1. Bastion and Polity
1.1. Who we are
This Policy applies to Bastion Genossenschaft (Cooperative), a small cooperative registered in Liechtenstein on 31 August 2022 (Registration) under the Liechtenstein Persons and Companies Act (Art. 483 para 1a PGR) with headquarters in Vaduz. Bastion was established by a distributed team of seasoned professionals and works with different international partners and service providers from various industries such as: software developers, cyber security firms, hardware providers, legal, financial, strategic and marketing consultants, crypto advisors, crypto asset managers, AML and KYC specialists and other organizations.
1.2. What we do
Bastion was established by its founders to develop, scale and maintain Polity Network, a next-generation B2B2C multi-sided marketplace for professional crypto wealth management service providers and their clients. Polity Network combines centralized and decentralized applications with high added value services by humans on a non-custodial, user-friendly and secure technology infrastructure. From the governance perspective Polity Network will be organized and governed as a public, permissioned, professional and project-based decentralized autonomous organization (“Polity pDAO®”). Polity Network and Polity pDAO are two inseparable parts of Polity Project. For further information on the Polity Network, Polity pDAO and Bastion please see: https://bastion.li. The Polity Project is currently at the Minimal Viable Product (“MVP”) development phase and is raising seed finance through the private sale of two tranches of a compliant digital instrument - Bastion simple agreement for future tokens (“SAFT”).
1.3. Our contacts
- Bastion’s Data Protection Officer (“DPO”) at Laurent@cryptocommunity.ch; and/or
- Datenschutzstelle which is Bastion’s supervisory authority for Data Protection in Liechtenstein.
2. Adherence and Alliances
In all its dealings related to privacy protection Bastion will adhere to the following principal acts:
- (a) The General Data Protection Regulation (EU) (2016/679) (“GDPR”) which was incorporated into the European Economic Area (EEA) agreement on 6 July 2018 and applies from 20 July 2018 in all non-EU EEA countries;
- (b) Datenschutzgesetz, the current Data Protection Act ("Data Protection Act") in force since 1 January 2019; and
- (c) Datenschutzverordnung ("Privacy Regulation") in force since 1 January 2019.
Bastion also recognizes the Self-Regulatory Principles set forth by https://digitaladvertisingalliance.org (DAA) and European Interactive Digital Advertising Alliance (EDAA).
3. Bastion Data Subjects
Bastion collects the following types of Personal Data from different categories of data subjects (“Data Subjects”) and members of the Polity Ecosystem (“Polity Ecosystem Members”):
- Site Visitors: persons who visit and interact with our web site, Linked-in profile, blogs and their respective contents at www.bastion.li or https://www.linkedin.com/company/bastion-network.
- Members: Members of Bastion Cooperative on joining provide their Personal Data to Bastion as part of compliance and onboarding procedure. The Personal Data to be provided by Members may include name and passport details, date and place of birth, contact details, residential address, professional background and education history, crypto wallet address and bank account details, etc.
- Contributors: Bastion Contributors participate in the development of the Polity Project in various forms (including capital, work time, network, etc.). Individual Contributors to Bastion may be its Members, third-party service providers (“Providers”) or business partners (“Partners”). Onboarding a new Contributor is subject to Bastion’s KYC procedure normally conducted by a third-party KYC-service provider (“AML/KYC Expert”). In this case Bastion participates in collecting such Contributor’s Personal Data for verification and retains it thereafter.
- Capital Contributors: Bastion will conduct negotiations with prospective Seed SAFT buyers and will enter into Seed SAFT Token Purchase and Sale Agreements (“Seed SAFT Token PSA”) with those who decide to participate in the development of the Polity Network through inter alia making a capital contribution (“Capital Contributors”). All Capital Contributors are subject to AML/KYC checks by an AML/KYC Expert. As part of its AML/KYC procedure Bastion will collect the Capital Contributors’ Personal Data including name and passport details, date and place of birth, contact details, residential address, professional background and education history, crypto wallet address(es) and bank account details, etc. Capital Contributors will be invited to join Bastion as Members after making a contribution under Seed SAFT Token PSA.
- Business Partners: For the development of the Polity Project, Bastion engages with various companies acting as professional service providers (“Providers”). Such Providers may delegate some of their employees to become part of the Bastion Project Team (“Delegates”). In respect of the Delegates Bastion typically collects Personal Data including name, residence, professional and educational history and contact details.
4. Use of Personal Data
Bastion uses Personal Data to enable legitimate and efficient interaction with all Polity Ecosystem Members, in particular:
- To satisfy AML/KYC compliance requirement imposed by the applicable regulations;
- To attract and retain the best talent for the benefit of the Polity Project;
- To enable efficient co-operation on the Polity Project;
- To enable internal and external communications (incl. those related to marketing of Polity Network (and Polity pDAO) as trademark(s);
- In connection with allocation of Bastion Coop Units, Member Points and/or SAFT Tokens;
- In connection with settling mutual financial obligations;
- in connection with legal proceedings, if any.
5. sharing and disclosure
Bastion may share Personal Data collected with:
- Local authorities and regulators to the extent required by law (e.g., as relates to Members - in connection to filing Bastion’s Member Unit Register with Liechtenstein Commercial Registry);
- Other Polity Ecosystem Members (as relates to Members, Contributors, Business Partners and Delegates) in connection with Polity Project-related activities, coordination and interrelation between the parties involved;
- With AML/KYC Expert for compliance checks;
- Bastion’s servicing bank(s), crypto payment processors and facilitators in connection with background checks and identity verification related to settlements between the parties.
- Consultants, lawyers, accountants, and other professional service providers rendering select services to Bastion, typically in connection with its own dealings (e.g., for legal reasons or in the event of a dispute) – always under a binding confidentiality obligation.
Bastion may share Personal Data if it believes that this is required by applicable law, regulation, operating license or agreement, legal process or governmental request, or where the disclosure is otherwise appropriate. This includes sharing Personal Data with law enforcement officials, public health officials, other government authorities, or other third parties as necessary to enforce service agreements, or other binding undertakings; to protect Bastion’s rights or IP rights, safety, or in the event of a claim or dispute.
6. Data retention and deletion
Bastion retains Personal Data for as long as necessary for the purposes described above. In practical terms, Bastion will develop and implement internal regulations guiding identification of different categories of data and establishing retention rules for each data type.
Polity Ecosystem Members may request deletion or returning (as appropriate) of their Personal Data at any time. However, Bastion may retain Personal Data after a deletion request due to legal or regulatory requirements or for reasons stated in this Policy.
7. Protecting your personal information
There are several options available to protect your personal information, which Bastion collects, processes and uses, including the following:
- You may choose not to provide certain personal information, especially when you are requested by Bastion to grant your consent to the collection of such information;
- You may revoke your previous consent granted in relation to data protection at any time, with respect to the future;
- You may select the scope of Personal Data you intend to make available for Bastion;
- You may inquire whether, and which Personal Data of yours are collected, processed and used by Bastion;
- You may request the correction of incorrect Personal Data at any time;
- You may request the deletion of your Personal Data, provided that the processing thereof is based on your consent;
- You may request the limitation of or object to the processing of your Personal Data;
- You may request the transferability of your Personal Data.
8. Amendments to this Policy
Bastion reserves the right to unilaterally amend this Policy from time to time in connection with the development of Polity Project, change of applicable legislation or market practice or otherwise.
We encourage all parties concerned to periodically review this notice for the latest information on our privacy practices.