BlindPay - Privacy Policy
Last Updated: 06/21/2024
Blind Pay, Inc.
At Blind Pay, we are committed to protecting your privacy and ensuring that your personal information is handled securely and responsibly. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our services, in compliance with the provisions of the General Data Protection Regulation (GDPR).
- Personal Data: Any information related to an identified or identifiable natural person, such as names, addresses, email addresses, identification numbers, and IP addresses.
- Data Subject: The person to whom the personal data refers.
- Data Controller: The entity that determines the purposes and means of processing personal data. In this case, it is us.
- Data Processor: The entity that processes personal data on behalf of the data controller. These are our vendors and partners who process your data as determined by us.
When you create an account, we may request your contact information, including your full name, home address, email, and phone number. To verify your identity as required by law, we may collect the following personal information:
- Identity Data: Full name, date of birth, gender, nationality, passport number, social security number, driver's license number, national ID card details.
- Contact Data: Email address, phone number, physical address, mailing address, emergency contact information.
- Financial Data: Bank account numbers, credit card information, income details, tax identification number, financial transaction history.
- Location Data: GPS coordinates, location history, Wi-Fi access point data, IP addresses.
- Employment Data: Employment details, job titles and descriptions, workplace location.
- Transaction Data: Purchase and sale history, transaction amounts, payment methods used, billing addresses, order amounts.
- Usage Data: Website or app usage patterns, session durations, pages visited, clickstream data, error logs, and crash reports.
- Marketing Data: Marketing preferences, subscriptions and newsletter preferences, responses to marketing campaigns, engagement with promotional materials, referral sources.
- User Account Data: Usernames and account identifiers, profile pictures and avatars, user-generated content (profile descriptions, bios), user preferences and settings, social connections and followers.
- Social Media Data: Social media profiles, user-generated content (posts, comments), friends and connections, social network activity.
If you contact us directly, we may request additional information such as your name, email address, home address, phone number, and other relevant personal details.
Our services allow users to select their preferred stablecoin and network for executing payouts. On the other hand, we use third-party financial institutions to send fiat payments.
We may obtain personal data from third-party partners and vendors to provide seamless and comprehensive services. These third parties may include:
- Payment Service Providers: Financial institutions that process your transactions.
- Identity Verification Partners: Vendors who verify your identity as required by law.
- Advertisers and Marketing Partners: To better understand your interaction with our services and provide personalized recommendations.
Our data collection, use, and sharing are based on various lawful bases, depending on the context. These include:
- Consent: When you provide your explicit consent for us to process your data.
- Performance of a Contract: When processing is necessary for the performance of a contract with you.
- Legal Obligation: When we need to use your data to comply with legal obligations.
- Legitimate Interests: When we have a legitimate interest that does not override your fundamental rights.
We use your data for various purposes, including:
- Providing and Maintaining Services and Apps: To ensure the functionality and availability of our services.
- Payment Processing and Order Execution: To process payments and complete orders in compliance with rules of transparency and competitiveness.
- Fraud Prevention: To detect and prevent fund losses, including those resulting from fraud and misuse of our services and apps.
- Compliance with Laws and Regulations: To ensure compliance with relevant laws and regulations, such as anti-money laundering and terrorism financing.
- User Communication and Support: To communicate directly with you or through our partners for customer support, notifications regarding changes and updates to services, important service-related information, marketing, and promotions.
- Service Improvement: To continuously improve the quality, performance, and features of our services.
- Research and Development: To conduct research and development activities related to our services, including the development of new features and functionalities of the app.
- Measurement and Analytics: To understand how users interact with our services, analyze user behavior, and identify preferences.
- Safety and Security: To promote the safety and integrity of your funds, our services, and data through protective measures and ongoing monitoring.
- User Account Management: To manage user accounts, including account setup, recovery, and termination.
- Personalization: To tailor user experiences based on preferences and behaviors, providing personalized content and recommendations.
We may share your information with various third parties to support and enhance our business operations, including:
- Vendors and Service Providers: Who assist us in maintaining and optimizing our business.
