LAVIATOR Privacy Policy
Secure Transparent

Privacy Policy

This page explains what data we collect, how we use it, and what control you have. If you use wallet services (e.g., MetaMask), blockchain transactions may be public.

Last updated: Feb 10, 2026

    1) Overview

    Privacy Policy Overview. This Privacy Policy (“Policy”) explains how LAVIATOR (“Company,” “we,” “us,” or “our”) collects, uses, stores, protects, and shares information when you access or use our website, pages, tools, documents, and any related services, features, and communications (collectively, the “Services”). We understand that privacy is important. We also want to be transparent about what is actually happening when you use an online website—especially one that may include Web3 or blockchain-related information. The purpose of this Policy is to describe, in clear terms, (a) what data we collect, (b) why we collect it, (c) how we use it, (d) how we share it, (e) how long we keep it, (f) how we protect it, and (g) what choices and rights you may have.

    Who This Policy Applies To. This Policy applies to all visitors and users of the Services. This includes: (i) casual visitors who only browse public pages, (ii) people who interact with menus, navigation, animations, or content, (iii) users who contact us via email or forms, (iv) users who interact with token sale pages or informational materials, (v) users who connect or reference a wallet address (if a wallet connection feature is present), and (vi) any person who interacts with community or support channels provided through the Services. The exact categories of information we collect depend on what you do. Simply reading a page might collect technical logs and analytics signals. Submitting a form might collect contact information. Connecting a wallet might involve public wallet identifiers. We explain these differences throughout the Policy.

    Privacy vs. Blockchain Reality (Web3 Notice Summary). If you interact with blockchain networks, you should understand a key difference: blockchain data is typically public and permanent. Wallet addresses, transaction hashes, transfers, and contract interactions may be visible to anyone through blockchain explorers. This is not something the Company can fully control, delete, or “undo.” This Policy therefore covers two broad areas: (1) data we process off-chain (such as website logs, analytics, forms, support emails) and (2) public data that may be visible on-chain if you use blockchain features. We do not receive or store your private keys or seed phrase. We do not ask for your seed phrase. If anyone claims to be “support” and asks for your seed phrase, it is almost certainly a scam. Your wallet security practices matter.

    Our Approach: Data Minimization. We aim to collect only the data that is reasonably necessary to provide, secure, and improve the Services. Where possible, we use aggregated or anonymized data to understand website performance. We do not design our Services to “sell personal data” as a business model. However, like most websites, we rely on certain service providers (hosting, analytics, security, email) who may process data on our behalf. When we do, we try to use reputable providers, limit what they receive, and configure them in privacy-friendly ways where feasible.

    What We Mean by “Personal Data”. In this Policy, “Personal Data” generally means information that identifies you or could reasonably be linked to you. Depending on your jurisdiction, this may include your name, email address, phone number (if provided), and technical identifiers like IP addresses or device identifiers. Some information may not identify you directly but may become identifying when combined with other data. Some jurisdictions also treat online identifiers and approximate location as personal data. We treat such information carefully.

    What We Mean by “Processing”. “Processing” means any operation performed on data, such as collecting, recording, organizing, storing, using, sharing, analyzing, deleting, or otherwise handling it. Even simple actions like storing an email to respond to support can be “processing.” This Policy describes how and why we process data.

    Policy Readability and Limitations. We try to write this Policy in a clear way, but privacy is complex. Also, the Services may change over time (new pages, new forms, new tools). If we add or remove features, the exact data flows may change. This Policy is intended to cover typical scenarios. In special cases, we may publish supplemental notices (for example, a cookie banner, an additional disclosure on a sale page, or feature-specific privacy notice). If a feature has its own privacy disclosure, it will supplement this Policy.

    Not Legal Advice. This Policy is provided for transparency, not legal advice. Your responsibilities and rights may depend on your country or state. If you need legal guidance, you should consult a qualified professional.

    1.1 Key Principles We Follow

    We follow a set of practical privacy principles:

    (a) Transparency: We explain, in plain language, what we collect and why.

    (b) Data Minimization: We aim to collect only what is needed for service operation, security, and improvement.

    (c) Security: We apply reasonable measures to protect data against unauthorized access, misuse, alteration, or loss.

    (d) User Choice: We provide controls where feasible, including cookie controls where required.

    (e) Purpose Limitation: We try to use data only for the purposes described, unless we obtain consent or have a legal obligation.

    1.2 What This Policy Does NOT Cover

    This Policy does not control third-party websites, applications, wallets, exchanges, block explorers, or services that you may access via links on our Services. Those third parties have their own privacy policies. For example, if you use a third-party wallet app, that wallet provider may collect device information, analytics, or other data under their policies. We are not responsible for third-party policies and encourage you to review them.

