Privacy Policy

Last updated:

1. Data Controller

The data controller responsible for your personal data is:

Bonddecentralize
Aschebergsgatan 15, 411 27 Göteborg, Sweden
Email: welcome@bonddecentralize.world
Phone: +46 73 635 27 26

2. What Data We Collect

We may collect the following categories of personal data when you interact with our website:

  • Contact information: name, email address, and message content submitted through our contact form
  • Technical data: IP address, browser type and version, operating system, referring URL, pages visited, date and time of access
  • Cookie data: preferences and consent choices stored via cookies and localStorage

3. Purpose of Data Processing

We process your personal data for the following purposes:

  • To respond to inquiries submitted through the contact form
  • To ensure the technical functionality and security of our website
  • To analyze website usage patterns and improve user experience (only with your consent)
  • To comply with applicable legal obligations

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under the General Data Protection Regulation (GDPR):

  • Consent (Art. 6(1)(a) GDPR): When you submit the contact form with the GDPR consent checkbox selected, or when you accept optional cookies
  • Legitimate interest (Art. 6(1)(f) GDPR): For website security, fraud prevention, and basic analytics necessary for website operation
  • Legal obligation (Art. 6(1)(c) GDPR): When required to comply with applicable laws

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Contact form submissions: up to 12 months after the inquiry is resolved
  • Technical logs: up to 90 days
  • Cookie consent records: up to 12 months

After these periods, your data is securely deleted or anonymized.

6. Data Sharing and Transfers

We do not sell your personal data. We may share data with:

  • Hosting providers who store website data on our behalf (within the EU/EEA)
  • Analytics service providers (only with your consent)
  • Legal authorities when required by law

If any data transfer outside the EU/EEA is necessary, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

7. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to restrict processing: Request limitation of processing under certain conditions
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw previously given consent at any time without affecting the lawfulness of processing before withdrawal
  • Right not to be subject to solely automated decisions: Where Article 22 GDPR applies, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects (we do not currently carry out such processing; see section 13 below)

To exercise any of these rights, please contact us at welcome@bonddecentralize.world. We will respond without undue delay and in any event within one month of receiving your request; this period may be extended by up to two further months where necessary, in line with Article 12(3) GDPR.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • HTTPS encryption for all data transmitted between your browser and our website
  • Secure storage of data with access controls
  • Regular review and updating of security practices

9. Cookies

Our website uses cookies. For detailed information about the types of cookies we use and how to manage them, please refer to our Cookie Policy.

10. Children's Privacy

Our website is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

11. Supervisory Authority

If you believe that our processing of your personal data violates applicable data protection law, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY), which is the supervisory authority in Sweden under the GDPR:

Integritetsskyddsmyndigheten
Box 8114, 104 20 Stockholm, Sweden
Website: https://www.imy.se

12. Swedish National Law and the Data Protection Act

In addition to the GDPR, our processing of personal data is subject to Swedish supplementary legislation, including the Swedish Data Protection Act (2018:218), which complements the GDPR with national provisions on areas such as processing in certain public-interest contexts and freedom of expression. Where national rules apply alongside the GDPR, we comply with both.

13. Automated Decision-Making and Profiling

We do not use automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you within the meaning of Article 22 GDPR. If this changes in the future, we will inform you and, where required, obtain your explicit consent or provide another lawful basis.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable legislation. The "Last updated" date at the top of this page indicates when the latest revision was made. We encourage you to review this page periodically.