- the types of information we collect through your use of our products and services including our software and our mobile applications, and your navigation of our websites;
- the manner in which we use and share the information, and why;
- the circumstances in which your information may be transferred to another country;
- the rights you may have under relevant privacy or data protection laws;
- cookies that we use or used by our service providers; and
This Policy applies to your use of, access to, or participation in any of the following sources (collectively, our “Data Sources”):
- our Block.one website (URL: block.one or b1.com) and its subdomains regardless of the medium in which the Websites are accessed by a user (e.g., via a web or mobile browser) (the “Websites”);
- any events hosted by us, whether such events are open to the public or by invitation (collectively the “Events”); and
- subsections of social media platforms controlled by us, such as our Twitter, LinkedIn, or Facebook pages.
Personal Data We Process
We process the Personal Data we collect about you when you use, gain access to, or participate in our Data Sources. In this Policy, “Personal Data” means any information relating to an identified or identifiable natural person as may be collected or processed by us in connection with the Data Sources and includes “Personal Data” as defined in the EU General Data Protection Regulation 2016/679 (“GDPR”) or other applicable laws.
As set out in the section below, we may process the following categories of Personal Data:
- Account Information, which means your Contact Information provided to us when creating an account as well as your username and user identification number.
- Application Security Information, which means your passwords, two-factor authentication software or key pairs, security questions (including the answers to the said questions) and security device identification number.
- Communications Information, which means the contents of the communications and correspondence between us, whether by email, through one of our Services, through your submission of an online form, or when you otherwise contact us.
- Contact Information, including your first and last name, mailing address, email address, telephone number, mailing preference and other contact information you may provide when communicating with us through our Data Sources.
- Financial Transaction Information, which means payment information, such as your credit or debit card number and other card information; other financial account and authentication information; and billing, contact details or cryptocurrency wallet address (including public key or private key).
- Recruitment Information, which means your resume, employment history, qualifications, contact information, reference information, and other information you may submit when applying for a job with us.
- Other Identifying Information, which means your IP address, device name and device ID, MAC address, GUID, coarse location and fine location.
- Service Use Information, which means the information that you provide to us when you use our Services, such as information you may upload or generate when using our Services or communicating with us about our Services.
We collect Personal Data through:
- Your use of or participation in our Data Sources.
- Your use of our Services.
- Direct or unsolicited interactions, such as when you voluntarily provide your information to us by contacting us, submitting requests and comments, subscribing to our newsletters, submitting job applications, or otherwise engaging with us through our Data Sources.
- Indirectly, such as when you provide your information to us through a social media platform, such as LinkedIn, Facebook, or Twitter.
We may also collect other types of anonymized statistical information in aggregate form when you use our Data Sources.
How We Use Your Personal Data
We only process certain types of your personal data as necessary to fulfil the terms of service for our Data Sources and in line with your agreement to do so or an appropriate basis for processing. For these activities, the purpose of processing, categories of personal data used, and a description of the processing is outlined below. For individuals who live in the European Economic Area (EEA), the table also identifies the legal basis under which we process your personal data.
