Disclaimer
We are still in a testing phase, so this section is still under development and it might suffer a few changes until the final version.
Privacy Policy
Last updated Jan 22, 2025
QUDO is a product brought to you by Block Bastards, Lda. (Block Bastards), a company registered with
the Portuguese Companies Registry under no. PT514804637 having its registered office at Aldeamento
Triângulo Norte, 45Q, Avenida Fernão de Magalhães, 3830-749 Gafanha da Nazaré, Portugal and
operations office at Avenida Doutor Lourenço Peixinho, 1C, 3800-159 Aveiro, Portugal.
Block Bastards, Lda. acts as the data controller for personal data processed through its website and
QUDO SDK. References in this Privacy Policy to "we," "us," "our," "QUDO," or similar terms are to
Block Bastards.
Reference in this Privacy Notice to “personal data”, “personal information” or “personally
identifiable information” (PII) consists of any information that identifies or could reasonably be
used to identify a living individual, either on its own or combined with further information. In
addition to this Privacy Notice, please be sure to take our
Terms and Conditions
into consideration, as well as our
Cookies
Policy
, which explains the use of cookies and other web tracking devices used
in our Websites. Together, these documents set out the basis on which any personal data will be
processed by Block Bastards and related services.
Please read this Privacy Notice carefully to understand our practices with respect to personal data.
1. What personal information do we collect from you?
We collect personal information in a variety of ways. In this section, we disclose the different
situations in which we collect your personal data and how each type of information will be handled.
1.1 Personal information directly provided by you (or our third party service providers):
1.1.1 When creating an account directly on our website or registering using QUDO SDK
available from within QUDO-adherent games, we collect your email, username, and encrypted password.
We may also temporarily collect your IP address for security and fraud prevention purposes, but this
data is not permanently stored.
1.1.2 When creating a QUDO account, a Telos account is automatically created for the
respective user, unless an existing Telos wallet is provided. Please note that blockchain data,
including wallet activities, is immutable and publicly visible, consistent with blockchain's
transparency principles. We are not able to modify or delete blockchain data.
1.1.3 Whenever you edit your profile, we collect the information that you voluntarily provide
us (title and profile picture, for instance). You don’t have to supply additional information in
your profile, but it will enhance your experience with our services, namely, the ability to be
identified by other players.
1.1.4 Anytime you complete an in-game unlock (e.g. using QUDO to unlock items and services),
the associated blockchain transaction will be visible for everyone through blockchain and cannot be
deleted, since transparency is a core feature of most blockchain networks, including the one where
QUDO runs (Telos), but neither your username nor email will be visible, only your Telos account.
1.1.5 We will also gather contact information handed over by you (including name, email
address and eventually your phone number or Telegram account) in case you reach out to us via our
website, raise a complaint, request technical support or report an issue with any of our services.
This information will only be available to us.
1.2 Personal information that we collect whenever you use our services (regardless of you registering with us)
1.2.1 Device and usage data, including your IP address, location (approximate), device type,
operating system, and interaction with our services (e.g., session duration, features accessed).
1.2.3 Personal information related to your use of our services, including any service request
made, the number of times you visit and/or use any of the aforementioned services and the amount of
time you spend on them.
1.2.4 The period of time your account is active in order to offer QUDO as network rewards.
This information will also be visible through the Blockchain, similar to the transaction process
mentioned in the section 1.1.4.
1.2.5 We utilize third-party analytics tools (e.g., Google Analytics) in a manner compliant
with GDPR to optimize services. IP anonymization is applied where applicable. The subsequent section
clarifies this procedure.
2. What do we do with your personal information?
2.1 Personal data necessary to perform a contract
One reason we might use your information is because you have entered into an agreement with us when
you register on our website to participate in our services. We may process data for fraud detection,
security monitoring, and regulatory compliance to safeguard the integrity of the platform.
QUDO was developed for the gaming industry, creating an ecosystem between game developers, players,
guilds and services. The personal data you provide is collected, stored and managed in order to
enable the connection between all users (game developers, players, guilds and service providers),
making it possible for everyone to communicate with each other. This includes:
2.1.1 Providing you with an optimized service across the different devices and platforms.
2.1.2 Restrain customers from attempting to use our services from a restricted territory.
2.1.3
To ensure that you are complying with our
Terms & Conditions
when you use our services and taking any necessary action if you do not proceed accordingly.
2.1.4 To provide you with any customer support.
2.2 Personal data mandatory for our legitimate interests
In order to make our services work efficiently in a secure way, we (along with our third parties)
need to use your personal data. We have a legitimate interest in handling your PII in the best way
possible and we do not believe that this storage and usage of information will be of a particular
concern to you. For disclosure purposes, your data will be necessary to provide and improve our
services, including the protection of your account, assure technical support, help you find suitable
content and enable the features of your personal page on our website. The above-mentioned operations
solely prevail until those interests are overridden by your own or by fundamental rights and
freedoms that require protection of personal data.
2.3 Personal data with your consent
If you provided your consent when creating an account with us, we will collect, store and use your
email address, as well as data related to how you benefit from our services. We proceed this way in
order to get in contact with you, help you take the most out of our services and periodically send
you customized newsletters with our latest news and updates.
