Privacy Policy

Privacy Notice

This privacy policy provides information on what personal data we collect from you, how we collect it, use it and share it. We apply this privacy policy in accordance with applicable laws where we operate. In some cases, we may provide additional information specific to certain features, activities or regions.

1. EOSIO TRAINING & CERTIFICATION AND DATA PRIVACY

Accountability for and transparency about the way in which we handle your personal data are extremely important to us. In some cases, where we are using your personal data for our own purposes, we act as the data controller. In other cases, such as where we are providing a service for your employer or educational institution, we act as the data processor, and you should refer to the relevant privacy policy for the data controller. This Privacy Notice is given by and on behalf of the relevant contracting EOSIO Training and Certification (“ETC”) entity specified in the [Terms and Conditions].

You should carefully review this Privacy Notice, as well as the [Terms and Conditions] and all other Policies specified in the [Terms and Conditions] before proceeding.

Where law or regulation requires us to provide you with a notice, or other explanation of the information about you that we collect and process (or similar), this Privacy Notice shall be understood as fulfilling our obligation to provide you with such notice or explanation.

2. INFORMATION THAT ETC COLLECTS

We collect certain personal data, which is not generally publicly accessible, other than the Credential Designation status referenced in the next section. As explained below, we only process your non-publicly accessible personal data to the extent required for platform administration and certain other limited uses which are necessary for the services we provide to you or to fulfill our legal rights and obligations.

2.1 CREDENTIAL DESIGNATION STATUS THAT IS PUBLICLY ACCESSIBLE

Please be aware that ETC Credential Designation status may be made accessible to all, whether the person accessing the information is a registered ETC user or not, for the purposes of verifying your status. Access to Credential Designation status may be obtained by ETC disclosing this information to a requesting third party, or by ETC providing third parties with access to a database that is searchable using your personal data, such as your name or email address.

2.1.1 HOW IS PUBLICLY ACCESSIBLE DATA STORED AND PROCESSED

ETC will store information in its systems relating to your name, information about Training Programs or Assessments for which you have registered, your Credential Designation status, and information regarding associated Training Program completion and Assessment results. This information is processed and may be shared with third parties to administer and facilitate the Block.one Credential Program and the Block.one Partner Program.

Additionally, Credential Designation information may also be in a stored publicly accessible database.

Please remember that it is possible for third parties to take information which is publicly accessible and use it without our knowledge. This is outside of our control and any such use is beyond the remit of this Privacy Notice. Depending on your place of residence, such third parties may be obliged to notify you if they have obtained your personal data in this way.

2.2. INFORMATION THAT IS NOT PUBLICLY ACCESSIBLE

We process certain information about you which is not publicly accessible:

Certain information that we collect from you as part of the ETC sign-up process. This may include:
Name
Email address
Other identifying or contact information you may provide to us

If you sign up for ETC using a social media login (for example, through LinkedIn, Facebook, or Google), ETC collects the following information from your chosen social media platform to facilitate the signup process:

Name
Email address
Profile photo provided by social media platform
Other identifying or contact information you may provide to us

When using a social media platform to sign up for ETC, no information is provided back to the social media platform by ETC. No connection is created between your social media account and your ETC account.

Information relating to Training Programs, Credential Programs, Training Materials, or Assessments. This includes:
Information about the Programs which you have completed
Credential Designations you have received
Assessments that you have successfully completed
Training Materials accessed, viewed, or requested
Information you otherwise provide to us. This includes:
Information you provide when registering your interest in ETC
Updates you provide within your ETC account (such as adding profile photo or changing your preferences)
Information you provide to us via our Help Center
Information you provide in any emails or other correspondence you send to us
Information you provide in submitting any question or comment or completing any survey, questionnaire or other form
Information that our platform and other systems collect about you.
When you use or visit ETC, it will automatically collect some information about you and your visit, including Internet and network activity such as the Internet Protocol (IP) address (which may provide information about your location) used to connect your device to the Internet and some other information such as your browser type and version, website navigation patterns, the pages that you visit as well as the timing, length, frequency of each visit.
We use third-party service providers to run data analytics. ETC may also download “cookies” to your device or place cookies onto your browser. For more information about these service providers and the nature of the services they provide and a description of the cookies we use, please refer to our separate Cookie Notice.
If you exchange emails, telephone conversations or other electronic communications with our employees and other staff members, our information technology systems may record details of those conversations, sometimes including their content, which may include visual and audio information about you.
Other information.
We may also collect certain information from other sources. For example, to protect our business and comply with our legal and regulatory obligations.
We do not market to and do not knowingly collect any personal data from or about a child under the age of 16 without the consent of the child’s parent or legal guardian. ETC is not intended for children under the age of 16. Children under the age of 16 must not use ETC for any purpose without first obtaining legally valid parental/guardian consent to this Privacy Notice (both for themselves and on your behalf). If you believe we have any personal data from any children under the age of 16 without such parental/guardian consent, please contact us at the email address specified below.
We do not sell any of your information to anyone, and we never will without your consent. We also impose strict restrictions on how our partners can use and disclose the data we provide.