    Additionally, public blockchain networks are not “owned” by the Company. They are operated by decentralized participants. Therefore, any on-chain data is governed by the technical nature of the blockchain network and not by us. We cannot delete or modify on-chain records. If you want privacy from public on-chain visibility, you should not transact on public chains, or you should research privacy-preserving approaches independently.

    1.3 Acceptance and Updates

    By using the Services, you acknowledge that you have read and understood this Policy. If you do not agree, you should discontinue use of the Services. We may update this Policy from time to time, and changes will be posted on this page. If changes are material, we may provide additional notice (for example, a banner). Your continued use of the Services after changes are posted means you acknowledge the updated Policy.

    2) Data We Collect

    Overview. We collect information in three main ways: (a) information you provide directly to us, (b) information that is collected automatically when you access or use the Services, and (c) information we may receive from third parties in limited cases (for example, basic analytics or security providers). The exact information collected depends on how you interact with the Services. Some users only browse informational pages and provide no direct personal information. Other users may choose to contact support, sign up for updates, or interact with Web3-related features, which can involve additional data.

    We aim to follow data minimization principles: collect what we reasonably need to operate, secure, and improve the Services. We do not intentionally collect unnecessary sensitive personal data. If you choose to provide extra information voluntarily (for example, in a support message), you acknowledge that you are choosing to share it.

    2.1 Information You Provide Directly

    (A) Contact and Support Data. If you contact us (for example, via an email address, a contact form, or any support channel linked from the Services), we may collect the information you provide in your message. This can include your name (if you include it), email address, phone number (if you include it), and the contents of your message. We may also collect any attachments you send us and any details you include (such as screenshots, transaction hashes, wallet address, or other context) in order to investigate and respond.

    (B) Form Submission Data. If the Services include forms (such as “Contact,” “Subscribe,” “Apply,” “Request Access,” or any similar forms), we collect the fields you submit. The exact fields depend on the form, but can include name, email, phone number, country, message text, and any other fields shown at the time of submission.

    (C) Account Data (If Accounts Exist Now or Later). If we offer account creation (now or in the future), we may collect identifiers like email address, username, password (stored in a hashed form), and optional profile details you choose to provide. If we support login via third-party identity providers, those providers may share limited profile information with us based on your chosen settings and permissions.

    (D) Sale/Participation Data (If Applicable). If you participate in a token sale or similar offering through the Services, we may collect information necessary to process the request, provide support, and prevent fraud. This may include wallet address (public identifier), payment reference (such as transaction hash), network used, timestamp, and communication records if you reach out for support. We do not collect your private keys or seed phrase.

    (E) Feedback and Surveys. If you respond to surveys, polls, feedback prompts, or provide suggestions, we collect the information you provide. Feedback may include opinions and preferences. You should not include sensitive personal data in feedback.

    2.2 Information Collected Automatically (Technical & Usage Data)

    When you use the Services, we may automatically collect certain technical information for security, performance, and analytics. This is common for most websites. This data helps us keep the site stable, prevent abuse, and understand how pages are used so we can improve them.

    (A) Device and Browser Data. We may collect your device type (desktop/mobile), browser type/version, operating system, language settings, screen size category, and similar technical signals. This helps us test compatibility and fix bugs.

    (B) Log Data. Our servers (or hosting providers) may automatically record logs such as IP address, requested pages, timestamps, referrer/previous page, error logs, request sizes, response codes, and approximate geographic region inferred from IP. Logs are used for debugging, security monitoring, rate limiting, and fraud prevention.

    (C) Usage/Interaction Data. We may collect information about how you interact with pages—such as page views, time spent on a page, navigation paths, clicks, scroll depth, button interactions, and general engagement events. We prefer aggregated metrics where possible.

    (D) Approximate Location. We may infer an approximate location (for example, country/city region) based on IP address. We do not try to determine your precise GPS location through the website unless you explicitly grant permission through browser prompts (and only if we build a feature that requires it).

    (E) Performance and Diagnostic Data. We may collect performance timing (page load time, render time), crash logs (if any), and error diagnostics to improve reliability and speed.

    2.3 Cookies, Local Storage, and Similar Technologies

    We may use cookies, local storage, and similar technologies to remember preferences, improve performance, provide basic security protections, and analyze site usage. These may include:

    • Essential cookies/storage: Used for site functionality and basic protection (for example, remembering a dismissed notice, maintaining a session state where needed, or anti-abuse measures).
    • Preference cookies/storage: Remember settings such as language or UI preferences.
    • Analytics identifiers: Help us understand general traffic and usage patterns.

    You can control cookies through browser settings. If you block cookies, some features may not function properly.

    2.4 Web3 / Blockchain-Related Data (Public by Nature)

    If the Services include blockchain-related features (such as a wallet connection interface, token sale participation flow, or transaction verification tools), we may collect or observe certain public blockchain data. Blockchain data is generally public and accessible via explorers and nodes.