You can opt-out at any point by clicking “unsubscribe” in any of our email communications, which
means you will no longer receive newsletters or other marketing messages. It must be highlighted,
however, that unsubscribing may translate into adverse consequences, particularly, the suppression
of certain services. If you withdraw consent, this will not affect the legality of processing prior
to withdrawal, even though you might retain access to core services.
3. Anonymous Data
We will also collect anonymous details about visitors for the purpose of creating aggregate
statistics, which means that no single individual will be identifiable while we operate with this
type of information.
4. Personal Data
4.1 How We Share Your Personal Data
We may share your personal data inside the QUDO dashboard and affiliates, in order to connect game
developers, players, guilds and service providers. The PII can then be shared via:
4.1.1 Profile: When you use our services, your profile is fully visible to all members of our
community (i.e. game developers, players, guilds, service providers and Block Bastards organization
members and its affiliates).
4.1.2 Games/Services: Your games/services will be also visible in the QUDO dashboard the same
way your profile is.
4.1.3 Player Performance: We may also share your in-game performance (e.g. in case you reach
the top 10 players).
4.1.4 We only share data with third parties under strict data processing agreements and
ensure they implement security measures meeting GDPR/CCPA standards.
Blockchain transactions are public and immutable. We do not control visibility over data stored on
the underlying blockchain.
4.2 How We Transfer Your Personal Data
We store your personal information in the European Economic Area (EEA) which entails that both we
and our affiliated entities must ensure, at least, a level of data protection as rigorous as the one
mandated by the EEA. When we transfer your PII, we will do this in accordance with applicable data
protection laws and will take appropriate safeguards to ensure its integrity and protection. If you
use our website, personal information may be shared among our affiliates (both inside and outside
the European Economic Area), all of them under the aforementioned policy, including (but not limited
to) sub-contractors and third parties involved in providing services.
If we transfer your personal data outside the EEA (e.g., to third-party service providers in non-EEA
countries), we will ensure adequate safeguards such as Standard Contractual Clauses (SCCs), Binding
Corporate Rules (BCRs), or other legal mechanisms.
4.3 How We Keep Your Personal Data Secure
In accordance with our internal security procedures, we will take appropriate technical and
organizational measures to hinder unauthorized or unlawful processing of your personal information
and to prevent it from being accidentally destroyed or damaged.
5. Your Rights Regarding Personal Data
5.1 Right to access
You have the right of access to any personal information we hold about you. You have the right to
request each of the following: a copy of your personal information, a clarification about how and
why that information is being handled within the organization and details on how the security
measurements are in place whenever we transfer your personal data outside the European Economic
Area.
5.2 Right to Rectification
You have the right to revise, with undue delay, the validity of your personal information. You also
have the right to have your incomplete personal data completed, including means of providing a
supplementary statement.
5.3 Right to erasure
You have the right to demand that we delete any personal information we hold about you in specific
circumstances, namely:
5.3.1 The personal data is no longer necessary in relation to the purposes for which it
was collected or processed;
5.3.2 You withdraw the consent on which the processing is based;
5.3.3 You object to the processing and there are no overriding legitimate grounds for the
processing;
5.3.4 The personal information has been unlawfully processed;
5.3.5 The personal data has to be erased for compliance with legal obligation in the
Union or Member State law;
Note: Data stored on the blockchain, such as wallet addresses and transactions, cannot be deleted
due to blockchain's technical and legal immutability. For non-blockchain-related data, we will
comply with erasure requests as outlined in GDPR.
5.4 Right to restriction of processing
You have the right to ask us to restrain the way we manage your personal information
in the circumstances described below:
5.4.1 You contest the veracity and precision of the personal data;
5.4.2 The processing of the personal information is unlawful but you oppose to its
erasure and ask for use restrictions instead;
5.4.3 Your personal data is no longer needed for the purposes of our operations;
5.4.4 You have objected to the processing;
5.5 Right to data portability
You have the right to request that we share your PII with a third party provider of services,
as long as you guarantee the following:
5.5.1 The processing is based on consent or a contract;
5.5.2 The processing is carried out by automated means;
5.6 Right to object
You have the right to object even if the processing of personal information is based on legitimate
interests or public interests.
5.7 Right to complaint
You have the right to file a complaint with your local data protection authority. In Portugal, you
can contact Comissão Nacional de Proteção de Dados (CNPD) at
www.cnpd.pt.
6. Children's Privacy
Our services are not intended for anyone under 18 (eighteen) years old (as required by GDPR) and we
do not knowingly collect personal information from anyone under this age.
7. External Links
Our website contains links to other websites, including from partner companies. Those websites
comply with the respective privacy practices, for which we do not take responsibility or liability.
Please review those policies before submitting any personal data.
8. Privacy Updates
This Privacy Policy was updated in January 2025. We reserve the right to periodically amend this
Privacy Policy to reflect changing legal requirements or processing practices. You will be notified
via email or website banner of any significant changes to this policy, along with a 30-day review
window prior to their implementation.
Contact Information:
DPO Contact: For data-related concerns, you may reach our Data Protection Officer (DPO) at
dpo@blockbastards.io.