3. HOW WE MAY USE YOUR INFORMATION AND BASIS OF PROCESSING

We only process certain types of your information as necessary to fulfill our Terms of Use and with your consent for specific purposes through enabling and disabling settings on the ETC platform. For users who live in the European Economic Area (EEA), it also identifies the legal basis under which we process your data:

Information	Lawful Basis	Purpose of Processing
Registration and Log-in Data	Contract	to create your user account; to login to your account; notify you of changes to ETC; provide user support; to enforce ETC terms, conditions and policies; to communicate with you; to develop new and improve existing services; administer the platform including troubleshooting; to enable you to share content and interact with others; to provide language and location customization; to detect abuse, fraud and illegal activity on ETC.
Platform use information	Contract Legitimate Interest: Providing service and improving the platform and user experience	to manage the ETC platform in accordance with your instructions and requests (including your online ETC profile and preferences); to provide personalized help and instructions; to provide language and location customization; to develop new and improve existing services; administer the platform including troubleshooting; ensure content is presented is the most appropriate format for your device.
Security and investigations	Legitimate Interest: Security and protection of data	To operate, administer, secure and improve ETC and other aspects of the way in which we conduct our operations to promote safety and security; to communicate with you on service-related issues; verify accounts and activity (This includes processing data for identity verification purposes); prevent harmful conduct or illegal content; detect spam; investigate suspicious activity in breach of our[Terms and Conditions] to protect our business from fraud, money-laundering, breach of confidence, theft of proprietary materials and other financial or business crimes; To administer the [Terms and Conditions] and any other Policies specified in the [Terms and Conditions], and any other policies and rules applicable to ETC.
Customer Support	Legitimate interest: Respond, investigate and resolve customers’ queries	to answer any user queries to resolve accounts issues.
Sharing with law enforcement/legal requests	Legal Obligation Legitimate interest: Complying with laws in the jurisdictions where we are subject to them	to comply with valid legal requests; to comply with our legal and regulatory obligations.
Protection of interests of an individual	Vital Interests	protection of your life or physical integrity or that of others; to combat harmful conduct; to promote safety and security.
Marketing Information	Consent	to provide you with personalized advertising; send emails with details about products/services that may be of interest to you.

4. DISCLOSURE AND INTERNATIONAL TRANSFER OF YOUR INFORMATION

The ETC business is based in the United States, and all personal data you supply to us will be stored in, or accessed from, this location. We may disclose personal data about you:

to other members of the Block.one Group, as reasonably necessary for them to complete designated processing activities and on the legal bases set out above;
to our suppliers, subcontractors and service providers who need access to the data to assist us with operating ETC. They include service providers who host our websites, or other information technology systems, or otherwise hold or process your information on our behalf, under appropriate conditions of confidentiality and security. We endeavor to only share the minimum amount of personal data that these service providers need to perform their tasks;
to a person who intends to or is taking over our business and assets, or relevant parts of them, due to a prospective or concluded merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy, or other change of ownership or control;
to regulatory, prosecuting and other governmental agencies, courts or authorities or litigation counterparties, in any country or territory; and
to comply with any applicable laws or regulations; protect our legitimate rights, privacy, property, vital interests, health and safety, as well as those of our customers, business partners, personnel, or the general public; seek professional advice, manage risk (including obtaining and managing insurance), pursue available remedies or limit damages; enforce our Terms of Use; or respond to an emergency.

These disclosures may involve transferring your personal data to any of our offices overseas for processing in accordance with this Privacy Notice and as permitted by the applicable laws. If you are dealing with us within the European Economic Area (EEA) or the United Kingdom (UK), you should be aware that this may include transfers to countries outside the EEA / UK. Such intra-organizational transfers are based on approved mechanisms.

Where we rely on our service providers located outside of your jurisdiction and acting as data processors, we ensure that they are subject to laws ensuring an adequate level of data protection as set out in an applicable adequacy decision of the relevant regulatory authority or will ensure that an adequate level of data protection will be available on the basis of EU standard contractual clauses and additional safeguards, as required.

