Skip to main content

Introduction

This Privacy Policy describes how utilsio (“we,” “us,” or “our”) collects, uses, stores, shares, and protects information in connection with your use of utilsio.dev (the “Platform”). By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the data practices described herein. This Privacy Policy should be read in conjunction with our Terms of Service, which govern your use of the Platform. IMPORTANT NOTICES:
  • Public Profile Data: Information you provide (name, email, avatar) is public-by-default within the utilsio ecosystem.
  • Blockchain Transparency: Your wallet address and all blockchain transactions are permanently recorded on the public Polygon blockchain.
  • Non-Custodial Architecture: We do not store your private keys or recovery phrases.
  • Third-Party Sharing: Your profile information is automatically shared with creators and applications you interact with.

1. Information We Collect

1.1 Information You Provide Directly

(a) Account Registration Information: When you create an account, you provide:
  • Full name or display name
  • Email address
  • Avatar image (uploaded by you)
(b) Optional Profile Enhancements: You may optionally provide:
  • Additional profile description or bio
  • Social media links
  • Communication preferences
(c) Communications: When you contact us for support or feedback, we collect:
  • Content of your messages
  • Any attachments or screenshots you provide
  • Email correspondence metadata (timestamps, sender information)

1.2 Automatically Collected Information

(a) Device and Technical Information:
  • Internet Protocol (IP) address
  • Browser type and version
  • Operating system and device type
  • Screen resolution and device identifiers
  • Language preferences
(b) Usage Data:
  • Pages visited and features accessed
  • Time spent on pages
  • Referring URLs and exit pages
  • Click patterns and navigation paths
  • Search queries entered on the Platform
  • Subscription actions (subscribed to, cancelled, modified)
(c) Blockchain Interaction Data:
  • Your UtilsioWallet smart contract address
  • Transaction hashes and timestamps
  • Gas fees paid and reimbursement amounts
  • Token balances and payment streams
  • Withdrawal history and amounts
  • Smart contract interaction logs
This blockchain data is publicly available on the Polygon network and is indexed by us to display your dashboard and transaction history. (d) Cookies and Similar Technologies: We use cookies, web beacons, and similar technologies to:
  • Maintain user sessions and authentication state
  • Remember your preferences and settings
  • Analyze Platform usage and performance
  • Enhance security and prevent fraud
See Section 7 for detailed information about cookies.

1.3 Information from Third-Party Sources

(a) Blockchain Networks: We query the Polygon blockchain to retrieve publicly available information about your UtilsioWallet, including balance, transaction history, and active payment streams. (b) Identity Verification (Future): When identity verification is implemented, we may collect information from third-party verification providers, including verified identity documents and biometric data. (c) Analytics Services: We may receive aggregated, anonymized analytics data from third-party analytics providers.

2. Public Profile Information

2.1 Public-by-Default Data

The following information is treated as public within the utilsio ecosystem and is not subject to confidentiality protections:
  • Your display name
  • Your email address
  • Your avatar image
  • Any public profile bio or description you add

2.2 Automatic Sharing with Creators and Applications

When you subscribe to a creator or interact with an integrated third-party application, your public profile information is automatically transmitted to such creator or application without requiring additional consent for each transaction. Purpose of Sharing: This automatic sharing is necessary to:
  • Enable creators to identify and communicate with their subscribers
  • Allow applications to personalize user experience
  • Facilitate service delivery and customer support
  • Prevent fraud and abuse

2.3 Avatar Storage

Avatar images are stored in publicly accessible cloud storage buckets (provided by Supabase) and are assigned public URLs. Anyone with the URL can access your avatar image.

2.4 No Expectation of Privacy

You acknowledge that public profile information is not confidential and can be:
  • Viewed by any creator or application on the Platform
  • Indexed by search engines (if exposed via public APIs)
  • Collected and stored by third parties
  • Used by creators for marketing or communication purposes in accordance with their own privacy policies

2.5 Changing Public Information

You may update your profile information at any time through your account settings. Changes will be reflected immediately in future interactions, but information previously shared with creators or applications is not retroactively deleted.

