Introduction

At Blockbonds, we are deeply committed to respecting the privacy of our customers. We ensure that your data is safe by using sophisticated security measures. In this document, we set out what data we may collect from you and explain how we use it in the provision of our services to you.

By creating an account in the SPENN Application or Platform (“SPENN App” or “SPENN Platform”) and accepting the Terms & Conditions, you consent to Blockbonds collecting and storing your data necessary to provide you with the services of your choice. This Privacy Policy (the “Policy”) governs the collection, storage, and processing of your data.

This Policy applies to your use of all our services and products. Your personal information is kept in our business records only for as long as it is needed to provide you with our services, and afterwards, only as it is required for tax or other legal obligations.

We reserve the right to update this Policy from time to time. In case our Privacy Policy is updated, we will notify you.

Scope

The Policy applies to all SPENN Platform Users and SPENN Customers; it covers all matters related to how we collect, use, share and protect your data. All partners with whom we share your information must meet the requirements set out in this Policy. We explain how we share data in further chapters of this document.

Collecting Information

To deliver to you our services, we may collect your personal information, such as your name, address, personal number, telephone number, and e-mail address that you provide to us while creating your SPENN Account. We also collect your IP address, information about the device you use the SPENN Platform on, your location, and other data to indicate your user behaviour. For identity verification purposes, you may be asked to take a photograph of your face (selfie); however, this data is processed entirely locally, and any spatial orientation/facial expression data is not collected externally by us, nor is it submitted to any partner or third parties.

Most of the information listed above and any other information that you provide us with can be accessed via your SPENN Account by clicking the “Me” tab.

We collect this information when you download the SPENN App, during the registration process, when you subscribe to our newsletter or from public sources. To comply with local laws, we may need to access some of your personal data from public sources, such as National Identification Authorities or Credit Reference Bureaus, depending on your country of residence; by using the SPENN App or Platform and its associated services, you expressly agree to such access. The Controller of your data, that is, the entity that decides how your data is used is:

Blockbonds AS, a Norwegian registered limited company, with company nr 915 912 028, registered office address: Andoyfaret 15, 4623 Kristiansand, Norway. Blockbonds AS is the owner of the source code and all intellectual property rights of the SPENN App, that you download to your mobile phone.

If you have any questions regarding this Privacy Policy or our processing of personal data, or if you want to contact us regarding your data, please contact [email protected].

 

The reason we collect this information is to enable you to use our services but also to make your user experience as good as possible. Thanks to this data, we can comply with all the relevant legal requirements that govern our relationship with you, as well as customize our services to match your needs, respond to your questions, and ensure the safety of all our customers, and the integrity of our products.

We collect and process your data to:

• provide you with the online services of your choice, including sending and receiving funds;
• ensure that transactions are performed smoothly, and to provide troubleshooting services;
• realise transactions and maintain records of sales (for SPENN Merchants and Business users);
• make it possible for us to answer your questions and requests or contact you regarding the services that we provide.

Additionally, we are obliged to collect and store your data, including your transaction data, for security reasons, in accordance with the Anti-Money Laundering and Counter-Terrorist Financing laws (AML/CTF) that are in force in Zambia.

We also collect and process your transaction data according to our legitimate interest, especially to:

• ensure the security of our services, adhere to our internal procedures, and prevent fraud and other financial criminal activities;
• analyse the functionality of our services and the SPENN App and/or Platform, and tailor them to your specific needs;
• resolve customer queries, especially those sent to our Customer Service Teams (CS Team);
• perform statistical analyses;
• ensure compliance with local and global laws and regulations, and;
• for archiving and auditing purposes.

With your consent, we may retrieve information from cookies and other tracking technologies to assist with user navigation, analyse your use of our products and services, assist with our promotional and marketing efforts, and provide content from third parties.

You have the right to access your data and correct them, if necessary, by contacting us through the email below and describing the nature of your request. Please note, that you may also view part of your data on the SPENN App and/or Platform under the “Me” tab. You can also modify your data, but this may require further authentication to be completed.

If you choose to withdraw, or you do not give us your consent, to process some of your data which we are required by law to process in order to provide our services to you, you may not be able to use the SPENN App and/or Platform and any of its associate services.

