Privacy Policy

Last updated January 1, 2024

1. INTRODUCTION

This Privacy Policy describes how Credbull Labs Limited, doing business as "Credbull" and "BlackOpal" (registration number C110023, registered address: Level G (Office 1/1302) Quantum House 75, Triq L-Abate, Rigord, Ta Xbiex, Xbx 1120, Malta) ("Credbull", "we", "our", "us") collects, uses, protects, and shares your personal information when you use our website and services.

Key Points:

  • We are committed to protecting your privacy and being transparent about our data practices
  • This policy applies to all users of our website and services
  • We collect only the information necessary to provide our services effectively
  • You have rights regarding your personal data, which we detail below

1.1 Structure of This Policy

This Privacy Policy consists of three main sections:

  1. General Privacy Notice – applicable to all users
  2. EU/EEA Residents Notice – additional protections under GDPR
  3. Cookie Notice – how we use cookies and tracking technologies

1.2 Agreement to Terms

By using our website or services, you agree to this Privacy Policy. Please also review our Terms of Service, which govern your use of our platform.

2. SCOPE AND AGE RESTRICTIONS

2.1 Age Requirements

Our services are restricted to individuals who are at least 18 years old. We do not knowingly collect personal information from anyone under 18. If you are under 18, please do not use our services or provide any personal information to us.

2.2 Geographic Scope

This policy applies to all users worldwide, with additional protections for EU/EEA residents as described in Section 8.

3. DEFINITIONS

Account – Your registered account with Credbull

Applicable Data Protection Law – All applicable privacy and data protection laws, including GDPR, local privacy laws, and regulations

Blockchain Data – Information recorded on public blockchain networks

Controller – The entity that determines how and why personal data is processed

GDPR – General Data Protection Regulation (EU) 2016/679

Personal Data – Any information that can identify you as an individual

Services – All services provided by Credbull, including our website and platform

User – Any individual who uses our services

Wallet – Your digital cryptocurrency wallet

4. WHAT INFORMATION WE COLLECT

4.1 Information You Provide Directly

  • Account Information: Name, email address, contact details
  • Transaction Information: Loan details, payment information, wallet addresses
  • Communication Data: Messages, support requests, feedback
  • Identity Verification: Documents required for compliance (where applicable)

4.2 Information We Collect Automatically

  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: How you interact with our website and services
  • Location Data: General location based on IP address
  • Log Data: Server logs, error reports, performance data

4.3 Blockchain Information

  • On-Chain Data: Publicly available blockchain transaction data
  • Wallet Data: Public wallet addresses and associated transactions
  • Network Data: Information from blockchain networks we interact with

4.4 Information from Third Parties

  • Service Providers: Analytics providers, payment processors, identity verification services
  • Public Sources: Publicly available information relevant to our services
  • Business Partners: Information shared by authorized partners

5. HOW WE USE YOUR INFORMATION

5.1 Primary Uses

  • Service Delivery: Providing and managing our lending and financial services
  • Account Management: Creating and maintaining your account
  • Transaction Processing: Facilitating loans and payments
  • Customer Support: Responding to inquiries and providing assistance

5.2 Business Operations

  • Analytics: Understanding how our services are used and improving them
  • Security: Protecting against fraud, abuse, and security threats
  • Compliance: Meeting legal and regulatory requirements
  • Marketing: Communicating about our services (with your consent where required)

5.3 Legal and Safety

  • Legal Compliance: Fulfilling legal obligations and regulatory requirements
  • Dispute Resolution: Resolving disputes and enforcing our terms
  • Risk Management: Assessing and managing business risks
  • Law Enforcement: Cooperating with law enforcement when legally required

6. LEGAL BASIS FOR PROCESSING (EU/EEA RESIDENTS)

We process your personal data based on the following legal grounds:

  • Contract Performance: To provide services you've requested
  • Legitimate Interests: For business operations, security, and improvements
  • Legal Compliance: To meet regulatory and legal requirements
  • Consent: When you've given explicit permission (you can withdraw this anytime)

7. HOW WE SHARE YOUR INFORMATION

7.1 We Do Not Sell Your Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

7.2 When We Share Information

  • Service Providers: Third-party companies that help us operate our services
  • Business Partners: Partners who help us provide services to you
  • Legal Requirements: When required by law or to protect rights and safety
  • Business Transfers: In case of merger, acquisition, or sale of assets
  • Consent: When you explicitly agree to sharing

7.3 Types of Recipients

  • Payment processors and financial institutions
  • Identity verification services
  • Analytics and hosting providers
  • Professional advisors (lawyers, accountants)
  • Regulatory authorities when required
  • Other users of blockchain networks (for public blockchain data)

8. BLOCKCHAIN-SPECIFIC PRIVACY CONSIDERATIONS

8.1 Understanding Blockchain Technology

Blockchain networks are decentralized systems that record transactions permanently and publicly. When you use our services involving blockchain:

  • Immutable Records: Blockchain transactions cannot be deleted or changed
  • Public Visibility: Some information may be visible on public blockchain networks
  • Decentralized Control: We don't control blockchain networks and cannot remove data from them