    (A) Wallet Address. A wallet address is typically a public identifier. If you connect a wallet, submit an address, or include it in support messages, we may collect that address to provide the requested functionality or support.

    (B) Transaction Data. We may collect transaction hashes, timestamps, token transfer details, contract addresses, network identifiers, and confirmation status for support, fraud detection, and operational verification.

    (C) Message Signatures (If Used). Some Web3 flows ask you to sign a message to prove control of a wallet (without spending funds). If we implement such a feature, we may collect the signature and the message metadata for verification. We still do not collect private keys.

    (D) On-chain Visibility. You acknowledge that on-chain transactions and wallet addresses can be viewable by anyone. We cannot delete on-chain data.

    2.5 Data We Receive From Third Parties

    In limited cases, we may receive information from third parties to operate and secure the Services. This may include:

    • Hosting/CDN providers: Basic traffic logs, error logs, and security signals.
    • Analytics providers: Aggregated usage metrics and event counts (and sometimes identifiers, depending on configuration).
    • Security providers: Bot detection signals, abuse scores, or fraud indicators.
    • Wallet providers: Wallet apps may share public address and network information during connection (we do not receive private keys).

    Third parties operate under their own privacy policies. Where they process data on our behalf, we try to use reputable vendors and limit processing to what is needed.

    2.6 Sensitive Data (What We Don’t Intend to Collect)

    We do not intentionally collect sensitive personal data such as health information, biometric identifiers, religious beliefs, political opinions, or detailed financial account credentials. Please do not submit sensitive data through forms or support. If you voluntarily provide such information, you acknowledge you are choosing to disclose it. If we become aware that sensitive data has been collected unintentionally, we may take reasonable steps to delete it where feasible and lawful.

    2.7 Children’s Data

    The Services are not intended for children. We do not knowingly collect personal data from individuals under the age of majority in their jurisdiction. If you believe a child has provided us data, contact us and we will take reasonable steps to address it in accordance with applicable law.

    2.8 Data Accuracy and Your Responsibility

    You are responsible for ensuring that information you provide is accurate and up to date. If you provide incorrect email addresses, wrong wallet addresses, or inaccurate details, it can prevent us from responding or can lead to irreversible mistakes in blockchain contexts. Always double-check critical details.

    3) How We Use Your Data

    Overview. We use information to operate, secure, maintain, and improve the Services, to communicate with you, to prevent abuse and fraud, and to comply with legal obligations where applicable. We do not use your data as a “free-for-all.” We aim to use data only for purposes that are reasonably connected to providing the Services and protecting users.

    Depending on your location, data processing may require a “lawful basis.” Common lawful bases include: (a) your consent (for example, subscribing to updates), (b) necessity to perform a contract or provide a requested service (for example, responding to your support request), (c) our legitimate interests (for example, security monitoring and service improvement), and (d) compliance with legal obligations (for example, responding to lawful requests).

    3.1 Provide and Operate the Services

    We use data to deliver website pages, display content, run navigation and UI features, and provide core functionality. For example:

    • Loading pages correctly across different browsers and devices.
    • Remembering user preferences (where applicable).
    • Responding to contact messages and support requests.
    • Verifying and troubleshooting issues reported by users.

    3.2 Customer Support and Communication

    If you contact support, we use your contact details and message contents to respond, investigate issues, and follow up. We may also use communications to:

    • Provide confirmations or service-related notices (for example, policy updates).
    • Send security alerts (for example, scam warnings or phishing advisories).
    • Document support outcomes for quality and training of internal processes.

    We try to keep support communications limited to what is necessary. You should avoid sharing sensitive data like seed phrases or passwords.

    3.3 Security, Fraud Prevention, and Abuse Detection

    Security is one of the main reasons websites collect logs and technical data. We use data to protect the Services, our users, and our infrastructure from:

    • Spam and automated abuse (bots, scraping, credential stuffing).
    • Phishing attempts and impersonation attacks.
    • DDoS attacks and traffic floods.
    • Malware injection attempts and suspicious payloads.
    • Unauthorized access attempts or unusual activity patterns.

    This can include analyzing server logs, using rate-limiting, blocking suspicious IPs, monitoring unusual traffic patterns, and applying security controls. Some security checks may be performed by trusted service providers (for example, bot protection services) which may process limited technical identifiers to determine whether traffic is legitimate.

    3.4 Improve, Maintain, and Develop the Services

    We use aggregated and technical data to understand how the Services are used and how we can improve them. This includes:

    • Identifying which pages are popular and which are confusing.
    • Fixing bugs, broken links, and performance bottlenecks.
    • Improving page load time and reliability.
    • Testing UI changes (for example, navigation improvements).

    Where feasible, we prefer aggregated metrics. However, some analytics tools may use identifiers. We try to configure analytics in a privacy-respecting way where practical.