3. Blockchain Transparency and Permanence

3.1 Public Blockchain Data

Your UtilsioWallet smart contract address and all associated blockchain transactions are permanently recorded on the public Polygon blockchain. This data includes:
  • Wallet address (derived from your private key)
  • All incoming and outgoing transactions
  • Token balances at any point in time
  • Active and historical payment streams
  • Subscription start and end dates
  • Withdrawal amounts and destinations
  • Gas fees paid
  • Smart contract interactions and function calls

3.2 Permanent and Immutable

Blockchain data is:
  • Permanent: Cannot be deleted or modified after confirmation
  • Public: Visible to anyone with access to a blockchain explorer
  • Immutable: Cannot be altered, even by us
  • Pseudonymous: Linked to your wallet address but not inherently to your real-world identity

3.3 Blockchain Analysis

Third parties may:
  • Analyze blockchain data to identify transaction patterns
  • Link your wallet address to other addresses you control
  • Correlate on-chain activity with off-chain identity information
  • Use sophisticated blockchain analytics to deanonymize users
We have no control over third-party blockchain analysis activities.

3.4 Platform Indexing

We index and cache blockchain data related to your UtilsioWallet to:
  • Display your transaction history and dashboard
  • Calculate limits and enforce smart contract rules
  • Provide search and filtering functionality
  • Generate usage analytics
This indexed data is derived from publicly available blockchain information and does not create additional privacy exposure beyond what exists on-chain.

4. Information We Do NOT Collect or Store

4.1 Cryptographic Keys

We never collect, store, access, transmit, or have the technical capability to recover:
  • Your 12-word recovery phrase (seed phrase)
  • Your private keys
  • Your wallet passwords or passphrases
These are generated client-side in your browser and remain exclusively under your control.

4.2 Transaction Approval

We do not require, collect, or store your consent for each individual transaction or profile data sharing event. Using the Platform and interacting with creators or applications constitutes ongoing consent to automatic profile data sharing as described in Section 2.

4.3 Payment Card Information

We do not accept fiat currency payments and therefore do not collect credit card, debit card, or bank account information.

4.4 Biometric Data (Current)

We do not currently collect biometric data. If identity verification is implemented in the future, collection of such data will be disclosed and governed by updated policies.

5. How We Use Your Information

5.1 Platform Operation and Service Delivery

We use collected information to: (a) Create and manage your account; (b) Authenticate users and maintain session security; (c) Deploy and manage your UtilsioWallet smart contract; (d) Facilitate subscription payment streams; (e) Process withdrawals and token swaps; (f) Calculate and enforce transaction limits; (g) Display your transaction history and dashboard; (h) Provide customer support and respond to inquiries; (i) Send transactional emails (account creation, password reset, backup delivery, subscription confirmations); (j) Share your profile information with creators and applications per Section 2; and (k) Enable third-party integrations (Superfluid, LiFi, Alchemy).

5.2 Platform Improvement and Analytics

We use collected information to: (a) Analyze Platform usage patterns and user behavior; (b) Identify bugs, errors, and performance issues; (c) Conduct A/B testing and feature experiments; (d) Improve user interface and user experience; (e) Develop new features and services; and (f) Generate aggregated, anonymized analytics reports.

5.3 Security and Fraud Prevention

We use collected information to: (a) Detect and prevent fraud, abuse, and illegal activity; (b) Monitor for suspicious transactions or patterns; (c) Enforce our Terms of Service and policies; (d) Identify and ban malicious users; (e) Protect against unauthorized access or cyberattacks; and (f) Comply with legal obligations and law enforcement requests.

5.4 Communications

We use your email address to: (a) Send transactional emails required for Platform functionality; (b) Deliver your encrypted wallet backup file; (c) Notify you of important Platform updates or policy changes; (d) Respond to support requests; and (e) Send occasional product announcements (you may opt out of marketing emails but not transactional emails). We may use collected information to: (a) Comply with applicable laws and regulations; (b) Respond to court orders, subpoenas, or legal process; (c) Cooperate with law enforcement or regulatory investigations; (d) Enforce our legal rights or defend against legal claims; and (e) Fulfill reporting obligations or sanctions screening requirements.

6. Information Sharing and Disclosure

6.1 Sharing with Creators and Applications

As described in Section 2, your public profile information is automatically shared with: (a) Creators whose services you subscribe to; and (b) Third-party applications you connect to or interact with. This sharing is necessary for service delivery and occurs without separate consent for each transaction.

