The Blockchain & Climate Institute (BCI) website, including all information and materials contained on it, is managed by the BCI.
The BCI is a progressive think tank providing leading expertise in the deployment of emerging technologies for climate and sustainability actions. As an international network of scientific and technological experts, BCI is at the forefront of efforts to create a sustainable and clean global future.
Blockchain & Climate Institute (BCI) is the Data Controller of the personal data. BCI is registered as Blockchain Climate Policy Studies Limited in England with company number (11913053) and our registered address is International House, 64 Nile Street, London, United Kingdom, N1 7SR.
BCI is committed to protecting and respecting your privacy.
4. THE DATA WE COLLECT ABOUT YOU
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data which includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address and telephone numbers.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity. We do not knowingly collect any personal data from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
5. HOW YOUR PERSONAL DATA IS COLLECTED
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your information by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- apply for our products or services;
- create an account on our website;
- subscribe to our service or publications;
- request marketing to be sent to you; or
- give us feedback or contact us.
- Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources:
- Technical Data from the following parties:
- analytics providers such as Google;
- advertising networks; and
- search information providers.
- Identity and Contact Data from data brokers or aggregators.
- Identity and Contact Data from publicly available sources.
- Technical Data from the following parties:
- Usage Data. This includes information about how you use our website, products and services.
6. HOW WE USE YOUR PERSONAL DATA – LEGAL BASIS FOR PROCESSING
Our legal basis for processing your personal data will only occur when permitted in accordance with relevant legislation and regulations. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
We will, in some circumstances, rely on consent for particular uses of your data and you will be asked for your express consent, if legally required. Examples of when consent may be the lawful basis for processing include permission to introduce you to a third party or before sending certain materials to you. You have the right to withdraw consent at any time by contacting us.
7. PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA
We have set out in the table below a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. Where appropriate we have also identified what our legitimate interests.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
|Purpose/Activity||Type of data||Lawful basis for processing including basis of legitimate interest|
|To register you as a new customer||(a) Identity|
|Performance of a contract with you.|
|To process and deliver your order including:(a) Manage payments, fees and charges(b) Collect and recover money owed to us||(a) Identity(b) Contact(c) Marketing and Communications||(a) Performance of a contract with you. |
(b) Necessary for our legitimate interests (to recover debts due to us).
(d) Marketing and Communications
|(a) Performance of a contract with you.|
(b) Necessary to comply with a legal obligation.
(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services).
|To enable you to partake in a prize draw, competition or complete a survey||(a) Identity|
(e) Marketing and Communications
|(a) Performance of a contract with you.|
(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business).
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||(a) Identity|
|(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise).|
(b) Necessary to comply with a legal obligation.
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you||(a) Identity|
(e) Marketing and Communications
|Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy).|
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||(a) Technical|
|Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).|
|To make suggestions and recommendations to you about goods or services that may be of interest to you||(a) Identity|
(f) Marketing and Communications
|Necessary for our legitimate interests (to develop our products/services and grow our business).|
8. YOUR RIGHTS IN RESPECT TO YOUR INFORMATION
You have certain rights in relation to personal information we hold about you. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on your request.
You have the right at any time to ask us for a copy of the personal information about you that we hold. Where we have good reason, and if the GDPR permits, we can refuse your request for a copy of your personal information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so.
- Right of Correction or Completion
If personal information we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed. You can let us know by contacting us contacting us at email@example.com.
- Right of Erasure
In certain circumstances, you have the right to request that personal information we hold about you is erased and there are no other legal grounds on which we may process the information.
- Right to object to or restrict processing
In certain circumstances, you have the right to object to our processing of your personal information by contacting us at firstname.lastname@example.org. For example, if we are processing your information on the basis of our legitimate interests and there are no compelling legitimate grounds for our processing which override your rights and interests. You also have the right to object to use of your personal information for direct marketing purposes.
You may also have the right to restrict our use of your personal information, such as in circumstances where you have challenged the accuracy of the information and during the period where we are verifying its accuracy.
- Right of Data Portability
In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format. You can ask us to transmit that information to you or directly to a third-party organisation.
The above right exists only in respect of personal information that:
- you have provided to us previously; and
- is processed by us using automated means.
Please note we are not able to guarantee technical compatibility with a third-party organisation’s systems and, in certain circumstances, we may be unable to comply with requests that relate to personal information of others without their consent.
Please be aware that most of the above rights are subject to limitations and exceptions. We will provide reasons if we are unable to comply with any request for the exercise of your rights.
9. CHANGE OF PURPOSE
We will only use your personal data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
10. DATA SHARING
In order to provide efficient and reliable services and to improve product and service options available to you, more than one entity within our Group, related affiliates or connected entities may be given, or given access to, your personal information. When so sharing your personal information, we adhere to applicable legal and industry standards regarding the protection of personal information.
We require minimum standards of confidentiality and data protection from any third parties. To the extent that any personal information is provided to third parties outside the EEA, or who will access the information from outside the EEA, we will ensure that approved safeguards are in place, such as the approved Model Clauses or the EU/US Privacy Shield.
11. DATA RETENTION
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
For a list of all data categories and retention periods, please contact email@example.com. Under standard practices after the expiration of the retention period we anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
12. DATA STORAGE AND PROCESSING
All of the personal data we hold about you will be processed consistent with EU data protection legislation and, in particular, the GDPR. We take all reasonable steps to ensure that your personal data is processed securely and prevent unauthorised access to, and misuse of your personal data.
13. DATA SUBJECT ACCESS TO REQUESTS
You may ask us to confirm what information we hold about you at any time, and request us to modify, update or delete such information. If you wish to access your data at any time, there will be no administration charge and the request will be fulfilled as set out in the relevant data protection legislation appropriate to the jurisdiction. To make such a request, please email firstname.lastname@example.org.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
14. MARKETING CONSENT
From time to time we would like to send you appropriate material and general information about matters which we think might be of interest to you. We will only contact you for marketing purposes if you have consented though should you receive any material in error please email email@example.com.
16. REGULATORY AND LAW ENFORCEMENT AGENCIES
In the event that we receive a request from a regulatory body or law enforcement agency and, if permitted under GDPR or other applicable laws, we may disclose certain personal information to such bodies or agencies.
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to Information Commissioners Office.
Please address any questions, comments and requests regarding our data processing practices to firstname.lastname@example.org.
2. COOKIES AND HOW WE USE THEM
- To improve site security by “authenticating” you (which is to verify that you are who you say you are) when you sign-in to our site.
- To keep track of your specified preferences such as language, time zone and timeouts after periods of inactivity.
- To allow you to navigate our sites more easily by “remembering” your identity so that you do not have to input your password multiple times as you move between pages or services.
- To conduct research and analytics to improve our websites and our products and services. This includes compiling statistical information concerning, among other things, the frequency of your use of our websites, the pages visited and the length of each visit.
- To display advertisements when you visit websites of third parties with whom we have marketing relationships and to help us gauge the effectiveness of our advertising efforts. These parties may gather information concerning your use of other websites and provide us with de-identified information about you (such as demographic information or the names of sites where you have been shown ads) which we may use to provide you with more relevant and useful advertising.
For more information on how we collect and use information that is identifiable to you, please refer to our Data Protection Policy.
3. MANAGING COOKIES
4. LOG FILES
We follow a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services’ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analysing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.