    3.5 Personalization and Preferences (If Enabled)

    If the Services offer preference settings (for example, language selection, theme settings, or saved navigation), we use stored preferences to customize your experience. Personalization is typically optional and can often be reset by clearing cookies/local storage.

    3.6 Web3 / Blockchain Operational Use (If Applicable)

    If the Services include token sale participation or blockchain-related verification tools, we may use public blockchain data and identifiers to:

    • Verify whether a transaction occurred (using a transaction hash).
    • Confirm network and contract interactions.
    • Detect duplicate submissions or suspicious patterns.
    • Provide support (for example, investigating a missing transfer report).

    We do not control blockchain networks, and we cannot reverse transactions. We do not receive your private keys or seed phrase. Any on-chain actions are publicly visible by nature.

    3.7 Compliance, Legal Requests, and Enforcement

    We may process and disclose data if required to comply with applicable laws, regulations, lawful requests, or to enforce our Terms. This may include:

    • Responding to court orders or valid legal processes.
    • Protecting rights, safety, and preventing harm.
    • Investigating fraud, scams, or abuse.
    • Maintaining records related to disputes or claims.

    3.8 Business Operations (Internal Administration)

    We may use data for internal purposes such as audits, analytics configuration, recordkeeping, performance monitoring, and service planning. Access is typically limited to authorized personnel with a business need.

    3.9 Marketing Communications (If Any)

    If we provide marketing communications (for example, newsletters), we will typically do so only where allowed by law and with opt-out options. You can unsubscribe using the link provided (where applicable). Service-related messages (security notices, policy updates) may still be sent where necessary.

    3.10 Automated Decisions

    We may use automated systems for security (for example, bot detection or rate limiting). This may result in traffic being blocked or challenged if it appears abusive. Such systems are used to protect the Services, not to make important decisions about you as an individual. If you believe you were blocked in error, you can contact support.

    4) Cookies & Storage

    Overview. Cookies and similar technologies help websites function, remember preferences, improve performance, and understand how pages are used. “Cookies” are small text files stored on your device by your browser. “Local storage” and “session storage” are browser storage areas that can store small pieces of information on your device. Some technologies are essential for basic function, while others are used for analytics or personalization.

    We use these technologies in a way that aims to balance usability, security, and privacy. You can control cookies through your browser settings. In some regions, we may also show a cookie consent banner to let you manage choices (where required).

    4.1 Types of Cookies and Storage We May Use

    Cookies and storage can be grouped into categories:

    • Essential / Strictly Necessary: Needed for basic site operation and security (e.g., preventing abuse, maintaining session state, remembering a dismissed notice).
    • Preferences: Remember settings (language, UI choices) to improve your experience.
    • Analytics: Help us understand general traffic and usage patterns to improve performance and content.
    • Security: Support bot detection, rate limiting, and fraud prevention.

    4.2 Essential Cookies/Storage (Site Function & Safety)

    Essential cookies or storage items may be used to keep the site working and to protect it. Examples can include:

    • Remembering that you closed a pop-up or notice so it does not show repeatedly.
    • Maintaining a session state if any user session features exist.
    • Basic anti-abuse signals to reduce spam and automated attacks.

    Without essential storage, some parts of the Services may not function correctly or may become less secure.

    4.3 Preference Cookies/Storage (Your Settings)

    Preference storage may remember your selections such as language or UI preferences. If you change devices or clear storage, preferences may reset.

    4.4 Analytics Cookies (Understanding Usage)

    Analytics helps us understand how users navigate the site, which pages are helpful, and where performance needs improvement. Analytics can include:

    • Counting visitors (in aggregated form).
    • Understanding page views and navigation paths.
    • Measuring performance (load time, errors).
    • Understanding engagement (scroll depth, clicks).

    We aim to use analytics in a privacy-conscious way where feasible. Some analytics tools may use cookies or identifiers. Where required, we may request consent before enabling non-essential analytics cookies.

    4.5 Local Storage vs Session Storage

    Local storage remains on your device until you delete it. It may be used for remembering UI preferences or states.
    Session storage typically lasts only during your browsing session and is deleted when you close the browser tab/window.

    4.6 Managing and Deleting Cookies

    You can manage cookies using your browser settings. Most browsers allow you to:

    • Block all cookies or block third-party cookies.
    • Delete existing cookies and stored data.
    • Set rules per website.

    Important: If you block or delete cookies/storage, some site preferences may reset, and certain features may not work properly. Security protections may also be less effective.

    4.7 Do Not Track and Similar Signals

    Some browsers offer a “Do Not Track” signal. Because there is no universal standard for responding to it, our response may vary depending on technical feasibility and legal requirements. Where required, we will provide appropriate controls through consent mechanisms.

