Welcome to Socialblox. In this privacy statement, we will explain how we process your personal data when you engage with our platform or visit our website.
SocialBlox B.V. is the controller of the processing operations described in this Privacy Statement, except where otherwise indicated for a specific processing operation.
If you engage with the Socialblox platform, we may process your personal data for the following purposes:
Processing operations that are necessary for our contract with you
These are the personal data that we must process in order to be able to enter into a contract with you about the Socialblox platform and to be able to perform our contract with you (Article 6 Paragraph 1 (b) of the GDPR):
Providing us with these personal data is a prerequisite for the conclusion of your ‘contract’ with SOCIALBLOX in the meaning of in Article 13 (2) (e) of the GDPR. We cannot provide our services to you without processing these personal data.
Retention periods
We retain your account details (user name, email address, telephone number, age > 16) for the purpose of providing you with our service until you close your account.
Your blockchain account data is retained only for as long as necessary to create the blockchain contract; we purge these data right after (either) the seed phrase is entered, you log out or you remove the SOCIALBLOX app.
The deletion of your IP address and technical information about your device is initiated immediately after you close your account, but it may take up to 180 days before this information is also gone from backups made by our backend service provider (Firebase).
Please note that we may retain some of your personal data for a longer time on a different basis as well. For instance: your contributions on the platform (display name and uploaded content) will remain visible for other users after you close your account. Please read the information under ‘Processing operations that are necessary for a legitimate interest’ to see what you can expect in this regard.
We may also retain your personal data for some time after you close your account, if we have reason to believe that retaining records relating to the conclusion and performance of our contract with you is necessary for the protection of our legal position in case of a dispute, or if we are required to do so by law. For more information about longer retention of personal data in such cases, please refer to the following paragraphs of this privacy statement.
Processing operations that are necessary for a legitimate interest
These are the personal data that we process on the basis of a legitimate interest:
Retention period
We initiate the deletion of these data as soon as your session on our website or in our app ends. Your IP address is deleted almost instantly, but it may take up to 180 days until the installation ID is gone from the backups made by our service provider.
Retention periods
We initiate the deletion of the installation ID as soon as you remove the app from your device, but it may take up to 180 days until the installation ID is gone from the backups made by our service provider.
Only push notifications that are directly connected with your use of the SOCIALBLOX platform are sent on the basis of legitimate interest. We will not contact you for marketing purposes (about other products) without your consent.
Retention periods
Contributions to the platform remain visible for 10 years after the relevant challenge is finished.
We encourage all our users to think about the importance of privacy and only post content that is harmless enough to publish openly for a long time. The aim of SOCIALBLOX is to offer a fun way to interact with other people and to allow you to express yourself creatively. We have certain rules about what users are not allowed to post, to protect the interests of other people and of the platform itself. But other than that, you are free to decide what you disclose about yourself on the platform. In deciding that, you should take into account that whatever you post will stay visible for over ten years. That said: if you ever regret posting something, we will work with you to find a solution to restore your privacy as much as reasonably possible. For this, you can contact us via privacy@socialblox.io.
Retention period
The retention period for these data is: until our legal relationship with you and/or the dispute over it has been fully settled.
Retention period
The analytical data are aggregated and thus anonymized immediately after collecting them. Therefore, these data are only ‘personal data’ for a very short time. Nobody uses these data to glean any information about you individually – all the ID numbers listed above are only used to be able to distinguish one user from the next, so we can count them without duplications. So, the retention period for these data ‘as personal data’ is: only a matter of seconds. We retain the aggregated analytical information (not personal data) for a maximum of 14 months after collection.
Processing operations on the basis of your consent
These are the personal data that we only process if you give us permission to do so:
We currently don’t use any personal data for the purpose of marketing new products to our users. If we would ever want to do this in the future, we will ask for your consent.
Retention periods
If we use personal data on the basis of your consent, the retention period is: until you withdraw your consent.
We may share your personal data with third parties in the following cases:
Sharing with processors
For some parts of our business activities, we use service providers outside our own organization. If these service providers process personal data for us, they are our "processors". In that case, we conclude a processor's agreement with them, as referred to in article 28 paragraph 3 GDPR.
We use the following types of processors:
It is possible that one of our processors may collect your personal data directly from you, on our behalf. In such cases, we instruct our processor to collect only the personal data that is necessary for the provision of the services we have agreed with that processor. If you provide additional personal data to a processor of ours, please be aware that you do so of your own volition; in such a case, we are not the controller of those additional personal data.
Sharing based on a legal obligation
We will share your personal data with third parties if we are legally obliged to do so. For example:
If we receive a request from third party to share your personal data with them, we will inform you of this, unless informing you is not permitted by law.
Sharing on the basis of a legitimate interest
We may share your personal data with third parties such as our attorney and/or a bailiff, a (forensic) accountant, detective agency, cyber security experts or other types of researchers and/or the police if this is reasonably necessary:
If we share your personal data on this basis, we will inform you about it if we can. We cannot inform you about sharing your personal data if doing so might interfere with the purpose and effectiveness of the investigation or other measures for which we have to share the data.
