PRIVACY POLICY – TeknoChains

Effective date: 10th October 2024

1. Introduction

Welcome to TeknoChains Ltd (“TeknoChains,” “we,” “us,” or “our”), a UK-based Web3 agency specializing in providing blockchain integration, decentralized finance (DeFi) solutions, NFT services, and cryptocurrency-related consulting. We are committed to safeguarding the privacy and personal data of our clients, website visitors, and other stakeholders. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you access our website (www.teknochains.com) or engage with our services.
This Privacy Policy applies to all individuals and entities that interact with us, including:
  • Website Visitors who browse our site.
  • Clients who engage us for consulting, development, marketing, or other services.
  • Business Partners and Service Providers with whom we collaborate.
We are committed to ensuring that your privacy is protected and that we process your personal data in compliance with applicable laws and regulations, including the UK Data Protection Act 2018 and the General Data Protection Regulation (GDPR). By using our website or services, you agree to the practices described in this Privacy Policy.
If you have any questions or concerns regarding our data practices, please contact us at privacy@teknochains.com.

2. Data Controller Information

For the purposes of the GDPR and other applicable data protection laws, the Data Controller is:
TeknoChains Ltd
Company Registration Number: [Insert Number]
Registered Address: [Insert Address], United Kingdom
Contact Email: privacy@teknochains.com
If you have any questions or concerns regarding this Privacy Policy or your rights under data protection laws, you may also contact our Data Protection Officer (DPO) directly:
Data Protection Officer (DPO): [Insert Name]
Contact Email: dpo@teknochains.com
Contact Number: [Insert Contact Number, if applicable]
We are registered with the Information Commissioner’s Office (ICO) in the UK as a data controller, and we follow the ICO’s guidance to ensure compliance with the GDPR and other relevant data protection regulations.

3. Types of Personal Data Collected

TeknoChains collects different types of personal data depending on the nature of your interaction with us. The categories of data collected include:

3.1 Contact Information

  • Name, Email Address, Phone Number, Company Name, and Job Title.
  • This data is primarily collected when you fill out our contact forms, sign up for newsletters, or engage us for services.

3.2 Financial and Transactional Information

  • Billing Information (e.g., billing address, company VAT number).
  • Cryptocurrency Wallet Addresses used for transactions.
  • Payment Information (e.g., transaction history, cryptocurrency transfer details).

3.3 Project-Related Data

  • Information related to your project requirements, objectives, and specifications.
  • Data shared during consultations, service agreements, and project execution.

3.4 Technical and Usage Data

  • IP Address, Browser Type, Operating System, Device Information, and Geolocation Data.
  • Data collected through cookies, log files, and other tracking technologies to monitor website traffic and usage patterns.

3.5 Marketing and Communication Preferences

  • Your preferences for receiving marketing communications from us.
  • Records of consent, opt-ins, or opt-outs for specific communications.
We may also collect anonymized or aggregated data that does not directly identify you, which we use for internal research, analytics, and reporting purposes. This type of data is not considered personal data under applicable laws.

4. Methods of Data Collection

TeknoChains collects personal data through various channels, including:

4.1 Direct Interactions

  • You may provide us with your personal data when you:
    • Fill out forms on our website (e.g., contact forms or project inquiry forms).
    • Contact us via email, phone, or other communication channels.
    • Engage us for services and sign service agreements.

4.2 Automated Technologies

  • When you visit our website, we use cookies and other tracking technologies to collect technical and usage data. This includes:
    • Browsing patterns (e.g., pages viewed, time spent on each page).
    • Referral data (e.g., how you reached our website).
    • Interaction data (e.g., clicks, scrolls).
For more information on how we use cookies and your options to manage them, please refer to our Cookie Policy

4.3 Third-Party Sources

  • We may collect data from third-party service providers and partners, such as:
    • Social Media Platforms (e.g., LinkedIn, Twitter) when you engage with our content.
    • Analytics Providers (e.g., Google Analytics) to analyze website traffic.
Payment Processors and Cryptocurrency Exchanges for transaction details.