5. RETENTION AND DELETION OF YOUR INFORMATION

We retain your personal information for the period of time necessary to fulfill the purposes outlined in this Privacy Notice and our record retention policies. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

We delete or anonymize the information that we hold about you after the retention period set in relation to your information. Further information about our record retention policies is available on request. Please contact us through one of the communication methods set out below.

6. SECURITY OF YOUR INFORMATION

The security of your information is important to us. We have implemented appropriate technical, physical and administrative security measures intended to protect your personal data from unauthorized access, disclosure, alteration or destruction. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

7. RIGHTS OF INDIVIDUALS IN CERTAIN PLACES

If you are located in certain places, you may have some or all of the following rights pursuant to data protection or privacy laws that apply to you:

A right of access to the personal data that we hold about you, and information related to how we process your data. Such related information include information on the categories of data, the sources from which it originated, the purpose and legal basis for the processing, the expected retention period, the recipients of your Personal Data, and the safeguards regarding data transfers to other jurisdictions, subject to the limitations set out in applicable laws and regulations. We will provide you with one copy of your personal data free of charge, but we may charge you a reasonable fee to cover our administrative expenses if you request further copies of the same information.
A right to require any inaccurate personal data that we hold about you to be corrected or deleted.
A right to ask us to delete your Personal Data, subject to our legal rights and obligations to retain it.
A right to ask how your personal data has been shared, if at all, with third parties for the third parties’ direct marketing purposes, as well as to object to our use of your personal data for direct marketing purposes at any time.
A right to object to our processing of some or all of your personal data – based on our legitimate interest (or that of a third party) – on the basis that it impacts on your fundamental rights and freedoms.
A right to restrict our processing of some or all of your personal data if:
- you dispute the accuracy of your personal data;
- your Personal Data was processed unlawfully and you request a limitation on processing, rather than the deletion of your personal data;
- we no longer need to process your personal data, but you require your Personal Data in connection with a legal claim; or
- you object to the processing pending verification as to whether an overriding legitimate ground for such processing exists.

We may continue to store your personal data to the extent processing is required or based on one of the following bases: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

A right to data portability, which means you may receive your personal data in a structured, commonly used and machine-readable format. However, you may only exercise this right if the processing of your data is based on your consent or carried out by automated means.
A right to withdraw, at any time, any consent that you gave us to process your data. Your consent withdrawal will not affect the lawfulness of the processing done before the withdrawal.

If you wish to exercise any of these rights that apply to you, please contact us as set out below. When exercising any of these rights, you will have to prove your identity to our satisfaction so that we can be sure that they apply to you and to safeguard your information from unauthorized access by someone impersonating you.

In the event where you do not have the benefit of a particular right (whether stated above or not) or we do not have to comply with a particular obligation, we may nevertheless without obligation and in our sole discretion grant you the benefit of such right or choose to fulfill such obligation but are under no continuing obligation to do so.

You may also be able to lodge a complaint about our processing of your personal data with the body regulating data protection in your country, where you live or work, or the location where the data protection issue arose, but we would invite you to attempt to resolve the issue with us first.

8. DO NOT TRACK

Certain web browsers and other devices you may use to access ETC may permit you to submit your preference that you do not wish to be “tracked” online. We do not currently commit to responding to these submissions, in part, because no common industry standard for “do not track” has been adopted by industry groups, technology companies, or regulators. We will make efforts to monitor developments around “do not track” browser technology and the implementation of a standard.

9. CONTACT US

We welcome questions, comments and requests regarding this Privacy Notice and our processing of personal data. Please use the following means to contact us:

By mail to: 4001 Kennett Pike, Suite 302, Wilmington, Delaware 19807, United States
By email to: [email protected]
By phone at: +1 540 315 8111

If you are in the EEA, you may also contact our EU Representative, designated for the purposes of Article 27 of the GDPR:

By mail to: Achieved Compliance Advocacy, Ltd., Attn: Ms. S. Ali re Block.one, Princess House, Princess Way, Swansea, UK SA1 3LW
By email to: [email protected]

Alternatively, you may contact our appointed data protection officer whose contact details are as follows:

By mail to: HewardMills Ltd., 77 Farringdon Road, London, UK EC1M 3 JU.
By email: [email protected]

Please also contact us using the method above if you have a disability and require this Privacy Notice in an alternate format.

10. CHANGES TO THIS PRIVACY NOTICE

Any changes we make to this Privacy Notice in the future will be made available on ETC and also available if you contact us as set out above. Please check back frequently to see any changes. To the extent permitted by law, by continuing to use ETC after changes have been posted, you are confirming that you have read and understood the latest version of this Notice.

If you do not agree with any of the statements set out in this Privacy Notice, you should stop using ETC in any way.

Date of Last Update: September 30, 2020