miner_policy.md

Macrocosmos Miner Data Compliance Policy

Version 1.0, March 2025

---

Introduction

As a miner on Macrocosmos Subnets, you play a crucial role in handling various types of data. This summary outlines your potential obligations under the UK General Data Protection Regulation (UK GDPR) should you inadvertently collect personal data, and the expectations regarding prohibited content and acceptable use of Macrocosmos subnet code. We expect any participant (however they may define themselves or their involvement) in our subnet ecosystems to adhere to the guidelines set out in this policy. Deliberate and consistent violation of these guidelines may result in Macrocosmos seeking to limit your ability to participate, support for your participation and/or your incentive rewards. Miners and all other participants are responsible for their own legal and regulatory compliance procedures and are encouraged to seek advice if in any doubt as to how to proceed. Macrocosmos is available to provide informal guidance if required (see contact information below).

1. Your Responsibilities Under UK GDPR

While Macrocosmos does not directly collect or process data, and seeks to avoid incentivising any collection or interaction with personal data, as a miner, you may be subject to GDPR obligations if your activities result in the inadvertent or accidental collection of personal data. We recommend that you put in place appropriate policies and procedures to accommodate this eventuality and set out below a summary of key responsibilities:

1. Lawful Basis for Processing
   • You must ensure there is a lawful basis for collecting and processing any personal data (e.g., consent, legitimate interests, or legal obligation).
2. Transparency
   • Inform individuals about how their data is being collected, processed, and stored.
   • Provide clear privacy information, including the purpose and lawful basis for processing.
3. Data Minimization
   • Only collect and process data that is strictly necessary for your stated purpose.
   • Avoid collecting sensitive personal data unless absolutely required and lawful.
4. Upholding Individuals’ Rights
   • Be prepared to handle requests or objections from individuals regarding their right to access, rectify, limit processing of or delete their personal data in compliance with GDPR.
5. Data Security
   • Implement robust security measures to protect any data you collect from unauthorized access or breaches.
   • Ensure encryption and secure storage practices are in place.
6. Breach Reporting
   • Notify the appropriate data protection authority (e.g., ICO) within 72 hours of becoming aware of a personal data breach.

2. Prohibited Content

As a miner, you are strictly prohibited from collecting, processing, or transmitting the following types of content:

1. Illegal Content

   • Child abuse material or exploitation.
   • Hate speech, extremist propaganda, or content inciting violence.
   • Content related to human trafficking or modern slavery.

2. Copyrighted Material

   • Content protected by copyright unless you have explicit permission or a valid license to use it.

3. Explicit or Harmful Content

   • Pornographic or explicit imagery.
   • Content promoting self-harm, suicide, or drug abuse.

4. Acceptable Use Expectations Macrocosmos expects all miners to: Comply with platform-specific terms of service and relevant laws, including GDPR. Use Macrocosmos subnets for ethical and lawful purposes only. Regularly review and update your data collection and processing practices to ensure compliance with legal and ethical standards. Immediately cease processing any flagged or prohibited material and report concerns to the appropriate authorities where required.

5. Commitment to Support Macrocosmos is committed to supporting miners in understanding and meeting their GDPR obligations. To help you navigate these requirements and ensure compliance, we provide the following guidance and resources:

GDPR Guidance and Resources

1. Overview of GDPR Requirements
   • The UK Information Commissioner’s Office (ICO) provides a comprehensive guide to GDPR obligations, including lawful bases for processing, data minimization, and security requirements:
   • ICO Guide to GDPR
2. Lawful Basis for Processing Data
   • Understand the six lawful bases for processing personal data as defined under GDPR:
   • ICO Lawful Basis Guide
3. Transparency and Privacy Notices
   • Guidance on providing clear and accessible privacy notices to individuals:
   • ICO Privacy Notice Checklist
4. Handling Data Subject Rights
   • Information on responding to requests from individuals to access, rectify, or delete their personal data:
   • ICO Individual Rights Guide
5. Data Security and Minimization
   • Best practices for securing personal data and ensuring data minimization:
   • ICO Security Guidance
6. Reporting Data Breaches
   • Guidance on recognizing and reporting data breaches to the ICO within the required 72-hour window:
   • ICO Guide to Data Breach Reporting

General Resources

1. UK GDPR Key Definitions
   • A quick reference guide to key GDPR definitions and principles:
   • ICO Key Definitions
2. Data Protection Impact Assessments (DPIAs)
   • Information on when and how to conduct a DPIA for high-risk data processing activities:
   • ICO DPIA Guidance
3. FAQs on GDPR Compliance
   • Practical answers to common GDPR compliance questions:
   • GDPR FAQs from the European Data Protection Board

Support from Macrocosmos

1. Regular Updates and Communication
   • Macrocosmos will provide updates on GDPR-related requirements and best practices through periodic communications.
2. Consultation Support
   • If miners have specific questions or require clarification on GDPR obligations, Macrocosmos offers a support channel to address these concerns: [email protected]
3. Training Materials
   • Macrocosmos may share training materials and resources from time to time to help miners enhance their understanding of GDPR compliance.