Privacy Policy

Last update: February 19, 2022

Sandclock Holdings (Sandclock) respects your privacy and processes personal data in accordance with the European General Data Protection Regulation (GDPR) and the Cayman Islands Data Protection Law (DPL). We will try our best to handle your personal data with care. In this Privacy and Cookie Policy (hereafter ‘Policy’) we address the usage of cookies and how we handle and protect your personal data.

More precise, this Policy addresses:

  • What personal data we collect and how;
  • For what purposes and on what grounds we process your personal data;
  • For how long we keep your personal data;
  • With whom we share your personal data;
  • The rights you have as data subject; and,
  • How your personal data is protected.
  • This Policy applies to all persons who visit our websites and of whom Sandclock processes personal data, such as clients, platform users, prospective Token Sale participants, persons who have subscribed to newsletters or events, and persons who have applied for a job at Sandclock.

What is personal data?

Personal data is any information relating to an identified or identifiable natural person. Personal data that we process may include:

  • Basic information, such as your first and last name, prefix, title;
  • Contact details, such as your e-mail address, postal address and phone number;
  • Personal data you provide us for the purpose of using our platform or participating in the Token Sale, such as your nationality, date of birth, country of birth, residence address, bank account number;
  • Personal data you provide us for the purpose of attending events or meetings, such as access and dietary requirements;
  • Personal data you may provide us for the purpose of a job application, such as your full name, date of birth, address, phone number, nationality, marital status and any other personal data set out in your application;
  • Any other personal data relating to you which you may provide us or that we may obtain in relation to the purposes and based on grounds set out below;

We collect this personal data because you provided this data to us. For example, you may provide data when entering into an agreement with us, by entering your data on our website (, by giving us your business card or by applying for a job. We may also collect your personal data from other sources, such as from local counsel, counterparties, the Trade Register, the Land Registry or by using publicly available sources.

Purposes and legal basis for the processing of personal data

Sandclock may process your personal data for the following purposes:

  • To identify and accept you as a client;
  • To provide our services;
  • To comply with our legal and regulatory obligations;
  • For marketing and business development activities, such as news updates, invitations for our events and other marketing communications that may be of interest to you;
  • To improve our services and websites, such as our investor portal;
  • To handle your job application or subscription to any of our recruitment services and events.

We will process your personal data using one or more of the following legal grounds:

  • Performance of a contract;
  • Compliance with a legal obligation;
  • Legitimate interest;

Sharing of personal data

In some cases we may also share your personal data with third parties. This may include, but is not limited to:

  • Third parties relevant to the services that we provide, such as regulatory authorities, tax offices, and governmental institutions.
  • Third parties that we engage with, such as supervisory authorities and other bodies, in order to comply with legal obligations.
  • Third party suppliers in connection with the processing of your personal data for the purposes described in this Policy, such as IT providers, communication service providers or other suppliers to whom we outsource certain support services.

We will only share your personal data with these third parties for the purposes and on the legal grounds stated in this Policy.

Third parties to whom we transfer your personal data are themselves responsible for compliance with privacy legislation. Sandclock is neither responsible nor liable for the processing of your personal data by these third parties, except for these third parties that act as a data processor for Sandclock. To the extent that a third party processes your personal data as a data processor of Sandclock, Sandclock will conclude a processor agreement with such party that meets the requirements set out in the GDPR and the DPL.

To be able to provide our services, it may be necessary for us to transfer your personal data to a recipient in a country outside of any or all of: your home country, the Cayman Islands, and the European Economic Area. In that case, Sandclock will ensure that the data transfer is compliant with the applicable law.

How long do we keep your data?

Your personal data is kept in accordance with the GDPR and DPL. This means that we keep personal data in any event for as long as is necessary to achieve the purpose. The GDPR and DPL do not stipulate specific storage periods for personal data. Other legislation may do so, for example labour law and tax law. We abide by legal storage periods when applicable.