8.2 Privacy Implications

  • Your wallet address and transaction details may be publicly visible
  • Third parties may analyze blockchain data to identify patterns
  • We cannot delete information once it's recorded on a blockchain
  • Additional privacy risks exist when using public blockchain networks

8.3 Your Choices

  • Consider using privacy-focused wallets or techniques
  • Understand the permanent nature of blockchain transactions
  • Review blockchain-specific risks in our Terms of Service

9. DATA RETENTION

9.1 How Long We Keep Your Data

  • Active Accounts: While you use our services and as needed for business purposes
  • Closed Accounts: Up to 7 years after closure for legal and regulatory compliance
  • Legal Requirements: As long as required by applicable laws
  • Legitimate Interests: Until you object or our interests no longer apply

9.2 Secure Deletion

When retention periods expire, we securely delete or anonymize your personal data using industry-standard methods.

10. DATA SECURITY

10.1 How We Protect Your Information

  • Encryption: Data is encrypted in transit and at rest
  • Access Controls: Limited access to personal data on a need-to-know basis
  • Regular Audits: Security assessments and vulnerability testing
  • Employee Training: Staff education on data protection practices
  • Incident Response: Procedures for handling security breaches

10.2 Your Role in Security

  • Keep your login credentials secure
  • Use strong, unique passwords
  • Enable two-factor authentication when available
  • Report suspicious activity immediately

11. INTERNATIONAL DATA TRANSFERS

11.1 Cross-Border Transfers

We may transfer your personal data outside your country of residence to:

  • Provide our services effectively
  • Work with international service providers
  • Comply with global regulatory requirements

11.2 Safeguards for EU/EEA Residents

When transferring data outside the EU/EEA, we use:

  • Adequacy Decisions: Countries approved by the European Commission
  • Standard Contractual Clauses: EU-approved contract terms
  • Other Safeguards: Additional protections as required by law

12. YOUR PRIVACY RIGHTS

12.1 General Rights (All Users)

  • Access: Request information about how we use your data
  • Correction: Update inaccurate or incomplete information
  • Deletion: Request deletion of your data (subject to legal requirements)
  • Portability: Receive your data in a portable format
  • Objection: Object to certain types of processing

12.2 Additional Rights for EU/EEA Residents

  • Restriction: Limit how we process your data
  • Consent Withdrawal: Withdraw consent for consent-based processing
  • Complaints: Lodge complaints with data protection authorities
  • Automated Decisions: Protection against solely automated decision-making

12.3 Exercising Your Rights

To exercise your rights, contact us at contract@credbull.io or write to: Quijano Chambers, P.O. Box 3159, Road Town, Tortola, British Virgin Islands

We will respond to your request within 30 days (or as required by applicable law).

12.4 Limitations

Some rights may be limited by:

  • Legal requirements for data retention
  • Blockchain technology constraints
  • Legitimate business interests
  • Protection of others' rights

13. COOKIES AND TRACKING TECHNOLOGIES

13.1 What Are Cookies

Cookies are small text files stored on your device that help us provide and improve our services.

13.2 Our Cookie Use

Currently, credbull.io and related websites do not use cookies. If this changes, we will update this policy and notify you.

13.3 Third-Party Tracking

We may use third-party services that set their own cookies or tracking technologies. These are governed by their respective privacy policies.

14. MARKETING COMMUNICATIONS

14.1 Our Communications

We may send you:

  • Service updates and important notices
  • Marketing messages about our services (with your consent)
  • Educational content about blockchain and finance

14.2 Your Choices

You can:

  • Opt out of marketing emails at any time
  • Adjust your communication preferences in your account
  • Contact us to update your preferences

15. CHILDREN'S PRIVACY

We do not knowingly collect information from children under 18. If we discover we have collected such information, we will delete it immediately. Parents who believe we may have collected information from a child should contact us.

16. CHANGES TO THIS POLICY

16.1 Policy Updates

We may update this policy to reflect:

  • Changes in our practices
  • New legal requirements
  • Service improvements
  • User feedback

16.2 How We Notify You

We will notify you of significant changes by:

  • Posting the updated policy on our website
  • Emailing registered users (when required)
  • Providing notice through our services

16.3 Your Continued Use

Your continued use of our services after policy changes indicates acceptance of the updated terms.

17. CONTACT INFORMATION

17.1 Privacy Questions

For privacy-related questions or requests, contact us at:

  • Email: contract@credbull.io
  • Mail: Quijano Chambers, P.O. Box 3159, Road Town, Tortola, British Virgin Islands

17.2 EU/EEA Representative

For EU/EEA residents, our representative contact details are: [Contact information for EU representative if appointed]

17.3 Data Protection Officer

If we have appointed a Data Protection Officer, their contact information is: [DPO contact information if applicable]

18. COMPLAINT PROCEDURES

18.1 Internal Complaints

If you have concerns about our privacy practices, please contact us first at contract@credbull.io.

18.2 Regulatory Complaints

EU/EEA residents may also lodge complaints with their local data protection authority.

18.3 Resolution Timeline

We aim to resolve privacy concerns within 30 days of receiving your complaint.

 

This Privacy Policy was last updated on January 1, 2025. We encourage you to review it regularly to stay informed about how we protect your privacy.