact information, billing information, IP address, etc.). Any data provided by you in the course of visiting the Website(s) is subject to this Privacy Policy.


    The controller, as defined in the General Data Protection Regulation ("GDPR"), for the processing of your personal data on this website is:

    Verein zur Förderung des digitalen Ökosystems zkSync

    Wagramer Straße 19/33

    1220 Vienna

    Email: [email protected]


    We may collect and process the following types of personal data:

    • Contact information: such as name, email address, photographic identification, and other contact details;
    • Account information: such as your wallet address, transaction history (contract interactions such as voting and asset transfers), additional information on these transactions (e.g. gas fees, related IP address) and/or past and present wallet balances, GitHub handle and other social media handles;
    • Online activity data: information about how you use the Websites and interact with them, including information associated with any content you upload to the Websites or otherwise submit to us (including especially content related to submitted governance proposals or voting decisions), and information you provide when you use any interactive features of the Websites, such as pages or screens you viewed, how long you spent on a page or screen, browsing history, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them;
    • Marketing information and feedback: such as your preferences for receiving communications about our activities, events, and publications, and details about how you engage with our communications as well as information you provide when you contact us with questions, feedback, product reviews, or otherwise correspond with us online;

    We may process your personal data for the following purposes and on the basis of the legal bases stated in each case:

    • We may use your contact details to answer your general contact requests, questions and feedback and to provide support. For this we need your consent (Art 6 para 1(a) GDPR). Furthermore, with your consent, we from time-to-time send you direct marketing communications that may be of interest to you, including, but not limited to, notifying you of events and governance updates via email. Once you have consented, you always have the right to withdraw your consent, without charge, with effect for the future. For example, you can use the unsubscribe link in our newsletters or send an email to [email protected]. The data will be processed by us until the withdrawal of consent, and then deleted immediately.
    • In order to operate, analyze and improve the website, we may process device data and usage data relating to visits to our website. When you access and use our Website, we collect the personal data that your browser automatically transmits to our server. The processing is based on our legitimate interest (Art 6 para 1(f) GDPR) to provide you with a positive user experience by designing our website accordingly.
    • We may use your personal data for compliance, fraud prevention, and safety to comply with applicable laws, and/or administrative or judicial orders, such as to respond to subpoenas or requests from government authorities. We use your personal data to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Websites; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. In these circumstances, we will process your personal data to either comply with a legal obligation (Art 6 para 1(c) GDPR) or when it is in our legitimate business interests (Art 6 para 1(f) GDPR).
    • In order to prevent third parties from sharing incorrect data and prevent front-running and DDOS attacks on the Website, we will publish your personal data in the form of wallet addresses and GitHub account handles. The processing is based on our legitimate interest (Art 6 para 1(f) GDPR) to ensure technical efficiency of the Website for the airdrop.
    • We process your account information to determine whether you are eligible for a token distribution and to allow you to mint and claim your allocated tokens. Your personal data is processed for the purpose of allowlisting you to participate in the ZKsync airdrop (“initiating and performing the contract” under Art 6 para 1(b) GDPR). Without this data, we will have to refuse to allowlist you for the Airdrop . We store your personal data until the legal retention period under applicable tax and commercial laws has expired. After this period, it will be deleted.
    • We will process your account information and voting behavior for purposes of enabling the governance processes related to ZKsync. The processing is based on contract performance (Art 6 para 1(b) GDPR). We store your personal data until the legal retention period under applicable tax and commercial laws has expired. After this period, it will be deleted.

    You are in no way obliged to provide your personal data. However, failure to provide the data may have disadvantages for you, such as in particular the inability to use our Website. In any case, there will be no automated decision-making (including profiling).


    With regard to the personal data concerning you, you have the right of access (Art 15 GDPR), rectification (Art 16 GDPR), erasure (Art 17 GDPR), restriction of processing (Art 18 GDPR), and the right to data portability (Art 20 GDPR).

    Right to object (Art 21 GDPR)
    In the event that we process your data on the basis of our legitimate interests or those of a third party (Art 6 para 1(f) GDPR), you have a statutory right to object. This can be done informally, for example by written communication to us at Verein zur Förderung des digitalen Ökosystems zkSync, Wagramer Straße 19/33, 1220 Vienna or by e-mail to [email protected].

    Withdrawal of Consent (Art 7(3) GDPR)
    In the event that we process your data on the basis of your consent, you have the unconditional right, at any time, to withdraw the consent you have given, without charge, and with effect for the future. This withdrawal can be made in any form, for example:

    • by clicking unsubscribe at the bottom of an e-mail message;
    • by written notice to Wagramer Straße 19/33, 1220 Vienna;
    • or by e-mail to [email protected].

    We will not share your personal data with any third parties except as provided in this Privacy Policy:

    • We regularly use service providers that provide services on our behalf or help us operate the Websites as our processors, and we have entered into data processing agreements with them in accordance with Art 28 GDPR, to handle: hosting, email delivery, marketing, and database management services. These are:

      • Cloudflare;
      • Tally;
      • Discourse;
      • GitBook.
    • In the case of legal obligations, authorities may receive personal data (e.g. tax authorities).

    • We may disclose your personal data to professional advisors who are obliged to maintain confidentiality and have a special position of trust. In any case, your personal data will only be passed on to third parties to the extent that this is necessary to achieve the stated purposes and in accordance with Art 6 GDPR.


    Before transferring your personal data outside the EU/EEA, we will evaluate the risks beforehand and will only do so if an adequacy decision (such as for Canada, Israel, Japan, Switzerland, UK, USA), or secondarily appropriate safeguards (such as standard data protection clauses or binding corporate rules) exist. If your personal data is transferred to a country for which the EU Commission has not issued an adequacy decision or no certification is in place, we have agreed EU Standard Contractual Clauses (EU SCCs) with the recipient.


    If you have any questions or complaints regarding this Privacy Policy or your personal data we have collected or used, please contact us as detailed in section 1.

    If you are of the opinion that the processing of your personal data is unlawful, you may also contact the Austrian Data Protection Authority or the data protection supervisory authority in another EU member state, in particular where you live or work.


    We may update this Privacy Policy from time to time. We will notify you of material changes by posting those changes here or by notifying you through other appropriate communication channels that we normally use with you. Unless otherwise stated, any changes to this Privacy Policy will be effective immediately upon posting the changes on this website.

    This Privacy Policy was last revised on 20 June 2024.