    4.8 Cookie Consent (If Required)

    In certain jurisdictions, we may be required to obtain consent for non-essential cookies (such as some analytics cookies). If we deploy a cookie consent banner, you will have options to accept, reject, or customize cookie choices. If you reject non-essential cookies, the site should still work, but some analytics and personalization may be limited.

    5) Web3 / Blockchain Notice

    Overview. Web3 and blockchain technologies work differently from traditional websites. In many cases, blockchain networks are public, decentralized, and permanent by design. If you interact with blockchain features (for example, connecting a wallet, signing a message, sending tokens, receiving tokens, or interacting with a smart contract), some information may become publicly visible on-chain. This Policy explains what we may see, what we may store off-chain, what is public by nature, and what we cannot control.

    5.1 Public Nature of Blockchain Data (Important)

    On-chain data is generally public. Many blockchains allow anyone to view wallet addresses, transaction hashes, token transfers, contract interactions, timestamps, and other metadata through blockchain explorers. This means:

    • Your wallet address may be visible publicly.
    • Transfers to/from your wallet may be visible publicly.
    • Token balances may be visible publicly.
    • Smart contract interactions may be visible publicly.

    We cannot delete or modify on-chain data. Even if you request deletion of personal data, public blockchain records typically cannot be removed, changed, or “forgotten” because they are maintained by decentralized participants and replicated across many nodes.

    5.2 Wallets: What We Do and Do Not Collect

    We do not collect your private keys or seed phrase. Your private keys and seed phrase are controlled by your wallet software and your device. The Company does not ask for your seed phrase and does not need it to provide website access. If anyone claims to be “support” and asks for your seed phrase, treat it as a scam.

    What we may collect or observe: If you connect a wallet (if the feature exists), we may receive your public wallet address and the network/chain identifier through the wallet connection process. We may also see basic connection metadata (for example, which network you selected) to show correct UI prompts and to prevent incorrect network usage.

    5.3 Transaction Verification and Support Use

    If you participate in an offering or report a transaction (for example, by providing a transaction hash), we may use that information to verify whether the transaction occurred and how it appears on-chain. This can include:

    • Checking confirmation status and timestamps
    • Checking the network/chain and token contract address
    • Checking whether funds/tokens were transferred to the correct address
    • Detecting mismatched networks (e.g., ERC20 vs BEP20) where relevant

    Off-chain logging: We may store limited off-chain records (such as a support ticket containing your wallet address and tx hash) to respond to your request, prevent fraud, and maintain operational records.

    5.4 Message Signing (If Used)

    Some Web3 flows ask you to sign a message to prove control of a wallet (without sending funds). If we implement message-signing features, we may process:

    • The public wallet address
    • The signed message (or its hash)
    • The signature data used for verification
    • Time and context of the verification attempt

    Signing warnings: Always review wallet prompts before signing. Some malicious sites trick users into signing harmful approvals or transactions. If you do not understand a signature request, do not approve it.

    5.5 Irreversibility and User Responsibility

    Blockchain transactions are typically irreversible. If you send assets to the wrong address or wrong network, recovery may be impossible. You are responsible for verifying:

    • Destination address
    • Correct chain/network (e.g., BEP20 vs ERC20)
    • Token contract address (avoid fake tokens)
    • Transaction details (amount, fees, approvals)

    5.6 Linking and Privacy Risks

    Wallet addresses are pseudonymous, not automatically anonymous. A wallet address can sometimes be linked to an identity through:

    • Exchange withdrawals/deposits tied to KYC accounts
    • Public posts where a person shares their address
    • Repeated patterns of transactions
    • Third-party analytics and clustering techniques

    We do not control third-party blockchain analytics. If privacy is important to you, you should consider that interacting on public chains may expose patterns.

    5.7 Third-Party Wallet Providers and Tools

    Wallet providers and Web3 tools are typically third-party software. They may collect device identifiers, analytics, and usage data under their own policies. Your interaction with wallets and third-party providers is governed by their privacy policies and terms. We do not control those providers.

    5.8 What We Cannot Do

    • We cannot reverse blockchain transactions.
    • We cannot delete public blockchain records.
    • We cannot guarantee the availability or performance of third-party wallets, nodes, or explorers.
    • We cannot prevent others from viewing public on-chain activity.

    6) Sharing & Third Parties

    Overview. We may share information with third parties only as needed to operate the Services, secure the Services, comply with legal requirements, and provide support. We do not sell your personal data as a business model. However, like most websites, we rely on service providers such as hosting, CDNs, analytics providers, email tools, and security services. In addition, if you use blockchain networks, some activity is inherently public and may be observed by anyone.

    6.1 Categories of Third Parties We May Share With

    (A) Hosting and Infrastructure Providers

    We may use hosting providers, cloud infrastructure services, domain services, and content delivery networks (CDNs) to serve pages, store content, and ensure performance. These providers may process technical data such as IP address, logs, and request metadata in order to deliver content and protect systems.

