I. Introduction

Dear Investors and Clients

We are a blockchain security, hardware start-up, currently in stealth mode, but open for early stage investors. We maintain our Website bitfold.com (“the Website”) to present our Bitfold project (“the Project”). If you would like to receive updates on the Project progress or you are interested in participating (financially or by sharing your know-how with us) in the Project, you can provide us with your e-mail address. 

In this document, we would like to familiarize you with the most important information and rules regarding the processing of personal data in connection with the Regulation on the Protection of Personal Data (GDPR). 

Regulation of the European Parliament and Council 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC (known as the GDPR) is in force from 25 May 2018 on the territory of the European Union. 

In accordance with the applicable provisions on the protection of personal data, in particular the general Regulation, in order to ensure proper protection of personal data, the data subject must first of all provide information regarding the processing of personal data set out in Article 13 or 14 RODO – depending on whether they were obtained directly from the data subject or from other sources. The required information is provided below, including, in particular, the principles of protection and processing of Users’ Personal Data by the Personal Data Administrator.

II. Who is the Personal Data Administrator (the Controller)

The Administrator, that is the entity deciding how your personal data will be used, is:  

FOUNDATION: “BLOCKCHAIN DEVELOPMENT FOUNDATION” with its registered seat in Poland, Lodz, zip code: 90-318, ul. Henryka Sienkiewicza 82/84, entered in the Register of Associations, other Social and Professional Organizations, Foundations and Independent Public Health Care Establishments as well as the Register of Entrepreneurs operated by the District Court for Łódź – Śródmieście in Łódź, 20th Commercial Department of the National Court Register under KRS number: 0000707404, REGON: 368944428, NIP: 7252244107, hereinafter referred to as: “the Foundation”

III. How to contact us for more information on the processing of your personal data?

All correspondence regarding matters related to the processing of your personal data, please send in writing to the address of the administrator with the note “Personal data” or to the e-mail address jakub.zurawinski@blockchaindev.eu also with the inscription “Personal data”. The administrator does not appoint an inspector of personal data protection, as there is no obligation to do so. In particular, the following should be reported to this address:
– all events affecting the security of information transfer;
– possible suspected personal data breach;
– suspicion of sharing files containing viruses and other files of similar nature.

IV. How do we collect your data?

We collect the personal data of our Users through the Website, from themselves – they provide personal data providing us with their e-mail address.

V. Requirement to provide personal data

1. Providing any personal data is voluntary and depends on your decision.
2. However, providing personal data is necessary to receive updates on the Project progress or to receive information from us about possible cooperation if you are interested in participating (financially or by sharing your know-how with us) in the Project. Therefore, to contact with us you have to provide us with your e-mail address.
3. Your personal data is stored in the system used by the Administrator to manage contacts with current and potential Bitfold clients, partners and investors. 

VI. Automated decision making and profiling

We kindly inform you that we do not make automated decision-making, including on the basis of profiling.

VII. What is the purpose of processing your personal data by the Foundation?

For the purpose of contact with you:
If you would like to receive updates on the Project progress – for the purpose of sending to your e-mail address updates on the Project progress;
If you are interested in participating (financially or by sharing your know-how with us) in the Project – for the purpose of contacting with you in matters relating to participation.

VIII.  What is the legal basis for the processing of my personal data?

The legal basis for the processing of your data will be:
a) Consent granted;
b) The necessity to fulfill the legal obligation imposed on the administrator;
c) Necessity arising from legitimate interests pursued by the administrator, such as sending updates on the Project progress or contacting with you in matters relating to participation in the Project (financially or by sharing your know-how with us).

IX. What personal information do we collect?

E-mail address
In addition, we also collect operating data that characterizes both the way you use the Website, in particular: IP address (both static and dynamic), digital logs, information about your use of the Website, browser type, domain name and the type of operating system.

X. Cookies Policy

1. On the Website we use the so-called cookies, i.e. short text information, saved on a computer, phone, tablet or other user’s device. They can be read by our system as well as by systems belonging to other entities whose services we use.
2. Cookies meet a lot of functions on the website, most often useful, which we will try to describe below (if the information is insufficient, please contact us):
a) for ensuring security – cookies are used to authenticate users and prevent unauthorized use of the client’s panel. They are therefore used to protect the user’s personal data against unauthorized access;
b) about the impact on the processes and efficiency of using the website – cookies are used to make the website work efficiently and to use the features available on it, which is possible, among other things, by remembering the settings between subsequent visits on the website. Thanks to them, you can efficiently navigate the website and individual subpages;
c) about the state of the session – cookies often contain information about how visitors use the website, for example which pages are most often displayed. They also enable identification of errors displayed on some subpages. Cookies used to save the so-called “Session state” therefore helps to improve services and increase the comfort of browsing;
d) for maintaining session status – if the client logs in to his panel, cookies allow the session to be sustained. This means that after changing to another subpage, you do not have to enter your login and password again, which contributes to the comfort of using the website;
e) about creating statistics – cookies are used to analyze how users use the website (how many websites are open, how long they stay on that website, which content arouses the most interest, etc.). Thanks to this, we can constantly improve the website and adapt its operation to the preferences of users.
3. Your internet browser allows for the use of cookies in your device by default, therefore, at the first visit, please agree to the use of cookies. However, if you do not wish to use cookies while browsing the website, you can change the settings in the web browser – completely block the automatic handling of cookies or request notification whenever cookies are placed on the device. Settings can be changed at any time.
4. While respecting the autonomy of all persons using the website, we feel, however, that we must notify you that disabling or limiting the use of cookies may cause quite serious difficulties in using the website, eg in the form of having to log in to any subpage, longer charging period websites, restrictions on the use of functionality, limitations in liking a page on Facebook etc.