4.4 Publicly Available Sources

  • We may collect information about your business or professional profile from publicly available sources (e.g., business directories, LinkedIn) to better tailor our services and offerings.
We ensure that data collected from third-party sources is obtained lawfully and that the third parties are compliant with applicable data protection regulations.

5. Purpose of Data Processing

TeknoChains collects and processes personal data for specific purposes, in line with your expectations and applicable data protection laws. The main purposes for which we process your data include:

5.1 Providing Our Services

  • Managing client projects, communicating project status, and fulfilling service agreements.
  • Customizing our solutions to meet the unique needs of your Web3, blockchain, or DeFi project.

5.2 Payment Processing and Invoicing

  • Processing payments, including cryptocurrency transactions.
  • Managing billing, invoices, and financial records.

5.3 Marketing and Promotional Activities

  • Sending newsletters, updates, and marketing communications.
  • Tailoring marketing campaigns based on your preferences and past interactions.
  • Conducting surveys and obtaining feedback on our services.

5.4 Website Analytics and Service Improvement

  • Monitoring website usage patterns and interactions to improve website functionality.
  • Analyzing technical data to enhance user experience and optimize performance.

5.5 Compliance with Legal and Regulatory Obligations

  • Complying with UK laws, GDPR, and industry regulations.
  • Fulfilling obligations related to Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations for cryptocurrency transactions.

5.6 Security and Fraud Prevention

  • Detecting and preventing fraudulent activities, data breaches, and other security incidents.
  • Ensuring the integrity and security of our systems and services.
We process personal data only to the extent necessary for the purpose at hand and take appropriate measures to limit the use of data for secondary or unrelated purposes.

6. Legal Bases for Processing

Under the GDPR, we are required to identify the legal basis for each type of personal data processing. The legal bases for processing personal data at TeknoChains include:

6.1 Consent

  • We rely on your explicit consent for specific processing activities, such as sending marketing communications or processing sensitive personal data. You have the right to withdraw your consent at any time.

6.2 Contractual Necessity

  • Processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract (e.g., providing consulting services, managing project details).

6.3 Legal Obligation

  • We process your personal data to comply with legal and regulatory obligations, such as tax laws, GDPR requirements, and KYC/AML regulations.

6.4 Legitimate Interests

  • Processing is based on our legitimate business interests, provided they do not override your rights and freedoms. This includes data processing for:
    • Improving our services and website.
    • Maintaining the security of our systems.
    • Marketing to existing clients.
We assess each processing activity to ensure that it is conducted in compliance with applicable data protection regulations and with due regard to your rights and interests.

7. User Consent and Preferences

TeknoChains places a strong emphasis on obtaining and managing user consent for the collection and processing of personal data, particularly for non-essential processing activities like marketing. This section outlines how consent is obtained, managed, and can be withdrawn by users.

7.1 Obtaining Consent

  • For activities that require consent under GDPR (e.g., sending promotional emails, using certain cookies), we will obtain your explicit consent at the point of data collection.
  • Consent is gathered through opt-in mechanisms, such as ticking a box on a web form or selecting cookie preferences.

7.2 Managing Consent

  • Users can manage their consent preferences at any time by:
    • Adjusting their cookie preferences via the website’s cookie management tool.
    • Using the unsubscribe link in marketing emails.
    • Contacting us at privacy@teknochains.com to update or withdraw their consent for specific data processing activities.

7.3 Withdrawal of Consent

  • Users have the right to withdraw consent at any time. This can be done by:
    • Sending a request to privacy@teknochains.com.
    • Adjusting settings in the relevant account or communication platform.
  • Withdrawal of consent will not affect the lawfulness of data processing based on consent before its withdrawal, but may limit the availability of certain services.

7.4 Consent for Children’s Data

  • TeknoChains does not knowingly collect personal data from children under the age of 18. If we become aware that we have inadvertently collected such data, we will promptly delete it. For services that may appeal to younger audiences, we require parental consent in accordance with GDPR.

8. Data Retention Policy

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. This section explains how retention periods are determined and how data is securely deleted when no longer needed.

8.1 Retention Periods

  • Contact Information: Retained for up to 3 years after the last interaction for marketing and service follow-ups, unless consent is withdrawn earlier.
  • Financial and Transactional Data: Retained for up to 7 years to comply with tax and accounting regulations.
  • Project Data: Retained for up to 5 years after project completion to support ongoing services or future engagements.
  • Technical and Usage Data: Retained for 12 months for analytics and service optimization.

8.2 Criteria for Determining Retention

  • The retention period depends on:
    • The purpose of the data collection and whether the purpose is ongoing.
    • Legal, regulatory, and contractual obligations.
    • The potential need for the data to defend against legal claims.

8.3 Data Deletion and Anonymization

  • When data is no longer needed, we will either:
    • Permanently delete it from our systems.
    • Anonymize it, ensuring that it cannot be linked back to an identifiable individual.
  • For blockchain-related data stored on distributed ledgers, deletion may not be possible. In such cases, we will restrict processing and communicate this to affected users.

8.4 User-Initiated Deletion Requests

Users may request the deletion of their personal data at any time, subject to the exceptions provided by law. Such requests should be submitted to privacy@teknochains.com.

9. Data Sharing and Disclosure

TeknoChains does not sell personal data. However, we may share your data with trusted third parties to facilitate service delivery, comply with legal obligations, or enhance our business processes. This section outlines when and how data may be shared.

9.1 Sharing with Service Providers

  • We share data with third-party service providers who assist in:
    • Project Development: Contractors, developers, and consultants working on specific projects.
    • Payment Processing: Payment gateways, banks, and cryptocurrency payment processors.
    • Marketing and Analytics: Email marketing services, SEO consultants, and analytics providers.
These third parties are contractually obligated to protect the data and only use it for the purposes specified in our agreements.

9.2 Legal and Regulatory Disclosures

    • TeknoChains may disclose personal data:
      • To comply with legal obligations (e.g., court orders, regulatory demands).
      • To enforce our terms and conditions or other contractual agreements.
    To protect the rights, property, or safety of TeknoChains, our users, or the public.

9.3 Business Transfers

  • In the event of a merger, acquisition, or asset sale, personal data may be transferred to the acquiring organization. If such a transfer occurs, we will ensure that the new entity respects your privacy rights and complies with this Privacy Policy.

9.4 Sharing with Business Partners

  • With your consent, we may share your data with business partners for joint marketing or promotional activities. You have the right to withdraw consent for such sharing at any time.

9.5 Data Sharing Across Borders

  • If personal data is transferred outside of the UK or EEA, we will implement appropriate safeguards, such as Standard Contractual Clauses (SCCs) or obtain your explicit consent.

10. International Data Transfers

Given the global nature of TeknoChains’ services, we may transfer personal data outside the UK and European Economic Area (EEA) to other jurisdictions that may not provide the same level of data protection as the UK or EU. This section explains how international data transfers are handled to ensure data security and regulatory compliance.

10.1 Transfers to Non-EEA Countries

  • Personal data may be transferred to our service providers and business partners in non-EEA countries for the purpose of providing services, conducting business operations, or facilitating communications.

10.2 Legal Bases for International Transfers

  • Transfers outside the EEA will be conducted under one of the following legal bases:
    • Adequacy Decision: Where the recipient country has been recognized by the European Commission as providing an adequate level of data protection.
    • Standard Contractual Clauses (SCCs): Implementing SCCs approved by the European Commission to ensure adequate data protection.
Explicit Consent: For transfers not covered by the above safeguards, we will obtain your explicit consent before proceeding.

10.3 Safeguards for International Transfers

  • We implement appropriate technical and organizational measures, such as:
    • Data encryption during transit.
    • Regular security audits of third-party service providers.
    • Contractual agreements that bind recipients to GDPR-compliant data protection standards.

10.4 Notification of International Transfers

  • Where required by law, we will inform you of the specific countries to which your data is transferred and the associated safeguards in place.

11. Data Security Measures

TeknoChains is committed to protecting personal data against unauthorized access, disclosure, alteration, or destruction. This section outlines our security practices and measures to safeguard personal data.

11.1 Technical Security Measures

  • Encryption: We use industry-standard encryption (e.g., SSL/TLS) to protect data in transit and at rest.
  • Access Control: Implementing role-based access controls to ensure that only authorized personnel have access to personal data.
  • Regular Security Audits: Conducting regular vulnerability assessments and security audits to identify and address potential weaknesses.

11.2 Organizational Security Measures

  • Employee Training: All employees undergo regular training on data protection and cybersecurity best practices.
  • Data Access Policies: Restricting access to personal data based on the “least privilege” principle.
  • Incident Response Plan: We have an incident response plan in place to handle any data breaches swiftly and effectively.

11.3 User Responsibility

  • While we take all reasonable measures to protect your data, it is important for users to:
    • Use strong passwords and update them regularly.
    • Avoid sharing sensitive information over insecure channels.
    • Report any suspicious activity related to their interactions with TeknoChains.

12. User Rights Under GDPR

As a data subject under the GDPR, you have specific rights regarding your personal data. This section outlines these rights and how you can exercise them.

12.1 Right to Access

  • You have the right to request a copy of the personal data we hold about you. We will provide this information within 30 days, subject to verification of your identity.

12.2 Right to Rectification

  • You have the right to request corrections to any inaccurate or incomplete personal data we hold about you.

12.3 Right to Erasure (Right to be Forgotten)

  • You have the right to request the deletion of your personal data in certain circumstances, such as when the data is no longer needed for the purposes it was collected.

12.4 Right to Restriction of Processing

  • You can request that we restrict the processing of your personal data under certain conditions (e.g., while a data accuracy dispute is resolved).

12.5 Right to Data Portability

  • You have the right to receive your personal data in a structured, machine-readable format, and to have that data transmitted directly to another data controller, where technically feasible.

12.6 Right to Object

  • You may object to the processing of your data based on legitimate interests or direct marketing. We will respect your objection unless we have compelling legitimate grounds to continue processing.

12.7 Rights Related to Automated Decision-Making

  • If you are subject to automated decision-making that produces legal or similarly significant effects, you have the right to request human intervention and contest the decision.

13. Exercising User Rights

Under the GDPR and UK data protection laws, users have specific rights related to their personal data, as outlined in the previous section. TeknoChains is committed to respecting and facilitating the exercise of these rights.

13.1 How to Submit a Request

  • Users can submit requests regarding their rights to access, rectify, delete, or restrict their data by contacting us at privacy@teknochains.com.
  • Alternatively, you may submit requests using the Data Request Form available on our website under the “Privacy” section.

13.2 Verification of Identity

  • To protect your data, we will verify your identity before processing any request. This may include:
    • Requesting additional information (e.g., proof of ID).
    • Using security questions to validate your identity.

13.3 Response Timeline

  • We aim to respond to all legitimate requests within 30 days. If the request is complex or if multiple requests have been made, we may extend the response period by an additional 60 days, in which case you will be notified.

13.4 Exceptions and Limitations

  • Your rights may be subject to certain limitations, such as:
    • Legal or regulatory requirements that mandate data retention.
    • Situations where complying with your request would adversely affect the rights of others.
  • If we cannot comply with your request, we will provide an explanation and inform you of your options for further recourse.

13.5 Complaints to the Supervisory Authority

  • If you believe that TeknoChains has not adequately addressed your data protection concerns, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the UK or your local supervisory authority.

14. Cookies and Tracking Technologies

For more details on our cookie practices, please see our Cookie Policy.

15. Children’s Privacy

TeknoChains’ services and website are not intended for children under the age of 18. We do not knowingly collect or process personal data from individuals under 18 years of age.

15.1 Age Restrictions

  • Users under the age of 18 are not permitted to register for our services or provide any personal data. If we become aware that a child’s data has been collected without verified parental consent, we will take immediate steps to delete it.

15.2 Parental Consent for Minors

  • For any services that may attract younger audiences, TeknoChains will implement mechanisms to obtain verified parental consent before processing the data of individuals under 18.

15.3 Reporting Concerns

  • If you believe we may have inadvertently collected data from a minor, please contact us at privacy@teknochains.com, and we will promptly investigate and remove the data as required by law.

16. Data Breach Notification

TeknoChains takes data security seriously and has implemented procedures to detect, respond to, and mitigate data breaches. This section explains how we handle data breaches and notify affected parties.

16.1 What Constitutes a Data Breach?

  • A data breach occurs when personal data is accessed, disclosed, or destroyed in an unauthorized manner, leading to potential harm to data subjects.

16.2 Data Breach Response Plan

  • TeknoChains has a Data Breach Response Plan that includes:
    • Immediate identification and containment of the breach.
    • Assessment of the impact and risk to affected individuals.
    • Mitigation measures to prevent further data loss.

16.3 Notification to Supervisory Authority

  • We will notify the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of a breach, where required by law, and provide:
    • A description of the nature of the breach.
    • The categories and approximate number of individuals and records affected.
    • Likely consequences and mitigation measures taken.

16.4 Notification to Affected Individuals

  • If the breach poses a high risk to the rights and freedoms of individuals, we will also notify affected users without undue delay, providing:
    • A description of the breach and its impact.
    • Steps they can take to mitigate the impact.
    • Contact details for further assistance and information.

16.5 No Obligation to Notify

  • Where the breach is unlikely to result in harm, we may not be required to notify the ICO or affected individuals.

17. Third-Party Links and Integrations

TeknoChains’ website may contain links to third-party websites or integrations with third-party services. This section clarifies our responsibilities and what users should consider when interacting with these third-party platforms.

17.1 Third-Party Websites

 
  • Our website may link to external websites for additional resources, services, or information. These websites are not governed by this Privacy Policy, and TeknoChains is not responsible for their content or privacy practices.

17.2 Third-Party Services

  • TeknoChains may integrate with third-party services (e.g., payment processors, analytics providers) to facilitate service delivery. The use of your data by these third parties is governed by their own privacy policies.

17.3 Responsibility for Third-Party Data Practices

  • We recommend that you review the privacy policies of any third-party sites or services before sharing personal data with them. TeknoChains cannot be held responsible for the data practices of third-party providers.

17.4 Data Transfers via Third-Party Service

  • Where necessary, we will ensure that data shared with third-party service providers is done in compliance with GDPR requirements.

18. Data Processing in the Context of Blockchain and Web3 Projects

Blockchain and Web3 technologies present unique data protection challenges. This section addresses how TeknoChains handles data in decentralized environments.

18.1 Transparency and Immutability of Blockchain Data

  • Information stored on a blockchain is typically transparent, immutable, and cannot be easily modified or deleted. This can pose challenges for exercising GDPR rights, such as the right to erasure.

18.2 Pseudonymization and Privacy

  • While blockchain data is often pseudonymous, it may still be linked to identifiable individuals in combination with other data points. TeknoChains will take steps to ensure that personal data is pseudonymized or encrypted before being recorded on the blockchain.

18.3 Compliance with GDPR in Blockchain Projects

  • TeknoChains aims to balance GDPR requirements with the nature of blockchain technology. Where GDPR rights cannot be fully implemented (e.g., deletion of data on an immutable ledger), we will communicate this to users and offer alternative solutions, such as restricting processing.

19. Changes to This Privacy Policy

This section outlines how we update the Privacy Policy and how we notify users of changes.

19.1 Regular Review and Updates

  • We review this Privacy Policy periodically to ensure compliance with evolving legal and regulatory requirements.

19.2 Notification of Changes

  • If we make significant changes, we will notify you via:
    • An email notification to registered users.
    • A banner notice on our website.

19.3 Continued Use of Services

  • Continued use of our services following a change to this Privacy Policy signifies acceptance of the updated terms.

20. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your data rights, please contact us at:

TeknoChains Ltd
Email: privacy@teknochains.com
Address: [Insert Company Address]
DPO Contact: dpo@teknochains.com

We are here to help you understand and manage your data privacy with TeknoChains.