    (B) Security and Anti-Abuse Providers

    We may use third-party security services for bot detection, DDoS protection, abuse prevention, and fraud detection. These services may process limited technical identifiers (such as IP address, device/browser signals, and request patterns) to determine whether traffic is legitimate. This helps protect users and the Services from attacks and spam.

    (C) Analytics Providers

    We may use analytics tools to understand website usage and improve performance. Analytics may involve cookies or identifiers depending on configuration. Where required, we may request consent for non-essential analytics cookies. We aim to use aggregated metrics where possible.

    (D) Communication and Support Tools

    If we use email providers, ticketing systems, or support tools, those providers may process your email address and message contents to help us respond. We use such tools to manage support requests efficiently and to maintain records of communications for quality and security.

    (E) Payment / Transaction Context (If Applicable)

    If you participate in an offering, we may need to verify transaction details. We may use public blockchain explorers or node providers to view on-chain confirmation data. We may also receive support requests that include transaction hashes or wallet addresses. We do not receive private keys.

    (F) Professional Advisors and Compliance

    We may share information with professional advisors (legal, accounting, security consultants) when reasonably necessary for compliance, risk management, audits, or dispute resolution, subject to confidentiality obligations.

    6.2 Legal Requirements and Protection of Rights

    We may disclose information if we believe in good faith that disclosure is necessary to:

    • Comply with applicable laws, regulations, or lawful requests
    • Respond to court orders or valid legal processes
    • Protect the rights, property, and safety of users, the Company, and others
    • Investigate and prevent fraud, scams, and security incidents
    • Enforce our Terms and policies

    6.3 Business Transfers

    If we are involved in a merger, acquisition, reorganization, financing, bankruptcy, or sale of assets, information may be transferred as part of that transaction. If such a transfer occurs, we will take reasonable steps to ensure the data remains subject to protections consistent with this Policy and applicable law.

    6.4 Public Blockchain and Independent Observers

    If you interact on-chain, your blockchain activity may be visible publicly. This means that independent third parties (such as blockchain explorers, analytics companies, node operators, and the general public) may observe transaction data. We do not control these parties or how they use public blockchain data.

    6.5 International Data Transfers

    Depending on where you live and where our service providers operate, your information may be processed in different countries. Different jurisdictions may have different data protection laws. Where required, we take reasonable steps to provide appropriate safeguards (such as contractual protections) for cross-border transfers.

    6.6 Minimization and Access Controls

    We try to share only the minimum data necessary with third parties. We also aim to restrict internal access to data to authorized personnel who have a legitimate business need (for example, support staff responding to tickets, or security staff investigating abuse).

    6.7 No Sale of Personal Data

    We do not sell your personal data as a business model. If we ever change this approach in the future, we will update this Policy and provide any required notices and choices.

    7) Data Retention

    Overview. We retain information only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by applicable law. Retention is not “one size fits all.” Different types of data have different retention needs. For example, security logs may be retained for a limited time to investigate abuse, while support communications may be retained longer to maintain records of issue resolution. Where feasible, we may anonymize or aggregate data to reduce privacy impact while preserving useful operational insights.

    7.1 What Determines Retention Length

    We consider several factors when deciding how long to keep information:

    • Purpose: Why the data was collected (support, security, analytics, legal compliance).
    • Legal obligations: Laws may require retention for certain periods (e.g., dispute records, compliance).
    • Security needs: Logs may be needed to investigate incidents or prevent repeated attacks.
    • Operational requirements: Certain records may be needed for auditing, debugging, and quality control.
    • User requests: Where legally allowed, we may delete data upon request (subject to exceptions).

    7.2 Typical Categories and Examples

    (A) Server Logs and Security Logs

    Server logs may include IP address, timestamps, requested URLs, response codes, and similar technical metadata. These logs help detect abuse, troubleshoot errors, and keep the Services stable. We typically retain such logs for a limited period, then delete or rotate them, unless they are needed for investigation or legal compliance.

    (B) Analytics Data

    Analytics data may be retained to understand long-term trends, improve site performance, and measure page effectiveness. Where feasible, analytics data may be aggregated or de-identified. Retention can vary based on the analytics tool and our configuration.

    (C) Support Messages and Communications

    If you contact support, we may retain your messages and our responses to maintain a record of communications, improve support quality, and address follow-up issues. Support records may be retained for a reasonable period. If you request deletion, we may comply where legally permitted, but we may retain minimal records where needed for security, fraud prevention, or legal reasons.

    (D) Form Submissions

    Data submitted through forms (such as contact forms) may be retained to respond to your request and maintain records. Retention can vary depending on purpose and legal needs.

    (E) Web3 / Blockchain-Related Data

    If you provide a wallet address or transaction hash for support or verification, we may retain those details within support or operational records. Note that public on-chain data itself is not “stored” by us in the same way, because it exists on the blockchain and may be visible through third-party explorers. We cannot delete blockchain records.