Your rights according to your data

We adhere to the requirements of all applicable data protection regulations and we will process any requests that stem from your rights (such as the right to access and rectify your data, right to be forgotten, right to data portability, right to object to automated decision making, right to restriction of data processing, right to refuse further data processing and right to information), in line with the corresponding laws and regulations imposed on us by authorities of the country in which you reside.

Subject to the applicable regulations, you may exercise these rights when:

• you find out that your data are incorrect or incomplete;
• one of the following grounds applies:
  1. Your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
  2. You withdraw consent on which the processing is based or object to further data processing, and where there is no other legal ground for the processing or no overriding legitimate grounds for the processing.
  3. Your personal data have been unlawfully processed.
  4. Your personal data must be erased for compliance with a legal obligation to which we are subject.
  5. Your personal data were collected when you were a minor in accordance with the applicable law.
• you wish to receive your personal data; it will be provided to you in a structured, commonly used and machine-readable format.

You also have the right to lodge a complaint to our supervisory authority on the way we process your data:

The Norwegian Data Protection Authority (Datatilsynet)
P.O. Box 8177 Dep., 0152 Oslo

[email protected]

+47 22 39 69 00

 

Sharing Information

We do not sell the personal information of our customers and we do not share your personal information with any other companies without your consent for reasons other than delivering our services to you. We share your information with other companies that assist us in performing services for you, and solely for this purpose, including consulting and auditing. In such cases, we require full compliance with our Privacy Policy, so that your data are treated with the same standard of safety at all times. Those companies may be located outside your jurisdiction, but your data is protected by our contracts with them. Please note that government authorities of those jurisdictions may have access to your data. We may also release your personal information, if we are required, to comply with legal requirements, court orders, or to defend our or others’ legal rights or safety.

We may share anonymous, non-personally identifiable information with third parties for marketing or advertising purposes, but only if we receive your consent to do so. This means that your data may be automatically processed.

Your personal information may also be shared due to an acquisition, merger, receivership proceedings, insolvency, or bankruptcy proceedings we may undergo as a company.

Your name will be visible to other customers, who type in your phone number as a recipient of a transfer/request for transfer. This is to make sure that our customers send funds to the correct person, as our transactions are non-reversible.

Safety of Information

We implemented an internal data security policy together with our technical solutions and the professionalism of our staff to significantly mitigate the risk of loss or unauthorised disclosure and/or access to your data. The implemented safeguards are subject to legal requirements that we are bound by and that we strictly comply with.

The history of your transactions is secured by blockchain technology that provides an indelible and transparent record of transactions.

We store your data for as long as this is required by Anti-Money Laundering (AML), Counter Terrorist Financing (CTF), and Know Your Customer/Business (KYC/KYB) laws and regulations, both characteristic of financial and tax services.

The following must be retained for all transactions:

• Identification of customers – full details of evidence of identity for a minimum of 10 years from the end of the relationship with the customer.
• Transactions – full details of the transaction for a minimum of 10 years from the date the transaction was completed.

This may change, when the applicable regulations (both locally and internationally) change.

Links to Other Websites

We may at our discretion include links to third-party websites that are not covered by this Privacy Policy. Please make sure to review their policies in this matter. Please be advised that those websites may use cookies and collect data from you.

Phishing

Phishing is an unlawful practice of creating “phishing” websites that imitate legitimate websites in order to steal sensitive personal or financial information. The link to such fake websites is usually a part of an email a person receives that also looks legitimate. Such fake websites can be infected with malware; you can be asked to enter your personal details that can be used for identity theft. If you suspect that an email or any other communication you received may be of this nature (in that it only imitates Blockbonds/SPENN), please contact our Customer Service.

 

Communication

We may provide you electronically with information about your transactions, our products, and agreements between us. You hereby agree to receive such communication electronically. We may also contact you via SMS or a phone call on the telephone numbers you provided to us during registration, however not for the purpose of marketing unless we receive your prior written consent.

You can withdraw your consent to receive marketing communication by contacting us on the details below. If you opt-out from receiving the marketing communication, this will not affect communication relevant to your use of the Service.

Blockbonds AS,
Andoyfaret 33D,
4623 Kristiansand, Norway
E-mail: [email protected]