Legal Document

Privacy Policy

Last updated: April 1, 2025 · BlockShield AML Ltd.

BlockShield AML Ltd. ("we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our blockchain compliance verification platform ("Service"). Please read it carefully.

1. Data Controller

BlockShield AML Ltd. is the data controller responsible for your personal data. Company registration: [REG NUMBER PLACEHOLDER]. Registered address: [ADDRESS PLACEHOLDER]. Data Protection Officer: [email protected].

2. Data We Collect

We collect and process the following categories of personal data:

  • Account data: name, email address, organisation name, and billing information provided during registration.
  • Blockchain data: wallet addresses and public on-chain transaction data submitted for compliance screening.
  • Usage data: log files, IP addresses, browser type, pages visited, and interaction timestamps.
  • KYC/AML data: identity verification documents where required under applicable regulations.
  • Communications: any information you provide when contacting our support team.

3. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract performance: processing necessary to provide the Service you have subscribed to.
  • Legal obligation: processing required to comply with AML/CTF, GDPR, and other applicable laws.
  • Legitimate interests: fraud prevention, platform security, and service improvement.
  • Consent: marketing communications, where explicitly obtained.

4. How We Use Your Data

We use your personal data to:

  • Provide, operate, and maintain the Service
  • Process payments and manage your subscription
  • Generate AML compliance reports and risk scores
  • Communicate with you regarding your account and the Service
  • Detect, prevent, and investigate fraud and security incidents
  • Comply with legal and regulatory obligations
  • Improve and develop new features of the Service

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your data with the following categories of recipients:

  • Service providers: cloud hosting, payment processors, email delivery, and analytics providers acting as data processors on our behalf.
  • Compliance authorities: law enforcement, financial intelligence units, or regulators where required by law.
  • Business transfers: in connection with any merger, acquisition, or sale of assets, subject to confidentiality obligations.

6. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). Where such transfers occur, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

7. Data Retention

We retain personal data for as long as your account is active and for a period of five (5) years thereafter, or longer where required by applicable AML/CTF regulations. Blockchain screening data may be retained for up to seven (7) years in accordance with recordkeeping obligations.

8. Your Rights (GDPR)

If you are located in the EEA, you have the right to:

  • Access your personal data (Art. 15 GDPR)
  • Rectify inaccurate data (Art. 16 GDPR)
  • Erasure ("right to be forgotten") where legally permissible (Art. 17 GDPR)
  • Restrict processing in certain circumstances (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing based on legitimate interests (Art. 21 GDPR)
  • Lodge a complaint with your supervisory authority (Art. 77 GDPR)

To exercise your rights, contact us at: [email protected]

9. Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, multi-factor authentication, and regular penetration testing. However, no method of transmission over the internet is 100% secure.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on our platform. Continued use of the Service after changes constitutes acceptance of the updated Policy.

11. Contact Us

For privacy-related inquiries, contact our Data Protection Officer at [email protected] or write to: BlockShield AML Ltd., [ADDRESS PLACEHOLDER], [CITY, COUNTRY PLACEHOLDER].