Edition: 25.09.2022
The structure of this document (You can navigate through the document using active links and search for the information
you need in the text):
This document is divided into 2 parts: a detailed text version (on the right) and a summary of the sections (on the
left), which briefly and more clearly explain the content of the section.
Summary |
In detail |
This document explains what data is processed in connection with your use of the blockbank service. It also explains how we receive and use your data, where we store it and how we protect it. | We want the use of our service to be as secure as possible for your personal data, so your privacy is a priority for us. By blockbank service (hereinafter referred to as the “Service”) are understood any of its components:
It explains how and why we process your personal data, as well as how you can control it and stop it from being processed. This Privacy notice applies to all personal data that we receive when using the Service. Please carefully read this document. This is because using the Service implies that you fully understand and accept the terms of use of your personal data without any conditions, exceptions, or reservations. If you do not accept the terms of this document (in general and / or in part) or do not agree with the terms of use of personal data, we ask you not to use the Service. If you disagree with the terms of the Privacy notice, further use of the Service and its components is not allowed. |
Some terms |
|
Some terms that can be seen in this document:Automated decision-making is a decision that our system makes automatically due to its specific algorithm and without human participation. Processor (vendor) – companies and third-party services that help our service work (for example, a payment system, a message sending service, etc.). |
Some terms that can be seen in this document:Automated decision-making is a decision that our system makes automatically due to its specific algorithm and without human participation. We don’t use any algorithms to make any decision that would significantly affect you. Processor (vendor) – a company that we attract to perform on our behalf certain actions necessary for the operation of the Service and related to the processing of your personal data (for example, a payment system, a message sending service, etc.) |
About us and our contacts |
|
Our company, which is responsible for processing your personal data using the Service, is called UAB HODL SERVICES and is located in Lithuania at the address: J. Savickio g. 4-7, Vilnius, 01108
Contacts of our Data protection officer:1) e-mail: dpo@blockbank.ai |
UAB HODL SERVICES is the administrator of the Service and the controller of personal data processed in accordance with this notice.
Our address: J. Savickio g. 4-7, Vilnius, 01108, LT. If you have any questions about this Notice or questions about our processing of your personal data, we hope that you contact us and we will be able to resolve your issue. You can contact our Data protection officer using: 1) email: dpo@blockbank.ai or We will send responses to your requests to the e-mail address specified by you during registration in the Service or in any other form, at your wish. You can also contact the Lithuanian Supervisory Authority. |
Age restriction |
|
You can use the Service only when you reach a certain age. The minimum age for using the Service is 18 years.
We will delete the data of a user whose age does not meet our age requirements as soon as we become aware of this. |
The Service can only be used by users who are minimum 18 years old If you are under the minimum age, please do not use the Service and do not provide us with your personal data.
If we become aware that personal data of users who have not reached the minimum age has been obtained through the service, we will immediately take all possible measures to delete such personal data and account. If you are aware that the App is being used by a person under the age of consent, please contact us using any of the methods described in Section About us and our contacts, and we will take the necessary steps to delete the corresponding information and / or account. |
Your rights and how to exercise them |
|
You have a number of rights in relation to your personal data:
a) to access them |
Your rights in relation to your personal data:
a) The right to access personal data We provide you with the opportunity to access your personal data that is processed by the service. You can request information about what your personal data is processed by us and to what extent by sending us a request *. b) Right to rectification You can independently change (clarify / supplement) certain personal data in your profile, and you can also contact us with a request to clarify your personal data*. We may ask you for documents confirming c) The right to erasure (the “right to be forgotten”) In certain cases, you can request * the deletion of your personal data and the termination of their processing, for example, when the personal data is no longer needed for the purposes of specific processing, or when you withdraw your consent or object to the processing of your personal data, or when in your opinion the processing of personal data does not comply with the law. d) The right to restrict processing You may request* that we temporarily or permanently stop processing all or some of your personal dataif: dispute the accuracy of your personal data,
