(Information pursuant to Article 13 of Regulation (EU) 2016/679)

ENGLISH VERSION

1. Data Controller

The Data Controller is BlueCode, with registered office at SUITE 4.3.02, BLOCK 4, EUROTOWERS GX11 1AA GIBRALTAR.

2. Nature of the Website

This website https://bluecode.capital provides information about the services offered by the Company and enables users to:

• contact the Company;
• request information about fiduciary and corporate services;
• initiate service-related procedures, including client onboarding and preliminary assessments.

3. Types of Personal Data Processed

The following categories of personal data may be processed:

• Browsing data: Technical data such as IP addresses, domain names, access times and other data necessary for the operation and security of the website.
• Contact and identification data: Personal data provided through contact forms or communications (e.g. name, surname, email address, telephone number).
• Data related to service requests and onboarding: Information necessary to assess and manage requests for fiduciary or corporate services, including identification data and other information provided by the data subject.

4. Purposes and Legal Basis of Processing

Personal data are processed for the following purposes:

5. Processing Methods

Personal data are processed using electronic and IT tools, in accordance with the principles of lawfulness, fairness, transparency, data minimisation and security laid down in the GDPR.

6. Data Retention

Personal data are retained for the time strictly necessary to handle received requests and in compliance with applicable legal obligations.

7. Data Recipients

Personal data will not be publicly disclosed. They may be communicated to:

• service providers acting as Data Processors under Article 28 GDPR;
• professionals or partners involved in the provision of fiduciary or corporate services, where necessary and lawful.

8. International Data Transfers

The Data Controller is established in Gibraltar, which is recognised by the European Commission as providing an adequate level of data protection pursuant to Article 45 GDPR. Any transfer of personal data outside the European Union shall take place in compliance with the GDPR.

9. Data Subject Rights

Data subjects may exercise their rights under Articles 15-22 GDPR, including access, rectification, erasure, restriction, objection and data portability, by contacting: legal@bluecode.capital.

10. Right to Lodge a Complaint

Data subjects have the right to lodge a complaint with the competent supervisory authority, including the Gibraltar Regulatory Authority (GRA) or the authority of their habitual residence.

11. Updates

This Privacy Policy may be updated from time to time. Users are invited to review it periodically.

ITALIAN VERSION

1. Data controller

The data controller is BlueCode, with registered office at SUITE 4.3.02, BLOCK 4, EUROTOWERS GX11 1AA GIBRALTAR.

2. Nature of the website

The website https://bluecode.capital provides information on the services offered by the Company and enables users to

• contact the Company;
• requesting information on trust and company services;
• initiate procedures related to the provision of services, including preliminary assessment and client onboarding activities.

3. Types of data processed

The following categories of personal data may be processed:

• Navigation data: Technical data such as IP addresses, domain names, access times and other data necessary for the operation and security of the site.
• Contact and identification data: Data provided through contact forms or communications (e.g. name, surname, email address, telephone number).
• Data on service requests and onboarding: Information necessary for the evaluation and management of requests for trust or corporate services, including identifying information provided by the data subject.

4. Purpose and legal basis of processing

Personal data are processed for the following purposes:

5. Modalities of processing

Processing is carried out by means of computerised and telematic tools, in compliance with the principles of lawfulness, correctness, transparency, minimisation and security provided for by the GDPR.

6. Data retention

Personal data are kept for the time strictly necessary to process the requests received and, in any case, in compliance with applicable legal obligations.

7. Communication of data

The data are not subject to dissemination. They may be communicated to:

• subjects acting as Data Processors pursuant to Article 28 GDPR, exclusively for technical and organisational needs related to the management of the site;
• professionals or partners involved in the provision of fiduciary or corporate services, where necessary and lawful.

8. Transfer of data

The Data Controller is based in Gibraltar, a territory recognised by the European Commission as having an adequate level of personal data protection under Article 45 GDPR. Any transfers to non-EU countries will take place in accordance with applicable law.

9. Rights of the data subject

The data subject may exercise the rights provided for in Articles 15-22 of the GDPR (access, rectification, cancellation, restriction, opposition, portability) by contacting the Data Controller at: legal@bluecode.capital.

10. Complaint to the Control Authority

Complaints may be lodged with the competent regulatory authority, including the Gibraltar Regulatory Authority (GRA) or the authority of the country of habitual residence of the person concerned.

11. Updates

This notice may be subject to updates. Please consult it periodically.