block.one (an exempted company formed in the Cayman Islands with limited liability) and its affiliates (“we,” “us,” or “our“) are committed to protecting the privacy of your information. The following Privacy Notice sets forth our policies and practices regarding how we use and share the information we collect through your use of our products and services including our software and our mobile applications, and your navigation of our websites.
This Notice applies to use of:
(ii) our websites, which include https://block.one, https://eos.io, https://eoshackathon.io/, and their subdomains, regardless of the medium in which the Websites are accessed by a user (e.g., via a web or mobile browser) (the “Websites”);
(iii) any events hosted by us, whether such events are open to the public or are by invitation (collectively the “Events”); and
(iv) subsections of the social media platform controlled by us.
(collectively, our “Data Sources”)
Personal Data We Process
We process the Personal Data we collect about you when you use our Data Sources. In this Notice “Personal Data” generally means any information relating to an identified or identifiable natural person as may be collected or processed by us in connection with the Data Sources and includes “Personal Data” as defined in the General Data Protection Regulation (“GDPR”) and other applicable law.
As set out in the section below, we may process the following categories of Personal Data:
- Contact Information, including your first and last name, mailing address, email address, telephone number, mailing preference and other contact information you may provide when communicating with us through our Data Sources.
- Communication Information, which means the contents of the communications and correspondence between us, whether by email, an EOSIO blockchain, or otherwise through one of our Services, through your submission of an online form, or when you otherwise contact us.
- Recruitment Information, which means your resume, employment history, qualifications, contact information, reference information, and other information you may submit when applying for a job with us.
- Account Information, which means your Contact Information provided to us when creating an account as well as your user name and user identification number.
- Other Identifying Information, which means your IP address, device name and device ID, MAC address, GUID, coarse location and fine location.
- Application Security Information, which means your passwords, two-factor authentication software or key pairs, security questions (including the answers the said questions) and security device identification number.
- Financial Transaction Information, which means payment information, such as your credit or debit card number and other card information; other account and authentication information; and billing, contact details or cryptocurrency wallet address (including public key or private key).
We collect Personal Data through:
- Your use of or participation in our Data Sources;
- A third party’s use of our Data Sources relating to you; and
- Direct or unsolicited interactions, such as when you voluntarily provide your information to us by contacting us, submitting requests and comments, subscribing to our newsletters, submitting job applications, or otherwise engaging with us through our Data Sources.
We also collect other types of statistical information in aggregate form when you use our Data Sources.
How We Use Your Personal Data
We use your Personal Data to deliver our Data Sources, as set out in the following table:
|Purpose of processing||Categories of Personal Data||Basis for collection|
|Block.One as a provider of Services|
|Providing support in relation to our Services|
|Providing you with the ability to contribute to forums|
|Application account creation process|
|Ensuring the security of the users’ account|
|Usage analytics to monitor the performance of the application|
|Personal Data collected through our Websites|
|Sending you marketing communications about us and our Services|
|Making our Website accessible and providing Services via our Website|
|Potential recruitment by us|
|Processing data in connection with subsections of social media platforms controlled by us|
|Website traffic analysis and usage analytics|
|Sending you marketing communications about EOS VC|
|Submitting information to EOS VC for funding|
|Data collected at our Events|
|Registering for our Events|
|Sending you marketing communications related to our Events|
|Sending you surveys about our Events|
(For the purposes of data protection law in the European Union or the European Economic Area, in the above table, “consent” refers to Article 6(1)(a), “performance of a contract” or “steps we must take prior to entering into a contract” to Article 6(1)(b), and “legitimate interest” to Article 6(1)(f) of Regulation (EU) 2016/679 – General Data Protection Regulation)
How We Share Your Personal Data
We may share your Personal Data with the following categories of third parties:
- Third-party service providers who need access to Personal Data to assist us in delivering Services. For example, such third parties include payment processors; information technology service providers; providers of identity verification services; websites hosting providers; marketing, accounting, shipping, and delivery vendors; other business process outsourcing providers; and partners who assist us with administering programs we offer to you, such as our bug bounty program. We endeavour to only share the minimum amount of Personal Data with these service providers that they need to perform their tasks.
- Third-party service providers who need access to Personal Data to provide advertising and analytics services. For example, we use MailChimp for the collection and management of your Personal Data that enables us to deliver marketing communications about our Services to you.
- Our corporate affiliates, when necessary to complete the processing activities described above.
- Public and governmental authorities that regulate or have jurisdiction over us, such as regulatory authorities, law enforcement, public bodies, and judicial bodies.
- Other third parties, as reasonably necessary:
- In relation to a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy, or other change of ownership or control (whether in whole or in part); and
Third Party Applications and Websites
Our Data Sources may contain links to third-party applications not affiliated with us. Your use of an external application or any informational content found on external applications is subject to and governed by the privacy policies, terms, and conditions of that application. We do not endorse or make any representations or warranties concerning, and will not in any way be liable for, any informational content, products, services, software, or other materials available on external applications are framed within our Data Sources. Further, we are not responsible for the privacy practices of any external applications. The Websites may contain links to websites not affiliated with us. Your use of external websites or any informational content found on external websites is subject to and governed by the privacy policies, terms, and conditions of those websites. We do not endorse or make any representations or warranties concerning, and will not in any way be liable for, any informational content, products, services, software, or other materials available on external websites even if one or more pages of the external websites are framed within a page of our Sites. Further, we are not responsible for the privacy practices of any external websites.