    7.3 Deletion, Anonymization, and Backups

    When data is no longer needed, we take reasonable steps to delete it, anonymize it, or securely dispose of it. However, deletion may not be immediate in all systems. For example:

    • Backups: Some data may remain in encrypted backups for a period until backups rotate.
    • Logs: Logs may be retained in rolling systems until automatically purged.
    • Legal holds: If we are required to preserve data due to a dispute or legal obligation, deletion may be delayed.

    7.4 Legal Holds and Disputes

    If a dispute arises, or if we reasonably believe we may need data for legal claims, compliance, or enforcement of our Terms, we may retain relevant information for longer than usual. This is sometimes called a “legal hold.” We will limit retention to what is reasonably necessary for that purpose.

    7.5 Your Deletion Requests (Subject to Limitations)

    Depending on your jurisdiction, you may request deletion of personal data. If deletion is legally required and feasible, we will take reasonable steps to comply. However, we may need to retain certain information for:

    • Legal compliance and recordkeeping
    • Security and fraud prevention
    • Dispute resolution and enforcement of Terms
    • Technical constraints (e.g., backups, immutable blockchain records)

    8) Security

    Overview. We use reasonable administrative, technical, and organizational measures designed to protect information against unauthorized access, loss, misuse, alteration, or disclosure. Security is a continuous process. No website, system, or transmission method can be guaranteed 100% secure. You acknowledge that using the internet involves inherent risks, and that cyber threats are constantly evolving.

    8.1 Our Security Measures (General)

    Security controls may include:

    • Access controls: Limiting access to data to authorized personnel with a legitimate business need.
    • Secure configuration: Applying reasonable server and application hardening practices.
    • Encryption: Using encryption in transit (HTTPS/TLS). We may use encryption at rest where appropriate.
    • Monitoring and logging: Monitoring for suspicious activity, abuse patterns, and system errors.
    • Rate limiting and anti-bot protections: Reducing automated abuse and spam.
    • Vendor controls: Selecting reputable service providers and reviewing security practices where feasible.

    8.2 Security Limitations (No Absolute Guarantee)

    Even with reasonable measures, security incidents can occur due to:

    • New vulnerabilities in software, browsers, or servers
    • Misconfigurations or human error
    • Phishing and social engineering attacks
    • Credential theft or device compromise
    • Attacks on third-party providers

    You agree that the Company is not responsible for incidents that occur outside our reasonable control, including compromise of your email account, wallet, device, or third-party platforms.

    8.3 Your Responsibilities (Very Important)

    Your security choices matter. You agree to take reasonable steps to protect your information and devices. This includes:

    • Keeping your operating system and browser updated
    • Using strong passwords and not reusing passwords across sites
    • Enabling two-factor authentication where available
    • Avoiding suspicious links and downloads
    • Verifying the correct domain/URL before entering information
    • Never sharing wallet seed phrases or private keys (including with anyone claiming to be “support”)

    8.4 Web3 and Wallet Security (If Applicable)

    If you use Web3 features, you acknowledge additional risks. Wallets are typically self-custody tools. If your wallet is compromised, tokens can be stolen and transactions may be irreversible. You should:

    • Use a reputable wallet and keep it updated
    • Consider hardware wallets for significant holdings
    • Review transaction and signature prompts carefully
    • Avoid unknown “airdrop” links and suspicious contract approvals
    • Revoke token approvals you no longer need (where applicable)

    8.5 Incident Response and Notifications

    If we become aware of a security incident affecting the Services, we may take steps to contain, investigate, and remediate the issue. Where required by law, we may notify affected users and/or relevant authorities. The timing and content of any notice may depend on the nature of the incident, the information available, and legal requirements.

    8.6 Security Reporting (Optional)

    If you believe you have discovered a security issue, you may contact us through the support contact listed in this Policy. Please do not publicly disclose vulnerabilities before giving us a reasonable opportunity to investigate. We may choose to acknowledge reports and, where appropriate, take steps to resolve issues.

    9) Your Rights

    Overview. Depending on where you live and which laws apply, you may have certain rights regarding your personal data. These rights are not always the same in every country. Some rights may be limited or subject to exceptions—for example, where we must retain data to comply with law, prevent fraud, maintain security, or resolve disputes. This section explains common privacy rights and how to exercise them.

    9.1 Common Rights You May Have

    Subject to applicable law, your rights may include:

    • Right to Access: You may request a copy of the personal data we hold about you and information about how we use it.
    • Right to Correction: You may request that inaccurate or incomplete personal data be corrected.
    • Right to Deletion: You may request deletion of personal data, subject to legal and operational exceptions.
    • Right to Restrict Processing: You may request that we limit the way we process your personal data in certain cases.
    • Right to Object: You may object to certain processing (for example, where processing is based on “legitimate interests”), subject to legal limits.
    • Right to Data Portability: In some jurisdictions, you may request to receive certain data in a portable format or have it transferred to another provider (where technically feasible).
    • Right to Withdraw Consent: If we rely on your consent, you may withdraw that consent at any time (this does not affect processing that occurred before withdrawal).
    • Right to Opt Out of Marketing: If we send marketing communications, you can opt out using unsubscribe options (where provided).

