1.Who we are
ERTC Platform LLC ("ERTC", "we", "us") operates the ERTC website, the validation platform at ertc.land, and related services (the "Platform"). For the purposes of the EU General Data Protection Regulation (GDPR) and the Law of Georgia on Personal Data Protection, ERTC Platform LLC is the data controller for personal data processed through the Platform.
2.Scope
This Policy explains what personal data we collect, why, the legal bases we rely on, how we share and protect it, and your rights. It applies to visitors and registered users of the Platform.
3.Data we collect
- Account data: name, email, phone, country, login credentials.
- Identity / KYC data: government ID, proof of address, photo/selfie, and related verification data, processed for compliance (collected and processed via our verification provider, e.g. Sumsub).
- Land validation data: ownership documents and property information you submit, and the associated geographic coordinates.
- On-chain data: coordinates and transaction records written to the blockchain (see Section 7).
- Financial/operational data: records of operations you carry out on the Platform (e.g. purchases, transfers, exchange operations), as applicable.
- Technical/usage data: IP address, device and browser data, log data, and analytics.
- Cookies and similar technologies: see Section 12.
4.How we use your data
- To provide, operate, and maintain the Platform and your Account.
- To perform identity verification (KYC), anti-money-laundering (AML) checks, and sanctions/OFAC screening.
- To process land validation and record geographic claims.
- To ensure security, prevent fraud, and protect the Platform and users.
- To comply with legal, regulatory, and reporting obligations.
- To communicate with you about your Account and service updates.
- To improve the Platform and understand usage.
5.Legal bases (GDPR)
We rely on: performance of a contract (to provide the Platform); legal obligation (KYC/AML, sanctions, reporting); legitimate interests (security, fraud prevention, service improvement, balanced against your rights); and consent (where required, e.g. certain cookies or marketing — which you may withdraw at any time).
6.KYC/AML and third-party processors
We use trusted third-party providers to deliver the Platform, including identity verification (e.g. Sumsub), sanctions/OFAC screening, hosting and infrastructure, analytics, and communications. These providers process personal data on our behalf under appropriate agreements and only as necessary for their services.
7.On-chain data — important notice
Certain data — including land coordinates and transaction records — is written to a public, immutable blockchain. Once recorded on-chain, such data cannot be altered or deleted, and may be publicly accessible via the Explorer. Coordinates serve as uniqueness markers; we design the Platform to avoid writing directly identifying personal data on-chain wherever possible. Because of the nature of blockchain, the right to erasure (Section 11) cannot apply to data already recorded on-chain.
8.How we share data
We may share personal data with: our service providers/processors (Section 6); competent regulators, law-enforcement, or authorities where legally required; professional advisers; and parties to a corporate transaction (e.g. merger or acquisition), subject to confidentiality. We do not sell your personal data.
9.International transfers
We are based in Georgia and may transfer data to service providers located in other countries, including the EU/EEA and elsewhere. Where data is transferred internationally, we apply appropriate safeguards as required by GDPR and Georgian law (e.g. adequacy decisions or standard contractual clauses).
10.Data retention
We retain personal data only as long as necessary for the purposes described, including to meet legal and regulatory obligations (for example, KYC/AML records are typically retained for the period required by applicable law after the end of the relationship). On-chain data persists by design (Section 7).
11.Your rights
Subject to applicable law, you have the right to: access your data; request rectification of inaccurate data; request erasure (except where we must retain data for legal reasons or where it is recorded on-chain, Section 7); restrict or object to certain processing; request data portability; and withdraw consent where processing is based on consent. You may also lodge a complaint with a supervisory authority (in Georgia, the Personal Data Protection Service; in the EU, your local authority). To exercise your rights, contact us using Section 16.
12.Cookies and tracking
We use cookies and similar technologies for essential functionality, security, preferences, and analytics. You can manage non-essential cookies through your browser settings or our cookie controls where provided.
13.Security
We implement technical and organizational measures to protect personal data, including access controls, encryption in transit, and vendor due diligence. No method of transmission or storage is completely secure; we cannot guarantee absolute security.
14.Children
The Platform is not intended for, and may not be used by, anyone under 18. We do not knowingly collect data from minors.
15.Changes to this Policy
We may update this Policy from time to time. Material changes will be indicated by updating the "Last updated" date and, where appropriate, by additional notice.
16.Contact
Data controller: ERTC Platform LLC — Tbilisi, Georgia · Company ID 400354086
Privacy / data-protection enquiries: main@ertc.online