Advertising and Analytics Services Provided by Third Parties
The third-party service providers we use for advertising and analytics include:
Individuals in Certain Jurisdictions
Your Rights. If you are located in certain jurisdictions, the applicable legislation allows you some or all of the following rights with respect to your Personal Data:
- To access the Personal Data we maintain about you. We will provide you free of charge with a copy of your Personal Data, but we may charge you a fee to cover our administrative costs if you request further copies of the same information.
- To be provided with information about how we process your Personal Data. This will include information on the categories of data, the sources from which it originated, the purpose and legal basis for the processing, the expected retention period, and the safeguards regarding data transfers to other jurisdictions, subject to the limitations set out in applicable laws and regulations.
- To correct your Personal Data. You have the right to ask us to rectify Personal Data you think is inaccurate or incomplete. In some cases, you will need to make certain of these changes yourself by using the tools we provide in the Data Sources.
- To have your Personal Data erased. You have the right to ask us to delete your Personal Data. In some cases, you will need to do the deletion yourself using the tools we provide in the Data Sources. We will decline your request for deletion if processing your Personal Data is necessary: (i) for the continued performance of a contract, (ii) to comply with our legal obligation; (iii) in pursuit of a legal action; (iv) to detect and monitor fraud; or (v) for the performance of a task in the public interest.
- To object to how we process your Personal Data. Where we process your Personal Data based on our legitimate interest (or that of a third party), you have the right to object to this processing on grounds relating to your particular situation if you feel it impacts on your fundamental rights and freedoms. We will decline your request where we have a compelling legitimate grounds for the processing which override your rights and freedoms, or where the processing is in connection with the establishment, exercise or defence of legal claims.
- To be informed about direct marketing. You have the right to request us to tell you how your Personal Data has been shared, if at all, with third parties for the third parties’ direct marketing purposes.
- To stop your Personal Data being used for direct marketing purposes. At your request, we will stop using your Personal Data for the purpose of direct marketing. If you want to stop us from contacting you in connection with marketing communications, please email us at the email address specified below.
- To restrict how we process your Personal Data. At your request, we will limit the processing of your Personal Data if:
- you dispute the accuracy of your Personal Data;
- your Personal Data was processed unlawfully and you request a limitation on processing, rather than the deletion of your Personal Data;
- we no longer need to process your Personal Data, but you require your Personal Data in connection with a legal claim, or
- you object to the processing pending verification as to whether an overriding legitimate ground for such processing exists.
We may continue to store your Personal Data to the extent required to ensure that your request to limit the processing is respected in the future.
- The right to data portability. You have the right to receive your Personal Data in a structured, commonly used and machine-readable format, if:
- the processing of your Personal Data is based on your consent or required for the performance of a contract; or
- the processing is carried out by automated means.
Please note information might already be available to you via the Data Sources.
- To withdraw any consent that you gave us to process your Personal Data. You have the right to withdraw any consent you may have previously given us at any time.
- To complain to a supervisory authority. If you are not satisfied with our response, you have the right to complain to or seek advice from a supervisory authority and/or bring a claim against us in any court of competent jurisdiction.
To exercise the above rights, please contact us at the email address specified below. We will consider and process your request within a reasonable period of time. Please be aware that under certain circumstances, or in relation to certain types of data, including pseudonymous data, the applicable legislation may limit your exercise of these rights.
International Data Transfers. We may transfer your Personal Data to countries outside of your jurisdiction for processing in accordance with this Privacy Notice and as permitted by the applicable laws. Where this is the case, we will ensure that any data processors receiving your Personal Data are subject to laws ensuring an adequate level of data protection as set out in an applicable adequacy decision of the relevant regulatory authority (which may include the EU-U.S. Privacy Shield) or will ensure that an adequate level of data protection will be available on the basis of standard contractual clauses that will allow you to directly enforce your rights as a third-party beneficiary.
Retention of Personal Data
We retain Personal Data for the period of time necessary to fulfil the purposes outlined in this Privacy Notice and our records retention policies unless a longer retention period is required by law.
Please note that information made public on any blockchain via our Data Sources or otherwise may be kept for an extended period of time.
The security of your information is important to us. We have implemented reasonable technical, physical and administrative security measures intended to protect your Personal Data from unauthorized access, disclosure, alteration or destruction.
To opt-out of receiving marketing communications from us, please click the unsubscribe link at the bottom of a marketing email or let us know by reaching us at the email address specified below. Please note that even if we stop all marketing communications, you may still receive administrative, legal, and other important communications from us.
Do Not Track
Certain web browsers and other devices you may use to access the Websites may permit you to submit your preference that you do not wish to be “tracked” online. We do not currently commit to responding to these submissions, in part, because no common industry standard for “do not track” has been adopted by industry groups, technology companies, or regulators. We will make efforts to monitor developments around “do not track” browser technology and the implementation of a standard.
Updates to the Privacy Notice
We reserve the right to amend this Notice at any time. You will know if the Notice has changed since the last time you reviewed it by checking the “Date of Last Update” section below. By continuing to use our Data Sources after changes have been posted, you are confirming that you have read, understood and agree to the latest version of this Notice.
Who is responsible
If you have any questions, comments, or complaints, or would like to access or correct your Personal Data and privacy preferences, please contact us by using the following ways:
Maples Corporate Services Limited,
PO Box 309, Ugland House,
The Cayman Islands
Date of Last Update: