Privacy Statement

Last updated: January 18, 2022

Introduction

This is the privacy statement of Blueboard International AG, (“Blueboard”, “We” or “Us”), a member of the Opera group of companies (“Opera”). This statement describes how We collect and process certain data about you, the end user (“you”, “your”, etc.). This privacy statement forms part of a legal contract between Us and You, including also our Terms of Service. Capitalized terms in this privacy statement which are not defined here have the meanings given in the Terms of Service.

Categories of Data We Collect

When You use Our Services, we need to gather and use (or “process”) certain information from and about You. Some of the data we process is considered “personal data” under applicable law, including the General Data Processing Regulation or “GDPR.” We act as a data controller (as defined in the GDPR) of personal data that we process via our Services.

The categories of information, including personal data, that we collect and process include information that you provide to us directly (for example during the onboarding process) and information that We collect about you from other sources.

Information that you provide directly

Some categories of data we collect when you provide it to us directly (such as when you register as a new user, or request specific services through our Services). To make a Digital Assets transaction, you will need to sign in with an Opera Account. This is a service provided by Opera, and is subject to the Opera terms of service and privacy statement. Data that You submit through Opera Account includes your name and email address, as well as personal touches like an avatar or profile picture (“Personal Details”) as well as an email address and other contact information (“Contact Information”).

If you chose to make a Digital Assets transaction, you will also need to submit additional contact information, plus credit card or other payment data (“Payment Data”), plus information to document your identity (“Due Diligence Information”) or your personal crypto wallet ID (“Wallet Data”).

Information that we collect about you

If you choose to make a Digital Assets transaction, whether buying a Digital Asset or listing one for sale, we will collect and generate some additional data to identify and complete the transaction including a unique item ID and a link to your user ID (“Transaction Data”).

Purposes of Processing

We use the information you provide to us for different purposes, as explained more in detail below.

  • Compliance Purposes – to carry out obligations imposed by applicable laws, including the obligation to avoid money laundering, terrorist financing and fraud; to ensure the security of our Services; and to comply with the lawful inquiries and order of public authorities.

  • Contractual Purposes – to enter into or perform our contracts with You, including providing the services you have requested.

  • Analytical Purposes – to gain a better understanding of the preferences of our customers and how they interact with our Services, and making improvements to them.

  • Marketing Purposes – to send You marketing information about our products and services.

Applicable law, including the GDPR, requires Us to have a legal basis for processing Your personal information. We process your Personal Data under the following grounds:

  • Compliance Purposes – GDPR Art. 6(1)(c), as relevant processing is necessary for compliance with legal obligations stipulated in applicable laws to which We are subject.

  • Contractual Purposes – GDPR Art. 6(1)(b), as relevant processing is necessary for the performance or entry into a contract with You, including our terms of service. In other words, personal data processed for Contractual Purposes is necessary for us to deliver the Services to You.

  • Analytical Purposes – GDPR Art. 6(1)(f), as we have legitimate interests to gain a better understanding of the preferences of our customers and how customers interact with the Services.

  • Marketing Purposes – GDPR Art. 6(1)(f), as we have legitimate business interests to offer our customers additional services they may be interested in.

Here’s further detail on which legal basis applies to which categories of data we process:

Data Category Purpose of Processing
Personal Details Compliance Purposes, Marketing Purposes, Contractual Purposes
Contact Information Marketing Purposes, Contractual Purposes
Payment Data Contractual Purposes, Compliance Purposes
Due Diligence Information Compliance Purposes
Wallet Data Contractual Purposes
Transaction Data Contractual Purposes, Analytical Purposes

Retention

In general we do not retain Your data for longer than necessary to complete the purpose for which it was collected.

  • Personal Details, Contact Information, and Wallet Data are kept for as long as your Opera Account is active, and for a period of two years thereafter. Opera Account is deleted automatically after two years of inactivity or can be deleted by using the “Close Account” feature in the account’s settings.

  • Due Diligence information is retained for as long as your Opera Account is active, and a period of five years thereafter as provided by applicable law.

  • Transaction Data is retained for as long as a Digital Asset or transaction is active, and for a period of two years thereafter.

Sharing Information with Third Parties

In some circumstances we may share data with third parties, including:

  • Other members of the Opera Group. Blueboard is a member of a group of companies owned by Opera Ltd. that provide data processing, marketing, and other support services to Us.

  • Third party services providers who help us to operate the Services, such as identity verification services providers, payment service providers, and cloud computing platforms.

  • Law enforcement agencies, if and when we are required to provide information to them in accordance with applicable law.

Your Rights

You have the right to make a request to access or delete any of your personal data that we might possess. You can make a request via this online request form. You may be required to provide additional information to authenticate your request.

You also have the right to lodge a complaint with the appropriate authorities. You can contact Datenschutzstelle, the data protection supervisory authority of Lichtenstein, or Datatilsynet, the Norwegian Data Protection Authority, through their websites.

Contacts

We are very open about privacy and recognize your trust as a great value. If you have any questions about this statement or any privacy issues in our applications or services, feel free to contact our Data Protection Officer via this online request form.