e) The right to object to processing Taking into account your specific situation, you can at any time object to the processing of your personal data if the basis for their processing was our legitimate interest or the processing is necessary to perform a task in the public interest or within the framework of the exercise of state power entrusted to us (the grounds for processing are described in the Appendix List of treatments. You can also object to profiling based on these grounds. Also, in cases where we process data for the purposes of direct marketing, you have the right at any time to object to the processing of your personal data for the purposes of such marketing, including profiling, to the extent that the processing of your personal data relates to this direct marketing. f) The right to data portability You have the right to receive your personal data available to us, which we received with your consent or they were provided to us for the performance of the contract, from us in electronic format and then you can transfer such data to another person. We may, at your direction, transfer such data directly to another person, if this is technically feasible. g) The right not to be subjected to automated decision-making You have the right not to be subjected to a decision that is based solely on the automated processing of your personal data, including profiling, if such actions entail legal consequences (for example, some of your legal rights will be infringed, limited) or in a similar way significantly affect you. In certain cases, automated decision-making may take place, but we will take measures to protect your rights, freedoms and interests of the data subject. In this situation, you can request* the intervention of our specialist to make a decision, and also have the right to express your position, challenge such a decision. h) The right to withdraw consent to the processing of personal data If we process your personal information based on your consent, you can revoke your consent to the processing of personal data at any time by changing the settings in your profile or by sending us a request* indicating the revoked consent. Please note that the fact of revocation of consent does not affect the legality of data processing actions performed before the revocation. If you have any questions about your privacy rights or how you can exercise them, or if you want to exercise any of these rights, you can send us a request*. We will try to respond to your request as soon as possible, but in any case we will do it within a month from the date of receipt of the request. In some cases, it may take up to 3 months to fulfill your request, which we will definitely notify you about and explain Please keep in mind that if the request is unclear, we can contact you to better understand the content of the request. We may also refuse to satisfy a request if it is clearly unfounded or excessive (repetitive). If we have doubts whether you have really contacted us (and not someone impersonating you), we have the right to ask you to confirm your identity (for example, to confirm some data known to you and us or to provide a copy of your identity card). This will allow us to make sure that the satisfaction of your request does not violate the rights of third parties. If you are not completely satisfied with our response, you can also complain about our processing of your personal data to the appropriate data protection authority. |
How we receive your personal data |
|
Where do we get your data from:
1) we receive from you (for example, when you enter data during registration or write a request to our |
We may receive your personal data:
When we ask you to provide your personal data for the provision of the services, we strive to collect only those whose collection is the minimum necessary for the provision of services of the service. If you do not provide us with complete and accurate data, we will not be able to provide you with the services. If for some functionality (for example, sending news to the mail) or for some of our needs (for example, sending advertising to you), your consent to the processing of personal data is required, such processing will be carried out at your discretion and only after receiving your consent. In the Table 2 you will find the categories of personal data that we collect in the course of your work with the Service, with a list of personal data that may be affected for each of them. |
How long do we store your personal data? |
|
As a rule, we store your personal data as long as it is necessary to provide you with services in the Service and to provide access to the Service or for the period established by law for the storage of certain data. | As a rule, we store your personal data as long as it is necessary to provide you with services in the Service and to provide access to the Service.
Some personal data will be stored for the period necessary to ensure our legitimate and significant business goals and interests, or for the period established by law for the storage of certain data. We will store the necessary personal data after deleting your account, only if it is necessary for:
Please note that if you delete some personal data of users from the Service, this deletion may affect the ability to use the Service and its functionality for the user. |
Who we can share your data with |
|
Your data may be processed by other companies engaged by us. Your data may sometimes be transferred for processing outside the EU, including to countries where the level of personal data protection is not adequate to the European level. However, in such cases, we undertake to monitor such processing. | For the operation, development, promotion of the service, we cooperate with other service providers who may have access to or receive from us or directly some of your personal data to provide relevant services. Such suppliers may be located outside the European Union and in countries that do not provide an adequate level of personal data protection (for example, the United Kingdom, etc.).
We allow these companies to process your data in accordance with our instructions and exactly to the extent that they need it to provide their services and products. As a tool for transferring data to countries that do not provide a level of protection adequate to the European one, we use such as Standard Contractual Clauses (approved by the EU Commission), which describe the conditions for processing data by recipients and mechanisms for their protection (including various technical, |
How does the service ensure the security of your data? |
|
The security of your data is important to us. To do this, we use certain common measures to protect them, and also make sure that our partners provide an appropriate level of protection of your data. | We strive to protect the personal data of our users and take all reasonable and appropriate measures to protect the personal data of users from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction.
