Introduction

At Blockbonds we are deeply committed to respect the privacy of our Customers. We en-sure that Your data is safe by using sophisticated security measures. We want to make sure, that you understand the information we set out here. We have designated a Data Privacy Officer (DPO)TheT, to make sure that any questions or requests regarding this Privacy Policy will be answered The details of how to contact the DPO You may find fur-ther in this document.

By creating an account in the SPENN App and accepting the Terms & Conditions, You gave Your consent to collect and store Your data, that are necessary to provide You with the services of Your choice. This Privacy Policy governs the collection/storage and pro-cessing of Your data.

This policy applies to your use of all our services and products. Your personal infor-mation is kept in our business records only as long as it is needed to provide to you our services, and afterwards, as it is required by tax or legal purposes.

We reserve the right to update this policy from time to time. In case our Privacy Policy will be updated, we will inform You about it.

Scope

The policy applies to all Blockbonds customers and SPENN application users and it covers all the matters that are related to how we collect, use, share and protect your personal data. All our partners with whom we share your information, must meet the requirements set out in this policy. We explain how we share data in further chapters of this document.

Collecting Information

To deliver to you our services we may collect your personal information, such as your name, address, personal number, telephone number, e-mail address, that You provide to us while creating Your SPENN account, but also your IP address, transaction history, the device you use to utilize our services, the name of the WEB browser you use, your location information or your user behaviors.

Most of the information listed above, and any others that You provided us with, are visible in Your SPENN Account, by clicking “Me” tab.

We collect the information when you download our app, in the registration process, when you subscribe to our newsletter or we use publicly available information.

The administrator of Your personal data, so the one who decides how Your data will be used, is Blockbonds AS, Norwegian registered limited company, with company nr …. , registered office address: Andoyfaret 33D, 4623 Kristiansand, Norway. Blockbonds AS is the owner of the source code and all intellectual property rights of SPENN Application, that You download to Your mobile phone.

To simplify the contact regarding Your personal data, we have appointed a Data Protection Officer. You can reach him simply by:

Sending an email to: dpo@blockbonds.io
Sending a letter to: Blockbonds AS Data Protection Officer, Andoyfaret 33D, 4623 Kristiansand, Norway.
The reason why we collect this information is to simply make it possible to you to use our services, but also to make your user experience as good as possible. Thanks to this we can not only comply with all the legal requirements that we have to meet to be able to start andmaintain the relation with you, but also we can customize our services to match your needs, respond to your questions, ensure the safety of all our customers and integri-ty of our product.

We collect and process Your personal data to:

provide You with the on-line services of Your choice, including sending and receiving funds;
ensure that transactions are performed smoothly and provide troubleshooting and resolving technical problems;
realization of POS transactions, if You are a SPENN Plus User and maintaining records of sales;
enable other users to contact You, if You are a SPENN Power User;
make it possible for us to answer Your questions and requests, contact You re-garding the services that we provide.
Additionally, we are obliged to collect and store Your data, including the transaction data, for security reasons, in accordance with the Anti-Money Laundering and Counter-Terrorist Financing laws that are in force in the country You reside.

We also collect and process Your personal data according to our legitimate interest, especially to:

ensure security of our services, adherence to our internal procedures and prevent-ing fraud and other financial criminal activities;
analyze the functionality of our services and the SPENN application to tailor them to specific needs of our Users;
resolve the queries, especially those sent to our Customer Service Teams;
perform statistical analyses;
for archiving and/or auditing purposes;
to ensure compliance with the local and global laws and regulations.
Only if You agree to it, and on the basis of Your consent, we can retrieve the information from cookies and other tracking technologies to assist with navigation and your ability to provide feedback, analyse your use of our products and services, assist with our promo-tional and marketing efforts, and provide content from third parties.

If You will not provide us with the required information, we will unfortunately not be able to provide You with our services or parts of our services.

You have the right to access to your data and correct them if necessary. Please simply contact Data Protection Officer and describe the nature of Your request. Please note, that You may also view part of Your data in the SPENN application under the “Me” tab. You can also modify Your data, but this may require further authentication to be completed.

Your rights according to Your data

We guarantee that we adhere to the requirements of the data protection regulations, including GDPR and we will proceed with any request that stems from Your rights, namely the right to access, rectify your data, right to be forgotten, right to data portability, right to object and automated individual decision making, right to restriction of data processing, right to refuse further data processing and right to information, in line with the corresponding laws and regulations imposed on us by authorities of the country You reside.

You can exercise these rights when:

according to data rectification – You will find out that Your data are incorrect or incomplete
according to data erasure – where one of the following grounds applies:
the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
You withdraw consent on which the processing is based or object to further data processing, where there is no other legal ground for the processing or no overriding legitimate grounds for processing;
the personal data have been unlawfully processed;
the personal data have to be erased for compliance with a legal obligation in the law to which we are subject;
the personal data has been collected according to services and it is data of a child.
according to restriction of data processing, where one of the following applies:
You will contest the accuracy of data, for a period enabling us to verify the accuracy of the personal data;
the processing is unlawful and You oppose to the erasure of the personal data and request the restriction of their use instead;
we no longer need the personal data for the purposes of the processing, but they are required by You for the establishment, exercise or defense of legal claims;
You will object to processing data, pending the verification whether our legitimate grounds for processing overrides Yours.
ccording to the right to data portability (in other words the right to receive the per-sonal data, which You have provided us with, in a structured, commonly used and machine-readable format and have the right to transmit those data to another con-troller without hindrance from us, where You gave us consent to Your data pro-cessing or we have a contract that allows the data processing and the processing is carried out by automated means.

