Privacy Policy

2. Information We Collect

2.1 Non-Personal Information (Automatically Collected)

When you visit the Platform, our systems automatically collect information about your interaction through cookies, web server logs, JavaScript, pixels, and similar technologies. This may include:

• Date and time of visit, pages visited, and time spent on each page
• Referring site details (website name, search engine, social network)
• Browser type and version, browser language, and operating system
• Screen resolution, color depth, Flash version, and JavaScript support
• Network location, IP address, and approximate geolocation
• File downloads, external link clicks, and video interactions
• Form submission events and errors, scroll depth, and widget interactions
• Device type, device identifiers, and mobile operating system version

2.2 Personal Information (Voluntarily Provided)

We collect personal information that you voluntarily provide to us. We do not collect or process personal information without your consent. This may include:

• Full name, email address, and phone number
• Company name, job title, and professional designation
• Billing and payment information (processed securely through third-party payment processors — we do not store full credit card details)
• Account credentials (username and encrypted password)
• Profile picture and biographical information you choose to provide
• Certification and course enrollment records
• Communications you send to us (support tickets, feedback, inquiries)

2.3 Information About Organizations

From time to time, we may obtain information about legal entities that visit our Platform through their representatives, including the organization's website, legal name, contact information, country of incorporation, and relevant business details.

2.4 Browser Extensions

If we provide a web browser extension, it can only access specific information that you have explicitly granted permission for. We cannot and do not track your general browsing history through any browser extension.

3. How We Collect Information

We collect information through the following methods:

• Directly from you — when you register an account, complete a purchase, fill out a form, subscribe to our newsletter, submit a support request, or otherwise voluntarily provide information.
• Automatically — when you interact with our Platform through cookies, web beacons, server logs, and similar tracking technologies.
• From third parties — when you authenticate through third-party services (e.g., Google or LinkedIn sign-in), from payment processors confirming transactions, or from analytics providers.

You can always refuse to supply personal identification information; however, doing so may prevent you from accessing certain features of the Platform, such as course enrollment or certification programs.

4. How We Use Your Information

4.1 Non-Personal Information

We use automatically collected, non-personal information to:

• Prevent unnecessary advertisements and reduce redundant sign-in prompts
• Calculate aggregate visitor metrics and identify popular Platform sections
• Improve, customize, and optimize the content and layout of our pages
• Deliver content you request — articles, news, courses, infographics, and guides
• Monitor Platform performance, diagnose technical issues, and ensure security
• Conduct anonymized research and analytics to improve our services

4.2 Personal Information

When you provide personal information, we may use it to:

• Process your account registration, course enrollments, and certification programs
• Process and fulfill purchases, deliver digital products, and manage subscriptions
• Send you email newsletters, product updates, and relevant educational content
• Send promotional emails from BCC and carefully selected partners regarding services you may find valuable (with opt-out available at any time)
• Send transactional and administrative emails related to Platform operations
• Facilitate comments, feedback submissions, and community interactions
• Respond to your customer support requests and inquiries
• Showcase you as a valued member or alumnus of the Blockchain Council (with your consent)
• Detect, prevent, and address fraud, security threats, and abuse

You may at any time withdraw your consent to receive promotional emails by clicking the "unsubscribe" link in any email from BCC, or by sending a withdrawal notice to compliance@blockchain-council.org.

5. Legal Basis for Processing (GDPR)

Where applicable (particularly for users in the European Economic Area and United Kingdom), we process your personal data on the following legal bases:

6. Cookies & Tracking Technologies

Cookies are small data files stored on your device when you visit a website. We use cookies and similar technologies to collect data about your visit, enable page navigation, count visits, and analyze which areas and features of our Platform are most popular.

Types of Cookies We Use

Managing Cookies

You can control and delete cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when a cookie is being sent. Please note that disabling cookies may affect the functionality of certain Platform features.

7. Data Sharing & Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• With service providers — trusted third-party vendors who perform services on our behalf (hosting, payment processing, email delivery, analytics) under strict data processing agreements.
• With business partners — where you have consented to receive information about products or services from our partners.
• For legal compliance — when required by law, court order, or governmental authority, or when necessary to protect the rights, property, or safety of BCC, our users, or the public.
• To enforce our Terms — when necessary to enforce our Terms and Conditions or investigate potential violations.
• Identity disclosure — we have the right to disclose your identity to any third party who claims that content posted by you constitutes a violation of their intellectual property rights or right to privacy.
• Anonymized data — we may share aggregated, de-identified data that no longer identifies you with third parties, including advertising partners and analytics providers.

Any terms, conditions, or warranties associated with third-party services are solely between you and the relevant provider. BCC is not responsible for the privacy practices of third parties.

8. Analytics & Third-Party Services

To understand how visitors use our Platform and continuously improve the user experience, we use third-party analytics services, including but not limited to:

• Google Analytics — for traffic analysis, user behavior, and conversion tracking. See Google's Privacy Policy at https://policies.google.com/privacy
• Hotjar — for heatmaps, session recordings, and user feedback (anonymized).
• Facebook Pixel — for advertising measurement and audience targeting.