- Credit and Financial Institutions: To process your transactions and complete your orders.
- Identity Verification Services: To ensure compliance with legal requirements.
- Advertisers and Marketing Partners: To better understand your interaction with our services and provide personalized recommendations.
- Law Enforcement: To support investigations, maintain legal compliance, and ensure the safety and security of our app and users.
- Transfers, Mergers, and Acquisitions: In the event of insolvency, bankruptcy, acquisition, transfer of ownership, sale of assets, or succession, your personal information may be disclosed to the new owner, acquirer, or successor of the company or other relevant third parties.
We implement security measures to protect your personal information against unauthorized access, disclosure, alteration, and destruction. These measures include:
- Data Encryption: Using industry-standard encryption protocols to protect data during transmission and storage.
- Access Controls: Restricting access to your personal information to authorized personnel for legitimate business purposes.
- Employee Training: Training our team in data security best practices.
- Data Backups: Performing regular data backups to prevent data loss.
- Incident Response: Establishing incident response procedures to promptly address and mitigate any security incidents.
We retain your personal information only for the period necessary to fulfill the specific purposes for which it was collected. These retention periods may vary depending on the type of personal information and the purposes for which it was initially gathered.
As a user of our services and app, you have certain rights regarding the personal data we collect and use. These rights include:
- Right to Access: Request access to the personal data we hold about you.
- Right to Rectification: Request the correction of inaccurate or incomplete personal data.
- Right to Erasure (Right to Be Forgotten): Request the deletion of your personal data under certain circumstances.
- Right to Restriction of Processing: Request the limitation of the processing of your personal data under certain situations.
- Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format and transmit it to another data controller.
- Right to Object: Object to the processing of your data, including for direct marketing purposes or when we rely on legitimate interests as our legal basis for processing.
- Rights Related to Automated Decision-Making and Profiling: Request human intervention and review of decisions made solely by automated means that affect you significantly.
As some of our business partners, vendors, and service providers are located outside the European Union or European Economic Area, we may need to transfer your data to countries outside the EU/EEA zone.
We take stringent measures to ensure that such transfers are conducted in compliance with applicable data protection laws and that your data remains adequately protected.
Some of our data processing activities may involve transfers to and from data processors in countries that have received adequacy decisions from the European Commission. Adequacy decisions confirm that these countries provide a level of data protection that is deemed equivalent to EU/EEA standards. When such transfers occur, your data is adequately protected by the recipient's legal framework.
In cases where data is transferred to countries that do not have adequacy decisions or other recognized mechanisms, we utilize Standard Contractual Clauses (SCCs) as provided by the European Commission. SCCs are a set of contractual terms and conditions approved by the European Commission, providing a framework for the lawful transfer of personal data that imposes data protection obligations on both parties involved in the data transfer and ensuring that your data remains protected according to EU/EEA standards. These clauses include provisions that require the recipient to provide an adequate level of data protection.
We are committed to ensuring that all international transfers of your data are conducted with the utmost care and in compliance with relevant data protection regulations. If you have any questions or concerns about international data transfers or the mechanisms we employ to protect your data.
We may periodically update this Privacy Policy to reflect changes in our data processing practices and legal requirements or to improve transparency and clarity. When we make significant changes to this policy, we will notify you through the following channels:
- Direct Updates to the Policy: Any substantial changes to this Privacy Policy will be incorporated directly into the Policy and available for viewing through the app. We encourage you to review this Policy periodically to stay informed about how we handle your data.
- Notification via Twitter: We will use our official Twitter account to announce important updates and changes to the Privacy Policy. Follow us on Twitter to receive notifications and stay informed about the latest developments.
- Notification via Discord: We will also use our official Discord channel to communicate significant changes to the Privacy Policy. Join our Discord community to receive updates and discuss our data practices.
For any inquiries, requests, or concerns related to this Privacy Policy or our data processing practices, please contact us using the following information:
Blind Pay, Inc.
8 The Green, #19364, Dover, DE 19901 US
[email protected]