2.1.10. Data Policy

Data Policy And Monetisation

After having upgraded to an eCitizen or eCompany status, and once this feature is ready, the account settings will offer a function to control and monetize data sharing on the Digital Platform with other members or external buyers. If not registered as an eCitizen or eCompany, users will not be offered a function to control and monetize data sharing on the Digital Platform. Their data will not be shared nor monetized by Blockchain Valley and will be stored only according to GDPR standards.

The type of data (personal data, interests, search history...) to share and the purpose of data usage by the buying party can be freely chosen or even blocked completely. The conditions under which data may be shared will be disclosed to the eCitizens and eCompanies. All data monetization features will be studied first and all applicable legislation will be followed, on a per country basis. The set of data members choose to share and sell, is only available to buyers while this function is activated and enabled in their personal account settings. In the event of members deactivating data sharing and monetization, then, companies that have purchased such data whilst it was enabled, will still be able to access data sharing and gathering within that time frame.

Any new data, be it personal data updates or new search history, will not be available anymore after deactivation. New company buyers will only be able to purchase user data that is accessible on the data market at the time of purchase but will not have access to historical data from members that have had their data sharing activated in the past and have deactivated it now. The BlockchainValley Digital Platform will charge fees for eCompany access to personal data that is monetized by the agreeing eCitizen or eCompany.

It should also be noted that:

• Blockchain Company Ltd, Blockchain Valley SAS and Blockchain Valley Pty maintain complete, accurate and up to date written records of all of its processing of the personal data as necessary to demonstrate its compliance with GDPR and all data protection laws;

• Regarding all data obtained in the Blockchain Valley Project, Blockchain Valley SAS will act as Data Controller; and

• If personal data processed under this Agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the Parties shall ensure that the personal data are adequately protected. To achieve this, the Parties shall, unless agreed otherwise, rely on EU approved standard contractual clauses for the transfer of personal data.

• All users will always be able to exercise their right of erasure, or withdraw consent to process their data.