These services may use cookies and similar technologies to collect and analyze information about your use of the Platform. The information generated is typically transmitted to and stored on servers in the United States or other jurisdictions. We encourage you to review the privacy policies of these third-party services.

9. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, including:

• To provide you with services and maintain your account
• To comply with our legal, tax, audit, and regulatory obligations
• To resolve disputes and enforce our agreements
• To maintain records required by applicable law

When personal data is no longer required, we will securely delete or anonymize it. You may contact us at compliance@blockchain-council.org at any time to obtain confirmation of whether personal data concerning you is being processed, and to request access to or export of your data.

10. Data Security

We maintain administrative, technical, and physical safeguards designed to protect your personal information against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. Our security measures include:

• Encryption of data in transit (TLS/SSL) and at rest
• Regular security assessments and vulnerability testing
• Access controls and authentication mechanisms
• Employee training on data protection and security practices
• Incident response procedures for prompt breach detection and notification

11. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data:

To exercise any of these rights, please contact us at compliance@blockchain-council.org. We will respond to your request within 30 days.

12. GDPR — Additional Rights for EEA/UK Users

If you are located in the European Economic Area (EEA) or the United Kingdom, the General Data Protection Regulation (GDPR) and the UK GDPR provide you with additional data protection rights. In addition to the rights listed in Section 11, you have the right to:

• Lodge a complaint with your local Data Protection Authority (DPA) if you believe your personal data has been processed in violation of applicable data protection law.
• Object to processing based on our legitimate interests — we will cease processing unless we demonstrate compelling legitimate grounds that override your interests.
• Not be subject to automated decision-making, including profiling, which produces legal effects or similarly significant effects concerning you, without your consent.

Our Data Protection Officer can be reached at compliance@blockchain-council.org.

13. CCPA — Additional Rights for California Users

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with specific rights regarding your personal information:

• Right to Know — You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, the business purposes for collection, and the categories of third parties with whom we share it.
• Right to Delete — You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Opt-Out — You have the right to opt out of the sale or sharing of your personal information. Note: We do not sell personal information.
• Right to Non-Discrimination — We will not discriminate against you for exercising your CCPA rights.
• Right to Correct — You have the right to request correction of inaccurate personal information.

To exercise your California privacy rights, contact us at compliance@blockchain-council.org. We will verify your identity before processing your request.

14. Children's Privacy

The Platform is not intended for children under the age of 16 (or the legal age of majority in your jurisdiction, if higher). We do not knowingly collect, use, or disclose personal information from anyone under 16. If you are under 16, you must not provide personal information on the Platform.

If we learn that we have collected personal information from a child under 16, we will take steps to delete that information as quickly as possible. If you believe a child under 16 has provided us with personal data, please contact us at compliance@blockchain-council.org.

15. Third-Party Links

The Platform may contain links to third-party websites, products, or services. These third parties have separate and independent privacy policies. We have no responsibility or liability for the content, privacy practices, or activities of these linked services.

We seek to protect the integrity of our Platform and welcome feedback about third-party services linked from our site. However, we encourage you to read the privacy policy of every website you visit.

16. International Data Transfers

By using the Platform, you acknowledge and agree that your personal information may be transferred from your current location to the servers of BCC and its authorized third-party service providers, which may be located in India, the United States, or other jurisdictions that may not offer the same level of data protection as your home country.

Where we transfer personal data outside the EEA/UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, adequacy decisions, or other legally recognized transfer mechanisms.

17. Right to Be Forgotten

If you wish to request that we stop using and processing your information and delete your personal data from our systems, please write to us at compliance@blockchain-council.org. We will respond to your request within 30 days.

Please note that certain data may need to be retained to comply with legal obligations, resolve disputes, enforce our agreements, or where deletion is not technically feasible. In such cases, we will inform you of the specific reasons and the expected retention period.

18. Law Enforcement & Legal Disclosure

Notwithstanding anything to the contrary in this Policy, we may preserve or disclose your information if we believe it is reasonably necessary to:

• Comply with a law, regulation, legal process, or enforceable governmental request
• Protect the safety of any person
• Address fraud, security, or technical issues
• Protect the rights or property of BCC, our users, or the public

BCC may share your personal information with law enforcement, data protection authorities, government officials, and other authorities when legally bound to do so, or when necessary to protect the safety of visitors, users, and BCC itself.

19. Changes to This Policy

This Privacy Policy may be updated periodically and without prior notice to reflect changes in our data practices, legal requirements, or business operations. When we make material changes, we will:

• Post the updated Policy prominently on our Platform
• Update the "Last Updated" date at the top of this page
• Where required by law, notify you via email or in-Platform notification before changes take effect

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

20. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Office:

We take privacy concerns seriously. If you believe we have not complied with this Privacy Policy, please describe your concern in as much detail as possible. We will investigate your complaint promptly and respond within 30 days.