BA
BlockchainAnalysis.io

Privacy Policy

Last updated: February 2026

1. Introduction

BlockchainAnalysis.io ("we", "us", "our") operates a blockchain compliance intelligence platform providing wallet screening, exchange analysis, transaction monitoring, and regulatory compliance services. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our platform and services. We are headquartered in Switzerland and committed to data protection under the Swiss Federal Act on Data Protection (FADP/nDSG) and the EU General Data Protection Regulation (GDPR).

2. Data We Collect

2.1 Account Data. When you register, we collect your email address, name, and company name. This is required to create and manage your account. 2.2 Blockchain Data. Wallet addresses and transaction histories submitted for screening. Note: blockchain addresses are pseudonymous but may constitute personal data under GDPR if they can be linked to an identified individual. 2.3 Exchange Data. CSV files uploaded for exchange account reports. These files are processed server-side for report generation and are not stored permanently after the report is delivered. 2.4 Payment Data. Payment transactions are processed by Stripe (credit cards) or via crypto payment rails (BTC/ETH/USDT). We do not store full credit card numbers. We retain transaction records for accounting and legal compliance. 2.5 Usage Data. Pages visited, features used, timestamps, and general interaction patterns. This data is used for service improvement and is not shared with third parties. 2.6 Communication Data. Messages sent via our contact form, support requests, and email correspondence related to your account and orders.

3. How We Use Your Data

We use your data for the following purposes: • To provide our screening, monitoring, and compliance services as ordered • To generate compliance reports and deliver them to your account • To process payments and manage billing • To communicate about your orders, account status, and service updates • To improve our platform, scoring algorithms, and user experience • To comply with legal obligations, including AML/KYC requirements where applicable • To detect and prevent fraud or misuse of our services

4. Legal Basis for Processing

We process your data on the following legal bases: • Contract performance (Art. 6(1)(b) GDPR / Art. 31(1) nDSG) — Processing necessary to provide our services as agreed when you register and place orders. • Legitimate interest (Art. 6(1)(f) GDPR / Art. 31(1) nDSG) — Service improvement, security, and fraud prevention. • Legal obligation (Art. 6(1)(c) GDPR / Art. 31(1) nDSG) — Compliance with applicable laws, including tax and AML record-keeping requirements. • Consent (Art. 6(1)(a) GDPR) — Where specifically obtained, such as for marketing communications or optional analytics cookies.

5. Data Storage & Security

• Account and report data are stored in encrypted PostgreSQL databases • Data is hosted in EU/Swiss data centers with appropriate security certifications • All data in transit is protected by TLS encryption • Data at rest is encrypted using AES-256 • Access controls and role-based permissions limit data access to authorized personnel • Audit logging tracks all access to sensitive data • Regular security assessments are conducted to identify and address vulnerabilities

6. Data Sharing

We do NOT sell your personal data. We share data only with the following categories of recipients, and only to the extent necessary: • Payment processors (Stripe) — for credit card transaction processing • Blockchain data providers (Moralis, Etherscan, block explorers) — we submit only public blockchain addresses, no personal data • Sanctions data providers — address screening only, no personal account data • Law enforcement — only if legally compelled by valid legal process We do not share your screening requests, results, or report contents with other customers or third parties.

7. Data Retention

Account data: Retained while your account is active, plus 5 years after closure (regulatory requirement for financial services records) • Screening reports: Retained for 10 years from generation (AML record-keeping obligations under Swiss AMLA and EU directives) • Uploaded CSV files: Processed for report generation and deleted within 30 days • Usage data: Anonymized after 12 months • Communication data: Retained for 3 years for service quality and dispute resolution

8. International Transfers

Some of our data processors operate outside Switzerland and the European Economic Area. Where this is the case, we ensure adequate protection of your data through: • Standard Contractual Clauses (SCCs) approved by the European Commission • Adequacy decisions where applicable • Other appropriate safeguards as required by applicable data protection law Switzerland has been recognized by the European Commission as providing an adequate level of data protection.

9. Your Rights

Under the GDPR and Swiss FADP, you have the following rights regarding your personal data: • Right of access — Request a copy of your personal data • Right to rectification — Correct inaccurate or incomplete data • Right to erasure — Request deletion of your data (subject to legal retention requirements) • Right to restrict processing — Limit how we use your data in certain circumstances • Right to data portability — Receive your data in a structured, machine-readable format • Right to object — Object to processing based on legitimate interests • Right to withdraw consent — Where processing is based on consent, withdraw at any time You can exercise several of these rights directly from your Account Settings: use "Download My Data" for a portable data export, or "Delete Account" for account erasure. For all other requests, contact us at privacy@blockchainanalysis.io. We will respond within 30 days.

10. Cookies

We use the following categories of cookies: • Essential cookies — Required for authentication, session management, and core platform functionality. These cannot be disabled. • Analytics cookies — Used only with your consent to understand how the platform is used and to improve our services. • Marketing cookies — Used only with your consent for personalized content and advertising. When you first visit our platform, a cookie consent banner allows you to accept all cookies, reject non-essential cookies, or choose individual categories. You can change your preferences at any time from your Account Settings under "Privacy & Data".

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this page. For significant changes, we will notify you via email or a prominent notice on our platform.

12. Contact

If you have questions about this Privacy Policy or our data practices, contact us at: BlockchainAnalysis.io Headquartered in Switzerland Email: privacy@blockchainanalysis.io