We may share your personal data with third parties if we intend to sell our company or a division within our company (either as part of a relaunch or otherwise), or if our company intends to merge with another. In the preparatory phase of the sale or merger, we may share your personal data with potential buyers or merger partners. When the company is actually transferred or merged, we will share your personal data with the final buyer or merger partner. In the preparatory phase of the sale or merger, we will try to anonymize the personal data that are part of our business information as much as possible.
We will not sell your personal data separately - outside of the context of a relaunch, company sale or merger - to an organization that will use your personal data for activities that are significantly different from ours.
If we intend to transfer your personal data to a third party in the course of a relaunch, company sale or merger, we will inform you about this as soon as we can do so without disrupting the preparatory phase of the relaunch, sale or merger.
If we share your personal data with a third party on the basis of a legitimate interest, and the third party is not already appropriately bound to confidentiality by law or by professional deontology, we will conclude a confidentiality agreement with the third party before we share the personal data.
SOCIALBLOX does not use automated decision-making or profiling.
The SOCIALBLOX platform allows you to issue, accept and judge challenges to earn cryptographic tokens (SBX tokens). The transfer of these tokens entails a transaction on the Etherium blockchain.
. You need to be aware that information that is ‘entered into’ the Ethereum blockchain cannot be changed or deleted. Ever. You also need to know that the Ethereum blockchain offers the possibility to enter free text as a description to a transaction and that SOCIALBLOX cannot control what people enter into the Ethereum blockchain this way, when they issue a challenge.
For the free text that is entered into the Ethereum blockchain, SOCIALBLOX is not a controller in the sense of the GDPR.
SOCIALBLOX does voluntarily take it upon itself to encrypt everything that is entered into the blockchain through its platform. However: no encryption is ever 100% failsafe. Please be aware that any information you enter into the blockchain may possibly be decrypted by a third party at some point.
So, out of regard for your own interests and the importance of your privacy: please do not enter any personal information about yourself into the Ethereum blockchain that you might ever regret ‘getting out’. We cannot fix it for you, if you do. Also: do not enter any information about anybody else into the blockchain. This is strictly prohibited by SOCIALBLOX’ terms and conditions and also: totally uncool. Don’t do it.
In order to provide the SOCIALBLOX platform with the quality, speed and security that we deem necessary, we currently see no other option than to work with hosting and backend services from companies in the USA (Amazon Web Services and Firebase). Insofar as these companies offer localized storage and processing of data, we will opt for processing within the EEA. Meanwhile, our contracts with our providers in the USA contain the standard contractual clauses made or ratified by the European Commission (within the meaning of Article 46 paragraph 2 under c and d). This way, we ensure that our processors offer adequate safeguards for your privacy.
SOCIALBLOX takes the appropriate technical and organizational measures to secure your personal data. We will ensure that our security measures are appropriately updated to remain in line with the state of the art regarding data security. Currently, we apply (at least) the following types of security measures:
Insofar as we use the services of third parties, who act on our behalf as processors of personal data, these processors are contractually obliged to take appropriate technical and organizational measures to protect the personal data.
Although we do our best to ensure good security, we must point out that absolute security when storing personal data and sending data over the Internet can never be guaranteed.
For processing operations that we carry out on the basis of your consent, you have the right to withdraw your consent at any time. If you do, we will stop the processing operations in question. However: the processing operations that previously took place on the basis of your granted consent will not become unlawful with retroactive effect.
For processing operations that we carry out on the basis of a legitimate interest, you have a ‘right to objection’ on grounds relating to your particular situation. If you want to exercise this right, please send an email in which you tell us:
In all cases, you have the right to request access to the personal data we process about you, the right to have inaccuracies in your personal data corrected ('right to rectification') and the right to have your personal data erased if their processing is not/no longer based on a valid legal ground.
If there is no longer a valid legal ground for our processing of your personal data, but you do not want to have the data removed immediately, you can also make use of the right to 'restriction of processing'. Restriction of processing means that we retain your personal data for you, but do not use it for any other purpose.
In some cases, you may have the right to data portability. Data portability means that you can receive your personal data from us in a structured, commonly used and machine-readable format, or have it transferred to a new service provider (where technically feasible). This right only applies to personal data that you have provided directly to us and that we process on the basis of your consent, or because it is necessary for the performance of our contract with you.
To exercise your rights, please contact us using the contact details stated at the end of this Privacy Statement.
If you are dissatisfied with anything related to our processing of your personal data, please discuss it with us so that we can try to resolve it. You can contact us for this purpose using the contact details below.
You have the right to lodge a complaint with the Autoriteit Persoonsgegevens if we are unable to resolve your objection within a reasonable period of time. Please refer to the website of the Autoriteit Persoonsgegevens for their most current contact details:
https://www.autoriteitpersoonsgegevens.nl/
For questions or comments on our processing of personal data, or to exercise your rights, please contact us at:
Our privacy statement may be changed or updated from time to time. We can do this unilaterally, by amending this page.
This page was last updated on 02-11-2022.
Please revisit this page from time to time to stay aware of the most up-to-date version.