|Activity||Categories of Personal Data||Purpose of Processing||Lawful Basis|
|Providing Services||Account Information, Application Security Information, Communications Information, Identity Verification Information, Other Identifying Information, Service Use Information||Enable you to use our Services, manage your preferences, manage our Services including in accordance with your instructions, administer and troubleshoot our platforms, develop new and improve existing Services, detect abuse, fraud, and illegal activity on our platforms, enforce our Service terms and conditions||Performance of a Contract
Legitimate Interest: Providing our Services and improving our Services and user experience
|Engaging with us regarding investments and business opportunities||Communications Information, Contact Information, Identity Verification Information, Other Identifying Information||Enabling you to engage with us regarding investments and business opportunities, submitting proposals and grant requests, and informing you about or discussing potential opportunities||Performance of a Contract
Legitimate Interest: Engaging with relevant parties regarding business or investment opportunities that may be of interest to us
|Collecting or providing funds||Contact Information, Communications Information, Financial Transaction Information, Identity Verification Information||Enabling us to send or receive funds to or from individuals in connection with grants, investments, or services or other contracts, in compliance with our legal obligations and our internal policies and risk tolerance||Performance of a Contract
Legitimate Interest: Sending or receiving funds in compliance with our obligations and company policies
|Providing support for our Services||Account Information, Communications Information, Contact Information, Financial Transaction Information||Answer your queries, resolve matters with accounts, and otherwise provide general support related to our Services||Legitimate Interest: Respond, investigate, and resolve user queries|
|Security and investigations||Account Information, Application Security Information, Other Identifying Information, Service Use Information||Operate, administer, secure, and improve the safety and security operations of our Services, detect spam, prevent harmful or illegal conduct, investigate suspicious activity in breach of terms of Service, administer policies and rules applicable to the Service||Legitimate Interest: Security of the Services, protection of our business interests, and protection of data|
|Compliance with laws and regulations and protection of company interests||Account Information, Application Security Information, Financial Transaction Information, Identity Verification Information, Other Identifying Information, Service Use Information||Verify accounts and activity, including processing personal data for identity verification purposes, protect the business from fraud, money laundering, breach of confidence, theft of proprietary materials and other financial or business crimes||Legal Obligation
Legitimate Interest: Complying with laws in the jurisdictions where we are subject to them, protecting the Services, protection of our business interests, and protection of data
|Events and webinars||Contact Information, Communications Information, Financial Transaction Information||Facilitate Event registration, plan and execute Events, and share pre- and post-Event information with registrants and interested individuals||Performance of a Contract
Legitimate Interest: Planning and executing Events, administering Event attendance, and distributing Event information
|Marketing and surveys||Contact Information, Communications Information, Service Use Information||Provide you with relevant information about our Services and Events, send surveys, and send information that may be of interest to you based on your preferences||Consent|
|Website traffic analysis and usage analytics||Other Identifying Information, Service Use Information||Understand how users interact with our Websites, analyze Website traffic and usage, to improve our Websites and our offerings||Legitimate Interest: Understanding user behavior and preferences on our Websites to improve our Websites and user experience|
|Engaging with you on social media||Contact Information, Communications Information, Other Identifying Information||Engaging with you on social media, including on subsections of social media platforms controlled by us||Legitimate Interest: Understanding how you engage with us on social media, engaging users through social media platforms, and improving our social media activities and users’ social media experience|
|Potential recruitment by us||Recruitment Information, Identity Verification Information||Legitimate Interest: Evaluating job applications, making employment and other hiring decisions, and recruitment steps we must take prior to entering into employment contracts with individuals|
|Sharing with law enforcement/legal requests||Information that is the subject of a lawful request||Comply with valid legal requests from authorities, and to comply with our legal and regulatory obligations||Legal Obligation
Legitimate Interest: Complying with laws in the jurisdictions where we are subject to them
|Protection of the vital interests of an individual||Information required to protect the vital interest of an individual||Protect the life or physical safety of individuals, to combat harmful conduct, to promote safety and security||Vital Interests|
In the above table, “consent” refers to Article 6(1)(a), “performance of a contract” or “steps we must take prior to entering into a contract” to Article 6(1)(b), and “legitimate interest” to Article 6(1)(f) of the GDPR.
How We Share Your Personal Data
We may share your Personal Data with the following categories of third parties:
- Third-party service providers who need access to Personal Data to assist us in delivering Services. For example, such third parties include payment processors; information technology service providers; providers of identity verification services; website hosting providers; marketing, accounting, shipping, and delivery vendors; other business process outsourcing providers; and partners who assist us with administering programs we offer to you, such as our bug bounty program. We endeavour to only share the minimum amount of Personal Data that these service providers need to perform their tasks.
- Third-party service providers who need access to Personal Data to provide advertising and analytics services. For example, we use a third party for the collection and management of your Personal Data that enables us to deliver marketing communications about our Services and Events to you.
- Our corporate affiliates, when necessary to complete the processing activities described above.
