Your Data

Privacy Policy

PRIVACY POLICY

Last updated: 16/06/2026 · Version 1.0

This Privacy Policy explains how the Bullski team (we, us, our) collects, uses, shares, and protects personal data when you use the Bullski website and Services, and your rights under data protection law. We are the data controller. It is drafted to align with the UK GDPR and the Data Protection Act 2018.

1. The personal data we collect

CategoryExamples
Blockchain dataWallet addresses, transaction hashes, amounts, and Token balances connected with your participation.
Contact dataEmail address and message content if you contact us, subscribe, or join community channels through the Website.
Technical dataIP address, device and browser type, operating system, language, and approximate location derived from IP.
Usage dataPages viewed, links clicked, time on site, and referring site, collected through cookies and analytics.
Compliance dataInformation needed to meet anti money laundering and sanctions obligations, where these apply.

We do not intentionally collect special category data. We do not knowingly collect data from anyone under eighteen, and the Services are not directed at children.

2. How and why we use your data, and our lawful basis

PurposeLawful basis
To operate the Presale, deliver Tokens, and provide the Services you requestPerformance of a contract, or steps at your request before a contract
To send updates and announcements you have asked forConsent, which you can withdraw at any time
To secure the Website and prevent fraud and abuseOur legitimate interests in protecting the Services and users
To analyse and improve the WebsiteConsent for analytics cookies, and our legitimate interests in improvement
To comply with legal, sanctions, and anti money laundering obligationsCompliance with a legal obligation
To establish, exercise, or defend legal claimsOur legitimate interests, or a legal obligation

Where we rely on legitimate interests, we have considered whether they are overridden by your rights and concluded they are not. You can ask us for more detail.

3. Cookies

We use cookies and similar technologies as set out in our Cookie Policy. Non essential cookies are only used with your consent.

4. Who we share data with

We share personal data only where necessary, with these categories of recipient: service providers who process data on our behalf under contract, such as hosting, infrastructure, analytics, email, and security providers; compliance and fraud prevention providers where applicable; professional advisers such as lawyers and accountants; regulators, law enforcement, and authorities where legally required; and a buyer or successor if we reorganise or transfer our business. We do not sell your personal data.

5. International transfers

Where we transfer personal data outside the United Kingdom, we use a lawful transfer mechanism, such as transfer to a country with UK adequacy status, the UK International Data Transfer Agreement, or the UK Addendum to the European Commission standard contractual clauses, together with any additional safeguards required. You can ask us for more information.

6. How long we keep data

DataTypical retention
Contact and marketing dataUntil you withdraw consent or unsubscribe, then deleted within a reasonable period
Transaction and compliance recordsFor the period required by applicable law after the relevant activity
Technical and usage dataGenerally a short period for security and analytics, then deleted or anonymised
Support correspondenceFor as long as needed to handle the matter and a reasonable period afterwards

Blockchain data is, by the nature of public blockchains, permanent and outside our control once recorded on chain. We cannot edit or delete data on a public blockchain.

7. How we protect your data

We use appropriate technical and organisational measures, including access controls, encryption in transit, and limiting access to those who need it. No system is completely secure, and we cannot guarantee absolute security, but we take steps to reduce risk and respond to incidents.

8. Automated decision making

We do not make decisions producing legal or similarly significant effects about you based solely on automated processing. Any automated checks used for security or compliance are subject to human review where they would have a significant effect.

9. Your rights

Under UK data protection law you have the right to be informed, the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object, the right to withdraw consent where we rely on it, and rights regarding automated decision making. To exercise any right, contact us at [email protected]. We will respond within the period required by law, normally one month, and it is free in most cases.

If you are unhappy with how we handle your data, you can complain to the Information Commissioner's Office at ico.org.uk, although we ask that you contact us first so we can try to resolve it.

10. Changes

We may update this policy from time to time. The version published on the Website is the current version, and we update the date at the top when we make changes.