XI. The period of processing and storage of personal data

1. In accordance with applicable law, we do not process your personal information perpetually but for the time that is needed to achieve the purpose of processing. After this period, your personal data will be irretrievably deleted or destroyed.
2. The period of storage of personal data for the time of the Project implementation + 3 months after the Project finishes and in case of deregistration – up to 3 months from the day of deregistration.  

XII. Your rights 

1. Your basic rights are as follows: 
a) Access your personal data;
b) Correction of personal data;
c) Removal of personal data;
d)Update your data;
e) Restrictions on the processing of personal data;
f) Oppose the processing of personal data;
g) Transfer of personal data.
h)Withdrawing consent to the processing of personal data
i) To file a complaint regarding the processing of personal data by us.
2. We indicate that these rights are not absolute, and therefore we may legally refuse you to comply in some cases. However, if we refuse to accept the request, then only after careful consideration and only if the refusal to consider the request is necessary.
3. The rights referred to in point 1 you carry out:
a) by e-mail to jakub.zurawinski@blockchaindev.eu or
b) in writing to the address of the Data Administrator,
In order to verify your application, the Administrator may ask for additional information or for sending documents necessary to confirm the identity of the applicant; in the absence of providing this information or sending documents, the Administrator reserves the right to leave the application without recognition. If the application is correct, the Administrator executes it within 7 days from the day of the submission of the correct application (this deadline is due to technical issues). In exceptional cases, this period may be longer, about which the Administrator will notify the User.
4. A request to delete (remove) personal data takes place when:
a) Your data will no longer be necessary for the purposes for which it was collected by the Administrator;
b) You withdraw your consent to the processing of personal data;
c) You will object to the processing of your data;
d) Your data will be processed illegally;
e) The data should be deleted in order to fulfill the obligation arising from the law; or
f) The data was collected in connection with the provision of electronic services offered to the child;
Removal of personal data from our database means that it will not be processed in it and will not be shared with other entities. However, it does not mean the cessation of data processing by entities to whom the Data was previously made available (eg the fact that your personal data will be removed from our database does not mean that the entity that previously provided your personal data from us will not send you e- e-mail. Any complaints in this regard and requests to delete personal data should be directed to the Sender.
5. The right to request limitation of data processing shall be due if:
a) You will notice that your data is incorrect – you can then request to limit the processing of your data for a period of time that allows us to check the correctness of this data or
b) Your data will be processed unlawfully, but you will not want to be removed;
c) Your data will no longer be needed but may be needed to defend or enforce claims; or
d) You will object to the processing of the data pending the determination of whether the legitimate grounds on our side are superior to the grounds of objection.
6. The right to oppose further processing shall apply if:
a) The processing of your personal data is based on a legitimate interest or for statistical purposes, and the opposition is justified by the specific situation in which you have found yourself. However, according to the law, we may refuse to take into account the objection if we show that:
– There are legitimate grounds for processing which override your interests, rights and freedoms (such as tax law, accountancy law, obligation to prove accountability)
– There are grounds for establishing, pursuing or defending claims.
7. The right to lodge a complaint in relation to the processing of your personal data by us – you do so by submitting it to the supervisory body, which is the Urząd Ochrony Danych Osobowych ul. Stawki 2, 00-193 Warsaw.
8. If the processing of personal data takes place on the basis of consent, you may withdraw your consent at any time – at its sole discretion.
9. If you would like to withdraw your consent to the processing of personal data, simply send an e-mail to the following address: Jakub.zurawinski@blockchaindev.eu
10. If the processing of your personal data took place on the basis of consent, its withdrawal does not mean that the processing of personal data up to this point was illegal. In other words, until the withdrawal of consent, we have the right to process your personal data and its revocation does not affect the legality of the current processing.

XII. Who do we share your personal information with?

1. Our subcontractors (processors), such as:
a) Accounting firm servicing the Administrator;
b) Legal and IT companies, contractors of services at the request of the Administrator;
c)Polish Agency for Enterprise Development – under a grant agreement;
d)Lease server
e) Our employees and people cooperating with us;
f) Entities providing software and e-internet service platform.
2. Entities or bodies entitled under the law;

XIV. Will your personal data be transferred outside the European Economic Area?

Your personal data may be transferred to Switzerland, which is not member of EEA.

XV. How am I identified in the Administrator system?

The system assigns the user and the order to the appropriate ID (identifier).

XVI. Responsibility for securing and processing personal data

1. The company providing the server is also responsible for the proper protection of Personal Data – Usługi internetowe Serwis4U Marek Rusak; Kranów 46B
26-021 Daleszyce
2. The Administrator is responsible for the processing of Personal Data in accordance with the law.
3. The Administrator is not responsible for the effects of providing Personal Data to a public authority if the obligation to disclose results from the law or from the request of such authority; all claims in this respect should be addressed to that public authority.

XVII. Final provisions

1. In matters not covered by this Privacy Policy, the regulations on the protection of personal data apply.
2. Any amendments to this Privacy Policy will be notified to you by e-mail. 
3. This Privacy Policy is effective from April 2020.