You also have the right to lodge a complaint on the way we process Your data to the su-pervisory authority:

The Norwegian Data Protection Authority (Datatilsynet)
P.O. Box 8177 Dep., 0152 Oslo
postkasse@datatilsynet.no
+ 47 22 39 69 00

Sharing Information

We do not sell the personal information of our Customers. We do not share your personal information with any other companies without your consent, for reasons other than delivering to you our services. We share your information with other companies that assist us in performing services for you, solely for this purpose, including consulting, audit. In such case we require a full compliance with our Privacy Policy, so that your data are treated with the same standard of safety at all times. Those companies may be located outside your jurisdiction, but Your data is protected by our contracts with them. Please note the government authorities of those jurisdictions may have access to your data. We may also release your personal information if we are required to, to comply with the legal requirements, court orders, to defend our or others legal rights or safety.

We may share, also against payment, the anonymous, non-personally identifiable information with third parties for marketing or advertising purposes, but only if we receive Your consent to do so. This means that Your personal data may be automatically processed, including profiling. However, this does not cause to You any legal effects or significantly influence Your situation.

Your personal information may also be shared and transferred due to company’s acquisition, merger, receivership proceeding, insolvency or bankruptcy proceedings and the like.

By registering as a SPENN Power User, You may be visible on the map builtinto the SPENN application, so that they can see Your location and contact You. This means some of Your personal data (phone number and business name, current location) will be visible to other SPENN Users. Only in this way, the trustful net of SPENN Power Users can be built. If You do not share Your data, You will not be able to provide the Users with top-up and cash-out services. We will ask You for consent to share Your personal data with other Users, during registration for SPENN Power User.

Your name will also be visible to a user, who types-in Your phone number as a recipient of the transfer/request for transfer. This is to make sure that users send funds always to correct person, as transactions are non-reversible.

Cookies

Cookies are small sets of data, that web server send to web browser, so that the web server can receive and use some information when the user visits the site. Thanks to this you may receive a personalized content of the website and access its parts that are interesting for you faster and easier. On the other hand, the web site can monitor your browsing habits.

You have the right to refuse the use of cookies. This may however affect the functionality of the services. Once You enter our websites, You will be asked for consent to collect those data. If You gave Your consent, You can withdraw it by contacting our Data Protection Officer.

Please note, that You can also decline the cookies in Your browser settings and delete them whenever you want.

We use cookies to help us remember and save your preferences to enhance your user experience, measure effectiveness of our campaigns, use analytics tools.

Safety of Information

We implemented an internal data security policy that, together with our technical solutions and professionalism of our staff significantly mitigates the risk of loss, disclosure, unauthorised access to the data. Implemented safeguards are subject to legal requirements that we are bound by and that we strictly comply with.

The history of Your transactions is secured by the blockchain technology, that provides an indelible and transparent record of transactions.

We store Your personal data for as long, as this is required by Anti-Money Laundering and Counter-terrorist financing (AML) laws that we are subject to, as well as Know Your Customer (KYC) requirements, characteristic for financial services, tax and other regulatory purposes.

The following must be retained for all transactions for:

Identification of customer – full details of evidence of identity for minimum 10 years from the end of the relationship with the customer;
Transactions – full details of the transaction for minimum 10 years from the date the transaction was completed;
This may change, when the regulations according to the AML and KYC (both on local and global scale) will change.

Links To Other Websites

We may at our discretion include the links to third party websites, that are not covered by this Privacy Policy. Please make sure to review their policies in this matter. Please be advised that those websites may place their own cookies and collect data from you.

Phishing

We would like to draw your attention to the threat of phishing. This is an unlawful practice of creating “phishing” websites that imitate legitimate websites, in order to steal sensitive personal or financial information. The link to such fake website is usually a part of an email a person receives that also looks legitimate. Such fake website can be infected with malware
you can be asked to enter your personal details that can be a subject of identity theft. If You suspect that the email or any other communication You received may be of this nature that it only imitates Blockbonds/SPENN, please always contact our Customer Service.

Communication

We may provide you electronically with information about your transactions, our products, agreements between us. You hereby agree to receive such communication electronically. We may also contact you via SMS or phone call at the telephone numbers You provided to us during registration, however not for the purpose of marketing unless we receive your prior written consent.

You can withdraw your consent to receive the marketing communication by contacting the Data Protection Officer. If You will opt-out from receiving the marketing communication, this will not affect the certain communication according to your use of the Service.

Blockbonds AS,
Andoyfaret 33D,
4623 Kristiansand, Norway

E-mail: dpo@blockbonds.io