- Other third parties, as reasonably necessary:
- In relation to a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy, or other change of ownership or control (whether in whole or in part); or
We do not sell your Personal Data to third parties.
Third Party Applications and Websites
Our Data Sources may contain links to third-party applications not affiliated with us. Your use of an external application or any informational content found on external applications is subject to and governed by the privacy policies, terms, and conditions of that application. We do not endorse or make any representations or warranties concerning, and will not in any way be liable for, any informational content, products, services, software, or other materials available on external applications are framed within our Data Sources. Further, while we review the privacy practices of our vendors, we are not responsible for the privacy practices of any external applications with which we are not affiliated. The Websites may contain links to websites not affiliated with us. Your use of external websites or any informational content found on external websites is subject to and governed by the privacy policies, terms, and conditions of those websites. We do not endorse or make any representations or warranties concerning, and will not in any way be liable for, any informational content, products, services, software, or other materials available on external websites even if one or more pages of the external websites are framed within a page of our Websites. Further, we are not responsible for the privacy practices of any external websites with which we are not affiliated.
Advertising and Analytics Services Provided by Third Parties
The third-party service providers we use for advertising and Website analytics include:
When you first land on the Websites, you will be asked for your consent to the placement of Cookies. No cookies over which we have control will be placed on your browser without your consent. Some pages on the Websites may contain iframes, such as pages with embedded videos hosted by third party services, and those third party services may place cookies on your browser. If you wish to disable cookies placed by iframes, you should adjust your browser settings. You also have the option to manage your consent on an ongoing basis by opting out of any Cookies category except Strictly Necessary Cookies by changing your Cookie Settings
Most web browsers allow some control of cookies through the browser settings. You can find out how to manage cookies on popular browsers on the browser’s websites or the browser developer’s websites. Please note that if you choose to decline or block cookies by adjusting your browser settings, some or all of the Websites may not be functional or accessible to you.You may also visit http://tools.google.com/dlpage/gaoptout to opt out of being tracked by Google Analytics across all websites.
We will comply with any relevant legislation in the jurisdiction you are located in that confers you with some or all of the following rights with respect to your Personal Data. To make a request, you can complete the B1 Data Subject Rights Request web form or contact us directly via the addresses below.
- To access the Personal Data we maintain about you. We will provide you free of charge with a copy of your Personal Data, but we may charge you a reasonable fee to cover our administrative costs if you request further copies of the same information.
- To be provided with information about how we process your Personal Data. This will include information on the categories of data, the sources from which it originated, the purpose and legal basis for the processing, the expected retention period, the recipients of your Personal Data and the safeguards regarding data transfers to other jurisdictions, subject to the limitations set out in applicable laws and regulations.
- To correct your Personal Data. You have the right to ask us to rectify Personal Data you think is inaccurate or incomplete. In some cases, you will need to make these changes yourself by using the tools we provide in the Data Sources.
- To have your Personal Data erased. You have a right to ask us to delete your Personal Data. In some cases, you will need to do the deletion yourself using the tools we provide in the Data Sources. We will decline your request for deletion if processing your Personal Data is necessary: (i) to comply with our legal obligations, such as fraud detection and monitoring, or being required; (ii) to perform a task in the public interest; (iii) in pursuit of a legal action; (iv) for exercising the right of freedom of expression and information; and (v) for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing.
- To object to how we process your Personal Data. Where we process your Personal Data based on our legitimate interest (or that of a third party), you have the right to object to this processing on grounds relating to your particular situation if you feel it impacts on your fundamental rights and freedoms. We will decline your request where we have a compelling legitimate grounds for the processing which override your rights and freedoms, or where the processing is in connection with the establishment, exercise or defence of legal claims.
- To be informed about direct marketing. You have the right to request us to tell you how your Personal Data has been shared, if at all, with third parties for the third parties’ direct marketing purposes.
- To stop your Personal Data being used for direct marketing purposes. At your request, we will stop using your Personal Data for the purpose of direct marketing. If you want to stop us from contacting you in connection with marketing communications, please email us at the email address specified below.