    9.2 How to Exercise Your Rights

    To exercise rights, you can contact us using the support/contact details in this Privacy Policy. Please include enough information for us to understand your request. To protect privacy and security, we may require identity verification before fulfilling a request. Verification methods may depend on the request type and the sensitivity of the data involved.

    9.3 Identity Verification (Why We Do It)

    We may request reasonable proof to verify that you are the person (or authorized representative) making the request. This helps prevent unauthorized access to personal data. Verification may involve confirming control of an email address, responding from the same email account used to contact us, or providing additional details that help confirm identity. We do not request wallet seed phrases or private keys for verification. If you receive a request for your seed phrase, it is a scam.

    9.4 Timing and Responses

    We will respond to valid requests within a reasonable time. Response times may vary depending on complexity, request volume, and legal requirements. In some cases, we may need additional time to investigate and fulfill a request. If we cannot fulfill a request, we will explain the reason where legally permitted.

    9.5 Exceptions and Limitations

    Your rights may be limited in certain cases, including where:

    • We must retain data to comply with legal obligations or lawful requests.
    • Retention is necessary for security, fraud prevention, or abuse investigations.
    • Data is needed to establish, exercise, or defend legal claims.
    • Deletion would be technically infeasible (e.g., encrypted backups until rotation).
    • Data is public and immutable by nature (e.g., on-chain blockchain data).

    9.6 Web3 / Blockchain Specific Limitations

    If your activity involves blockchain networks, you acknowledge that some information (like wallet addresses and transaction records) may be publicly visible and cannot be deleted by the Company. Even if you request deletion of off-chain data (such as support tickets), on-chain data typically remains accessible on the blockchain. If you want to reduce linkage risk, avoid publicly posting your wallet address and consider privacy impacts before transacting.

    9.7 Authorized Agents (If Allowed by Law)

    In some jurisdictions, you may allow an authorized agent to make requests on your behalf. We may require proof of authorization and identity verification for both you and the agent.

    9.8 Marketing Preferences

    If we send marketing communications, you can opt out by using the unsubscribe mechanism (where provided). Opting out of marketing does not necessarily opt you out of operational or security communications (for example, important security notices or policy updates).

    9.9 Complaints and Supervisory Authorities

    Depending on your jurisdiction, you may have the right to file a complaint with a data protection authority or relevant regulator. We encourage you to contact us first so we can try to resolve concerns.

    10) Changes to This Policy

    Overview. We may update this Privacy Policy from time to time to reflect changes in our Services, technology, legal requirements, business operations, or privacy practices. When we update the Policy, we will post the revised version on this page and may update a “Last Updated” date if displayed. Your continued use of the Services after the updated Policy is posted means you acknowledge the changes, unless applicable law requires a different approach.

    10.1 Why We May Update the Policy

    Updates may happen for reasons such as:

    • Launching new pages, features, forms, or tools.
    • Changing service providers (hosting, analytics, security tools).
    • Improving security practices and logging.
    • Changes in applicable laws or regulatory guidance.
    • Operational changes (merger, restructuring, new business model).

    10.2 How We Provide Notice of Changes

    We may provide notice of changes in different ways depending on the type of change and legal requirements:

    • Posting the updated Policy on this page.
    • Updating a “Last Updated” date at the top or bottom of the Policy (if displayed).
    • Showing a banner or pop-up notice for material changes.
    • Sending an email notice if we have your email and law requires it (e.g., for certain material updates).

    10.3 Material Changes

    “Material changes” generally mean changes that significantly affect how we collect, use, or share personal data, or changes that significantly affect user rights. Examples could include introducing new categories of personal data collection, adding new third-party sharing categories, or changing retention practices. If a change is material and law requires additional notice or consent, we will take reasonable steps to comply.

    10.4 Your Choices After an Update

    If you do not agree with an updated Policy, you should stop using the Services. You may also request deletion of personal data where legally allowed, subject to retention exceptions. If you continue using the Services, you acknowledge the updated Policy.

    10.5 Version History (Optional)

    We may keep a version history summary (for example, listing major changes by date) to help users understand how the Policy has evolved. If we do not provide a version history, you can still review the “Last Updated” date (if shown) to understand when the Policy changed.

    10.6 Contact for Policy Questions

    If you have questions about this Policy or changes to it, contact us using the details provided in the Contact section of this Policy (or our support email). Provide enough context so we can respond effectively.