To protect your personal data, we:
If you have any questions about the security of our Service, please contact our Data protection officer |
Personal data breach |
|
No service is 100% secure. If your data is suddenly leaked in our Service, we will do everything to eliminate such a leak and its consequences for you. It is important for you to restrict the access of others to your device and its contents, since we cannot ensure the security of your data in the event of such access. | Please note that no security system is perfect, and therefore we cannot fully guarantee the absolute security of the service or unauthorized access to personal data by third parties. In case of occurrence of such circumstances (events) we will take all reasonable measures to eliminate these circumstances (events) and their consequences.
We recommend that you restrict access to the device from which you use the service and log out after using the Service. If necessary, we will notify you of any violations related to your personal data breach and report such breach to the relevant authority for the supervision of compliance with the legislation on the protection of personal data. |
Changes to the Privacy notice |
|
This document may change periodically. We will notify you about important changes in the service itself or by email. | We may periodically make changes to this Privacy notice and, if necessary, we will notify you about it (for example, by posting a notification in the Service or sending you an email and / or notification to your device). Your continued access to or use of the Service after the effective date of such changes will be governed by the revised Privacy notice. If you do not agree with the changes made to Privacy notice (in general and / or in part), please do not use the Service and delete your profile (if you want us to stop processing your personal data).
In any case, you can get acquainted with the current version of Privacy notice and all its previous versions on our website (blockbank.ai) . We recommend that you periodically review our website or Service applications to get the latest information about our privacy policies regarding your personal data. You bear the risks associated with untimely familiarization with the Privacy Notice, changes and (or) additions made to the Privacy Notice before using the blockbank service. The invalidation of certain provisions of the Privacy notice for any reason does not entail the invalidity of the Privacy notice as a whole and its other provisions. |
Lithuanian Supervisoryauthority |
|
Contacts of the authority that controls the use of your personal data by us:State Data Protection Inspectorate The entire list of supervisory authorities can be found at the link |
Processing | Category of processing data | Base for processing |
Creating an account and providing access to the service | data about a person, identifiers, location | performance of contract |
Application functionality | data about a person, confidential information, location | our legitimate interest in preventing fraud or other financial crime, and complying with statutory and regulatory requirements in relation to anti-money laundering and terrorist financing investigation and prevention |
Payments and invoicing | data about a person, identifiers, financial information | performance of contract |
Creating an account and providing access to the service | Creating an account and providing access to the service | performance of contract |
Card data storage | data about a person, financial information | consent |
Elimination and prevention of failures and errors, protection the service data | performance of contract | |
Providing technical support | data about a person, identifiers, location, usage data / app activity, app info and performance, financial information | performance of contract |
Fulfill our tax obligations | data about a person, financial information | legal obligation |
Fulfill our accounting obligations | data about a person, financial information | our legitimate interest in performing accounting |
What’s included in processing data categories | Data |
Data about a person | full name, address, date of birth, email address, citizenship, residency, language, password, phone number |
Identifiers | IP address, user ID, other online identifiers, social security number, driver’s license number, passport number, or other similar identifiers |
Location | precise or coarse / approximate location or the location of your device, time zone, country |
Financial information | payments, income, funds, bank card data, cryptographic keys, transactions, or any other financial information |
Usage data / app activity | interaction with the Service, for example, launching applications, touches, clicks, scrolling information, or other information about how the user interacts with the application, any other data about user activity in the application |
App info and performance | сrash, data information about hardware and software, information about Internet connection, other diagnostic data, performance data |
Supplier categories | The supplier and its product or service / country of service provided | Services | Links to the supplier’s privacy information, documents describing the relevant measures and guarantees of confidentiality |
Technical providers |
Amazon Web Services EMEA SARL (EU, Luxembourg) Amazon Web Services (AWS) |
Data storage on servers located in the European Union. | AWS prohibits, and its systems are designed to prevent, remote access by AWS personnel to customer data for any purpose, including service maintenance, unless access is requested by us, is required to prevent fraud and abuse, or to comply with law. https://aws.amazon.com/ru/blogs/security/aws-and-the-general-data-protection-regulation/ https://aws.amazon.com/ru/security/ Privacy policy: https://aws.amazon.com/ru/privacy/?nc1=f_pr |
KYC provider |
Sum and Substance Ltd (UK) Sumsub |
Know-Your-Customer (KYC) procedure | https://sumsub.com/privacy-notice/ |