- To restrict how we process your Personal Data. At your request, we will limit the processing of your Personal Data if:
- you dispute the accuracy of your Personal Data;
- your Personal Data was processed unlawfully and you request a limitation on processing, rather than the deletion of your Personal Data;
- we no longer need to process your Personal Data, but you require your Personal Data in connection with a legal claim; or
- you object to the processing pending verification as to whether an overriding legitimate ground for such processing exists.
We may continue to store your Personal Data to the extent processing is required or based on one of the following bases: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
- The right to data portability. You have the right to receive your Personal Data in a structured, commonly used and machine-readable format, if:
- the processing of your Personal Data is based on your consent or required for the performance of a contract; or
- the processing is carried out by automated means.
Please note that this information might already be available to you via the Data Sources
- To withdraw any consent that you gave us to process your Personal Data. You have the right to withdraw any consent you may have previously given us at any time. Your consent withdrawal will not affect the lawfulness of the processing done before the withdrawal.
- To complain to a supervisory authority. If you are not satisfied with our response, you have the right to complain to or seek advice from a supervisory authority and/or bring a claim against us in any court of competent jurisdiction.
To exercise the above rights, please complete the B1 Data Subject Rights Request web form or contact us directly via the addresses below. We will consider and process your request within the required period of time. Please be aware that under certain circumstances, or in relation to certain types of data, including pseudonymous data, the applicable legislation may limit your exercise of these rights.
We do not sell your personal data to third parties.
International Data Transfers
Where we rely on our service providers located outside of your jurisdiction and acting as data processors, we ensure that they are subject to laws ensuring an adequate level of data protection as set out in an applicable adequacy decision of the relevant regulatory authority or will ensure that an adequate level of data protection will be available, such as on the basis of data processing agreements and standard contractual clauses.
Retention of Personal Data
The security of your information is important to us. We have implemented appropriate technical, physical and administrative security measures intended to protect your Personal Data from unauthorized access, disclosure, alteration or destruction. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
To opt-out of receiving marketing communications from us, please click the unsubscribe link that can be found at the bottom of every marketing email. You may also let us know through the B1 Data Subject Rights Request web form or by reaching us at the email address specified below. Please note that even if we stop all marketing communications, you may still receive administrative, legal, and other important or service-related communications from us.
Do Not Track
Certain web browsers and other devices you may use to access the Websites may permit you to submit your preference that you do not wish to be “tracked” online. We do not currently commit to responding to these submissions, in part, because no common industry standard for “do not track” has been adopted by industry groups, technology companies, or regulators. We will make efforts to monitor developments around “do not track” browser technology and the implementation of a standard.
Updates to the Privacy Notice
We reserve the right to amend this Policy at any time. You will know if the Policy has changed since the last time you reviewed it by checking the “Date of Last Update” section below. We therefore encourage you to review this Policy from time to time. To the extent permitted by law, by continuing to use our Data Sources after changes have been posted, you are confirming that you have read and understood the latest version of this Policy.
Our Role and How to Contact Us
If you have any questions, comments or complaints, or would like to exercise your rights concerning your Personal Data and privacy preferences, you may use our available self-service options or contact in the following ways:
- Submit a request or query through the B1 Data Subject Rights Request web form
- Contact us directly at firstname.lastname@example.org
If you are in the EEA, you may also contact our EU representative, designated for the purposes of Article 27 of the GDPR:
- Achieved Compliance Advocacy, Ltd., Attn: Ms. S. Ali re Block.one, Singel 250; 1016 AB, Amsterdam, Netherlands
If you are in the UK, you may also contact our designated UK representative:
- Achieved Compliance Advocacy, Ltd., Attn: Ms. S. Ali re Block.one, Princess House, Princess Way, Swansea, UK SA1 3LW
Alternatively, you may contact our appointed Data Protection Officer (DPO) whose contact details are as follows:
- HewardMills Ltd., 77 Farringdon Road, London, UK EC1M 3 JU.