Last updated: 16/06/2026 · Version 1.0
This Privacy Policy explains how the Bullski team (we, us, our) collects, uses, shares, and protects personal data when you use the Bullski website and Services, and your rights under data protection law. We are the data controller. It is drafted to align with the UK GDPR and the Data Protection Act 2018.
1. The personal data we collect
| Category | Examples |
|---|---|
| Blockchain data | Wallet addresses, transaction hashes, amounts, and Token balances connected with your participation. |
| Contact data | Email address and message content if you contact us, subscribe, or join community channels through the Website. |
| Technical data | IP address, device and browser type, operating system, language, and approximate location derived from IP. |
| Usage data | Pages viewed, links clicked, time on site, and referring site, collected through cookies and analytics. |
| Compliance data | Information needed to meet anti money laundering and sanctions obligations, where these apply. |
We do not intentionally collect special category data. We do not knowingly collect data from anyone under eighteen, and the Services are not directed at children.
2. How and why we use your data, and our lawful basis
| Purpose | Lawful basis |
|---|---|
| To operate the Presale, deliver Tokens, and provide the Services you request | Performance of a contract, or steps at your request before a contract |
| To send updates and announcements you have asked for | Consent, which you can withdraw at any time |
| To secure the Website and prevent fraud and abuse | Our legitimate interests in protecting the Services and users |
| To analyse and improve the Website | Consent for analytics cookies, and our legitimate interests in improvement |
| To comply with legal, sanctions, and anti money laundering obligations | Compliance with a legal obligation |
| To establish, exercise, or defend legal claims | Our legitimate interests, or a legal obligation |
Where we rely on legitimate interests, we have considered whether they are overridden by your rights and concluded they are not. You can ask us for more detail.
3. Cookies
We use cookies and similar technologies as set out in our Cookie Policy. Non essential cookies are only used with your consent.
4. Who we share data with
We share personal data only where necessary, with these categories of recipient: service providers who process data on our behalf under contract, such as hosting, infrastructure, analytics, email, and security providers; compliance and fraud prevention providers where applicable; professional advisers such as lawyers and accountants; regulators, law enforcement, and authorities where legally required; and a buyer or successor if we reorganise or transfer our business. We do not sell your personal data.
5. International transfers
Where we transfer personal data outside the United Kingdom, we use a lawful transfer mechanism, such as transfer to a country with UK adequacy status, the UK International Data Transfer Agreement, or the UK Addendum to the European Commission standard contractual clauses, together with any additional safeguards required. You can ask us for more information.
6. How long we keep data
| Data | Typical retention |
|---|---|
| Contact and marketing data | Until you withdraw consent or unsubscribe, then deleted within a reasonable period |
| Transaction and compliance records | For the period required by applicable law after the relevant activity |
| Technical and usage data | Generally a short period for security and analytics, then deleted or anonymised |
| Support correspondence | For as long as needed to handle the matter and a reasonable period afterwards |
Blockchain data is, by the nature of public blockchains, permanent and outside our control once recorded on chain. We cannot edit or delete data on a public blockchain.
7. How we protect your data
We use appropriate technical and organisational measures, including access controls, encryption in transit, and limiting access to those who need it. No system is completely secure, and we cannot guarantee absolute security, but we take steps to reduce risk and respond to incidents.
8. Automated decision making
We do not make decisions producing legal or similarly significant effects about you based solely on automated processing. Any automated checks used for security or compliance are subject to human review where they would have a significant effect.
9. Your rights
Under UK data protection law you have the right to be informed, the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object, the right to withdraw consent where we rely on it, and rights regarding automated decision making. To exercise any right, contact us at [email protected]. We will respond within the period required by law, normally one month, and it is free in most cases.
If you are unhappy with how we handle your data, you can complain to the Information Commissioner's Office at ico.org.uk, although we ask that you contact us first so we can try to resolve it.
10. Changes
We may update this policy from time to time. The version published on the Website is the current version, and we update the date at the top when we make changes.