6.2 Third-Party Service Providers

We share information with the following third-party service providers who perform services on our behalf: (a) Supabase (Singapore Region):
  • Services: Database hosting, file storage, authentication services
  • Data Shared: Account information, profile data, session data
  • Purpose: Platform infrastructure and data storage
  • Privacy Policy: https://supabase.com/privacy
(b) Alchemy:
  • Services: Blockchain RPC infrastructure and paymaster services
  • Data Shared: Blockchain transaction data, wallet addresses
  • Purpose: Blockchain connectivity and gas sponsorship
  • Privacy Policy: https://www.alchemy.com/policies/privacy-policy
(c) Brevo: (d) LiFi Protocol:
  • Services: Cross-chain swap and bridge aggregation
  • Data Shared: Token swap requests, wallet addresses
  • Purpose: Facilitating token swaps and withdrawals
  • Privacy Policy: https://li.fi/legal/privacy-policy
(e) Superfluid Protocol:
  • Services: Payment streaming infrastructure (on-chain protocol)
  • Data Shared: Wallet addresses, payment stream data (all on-chain and public)
  • Purpose: Enabling subscription payment streams
  • Privacy Policy: https://www.superfluid.finance/privacy
These providers are contractually obligated to protect your information and use it only for the purposes for which it was shared. However, we cannot control their data practices, and you should review their privacy policies.

6.3 Business Transfers

In the event of a merger, acquisition, bankruptcy, dissolution, reorganization, sale of assets, or similar transaction or proceeding involving us, your information may be transferred to a successor or affiliate. We will provide notice before your information is transferred and becomes subject to a different privacy policy. We may disclose your information if required by law or in good faith belief that such disclosure is necessary to: (a) Comply with legal obligations, court orders, subpoenas, or government requests; (b) Enforce our Terms of Service or other agreements; (c) Protect the rights, property, or safety of utilsio, our users, or the public; (d) Detect, prevent, or investigate fraud, security breaches, or illegal activity; (e) Respond to emergency situations involving danger of death or serious physical injury; or (f) Comply with sanctions screening or anti-money laundering obligations.

6.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you, including: (a) Platform usage statistics; (b) Transaction volume and growth metrics; (c) Demographic trends (without personally identifiable information); and (d) Research findings derived from aggregated data. This data may be shared publicly or with third parties for analytics, research, or marketing purposes. We may share your information in additional circumstances with your explicit consent.

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

(a) Essential Cookies:
  • Purpose: Authentication, session management, security
  • Examples: Login tokens, session identifiers, CSRF protection tokens
  • Duration: Session-based or until logout
  • Opt-Out: Cannot be disabled as they are necessary for Platform functionality
(b) Functional Cookies:
  • Purpose: Remember preferences and settings
  • Examples: Language preferences, UI customization
  • Duration: Persistent (up to 1 year)
  • Opt-Out: Can be cleared via browser settings
(c) Analytics Cookies:
  • Purpose: Understand how users interact with the Platform
  • Examples: Page views, click tracking, navigation patterns
  • Duration: Persistent (up to 2 years)
  • Opt-Out: Can be disabled via browser settings or opt-out mechanisms

7.2 Third-Party Cookies

We may allow third-party services to set cookies on our Platform, including:
  • Analytics providers (e.g., Google Analytics, if implemented)
  • Error tracking services (e.g., Sentry, if implemented)
  • Performance monitoring tools

7.3 Managing Cookies

You can control cookies through: (a) Browser Settings: Most browsers allow you to view, delete, and block cookies through their settings menus. (b) Opt-Out Tools: Some analytics providers offer opt-out browser extensions. (c) Do Not Track: We currently do not respond to Do Not Track (DNT) browser signals, as there is no industry consensus on DNT compliance. Warning: Disabling essential cookies will prevent you from logging in and using the Platform.

7.4 Local Storage

In addition to cookies, we use browser local storage to:
  • Cache user preferences
  • Store temporary session data
  • Improve performance by reducing server requests
Local storage can be cleared through your browser’s privacy settings.

8. Data Retention

8.1 Account Data Retention

We retain your account information and profile data: (a) While Your Account is Active: For as long as you maintain an account on the Platform. (b) After Account Deletion: For up to ninety (90) days following account deletion to allow for account recovery in case of accidental deletion or to comply with legal obligations. (c) Legal or Operational Requirements: Longer if required by law, regulation, legal process, or to resolve disputes and enforce our policies.

8.2 Blockchain Data Retention

Blockchain data is permanent and cannot be deleted. Your UtilsioWallet address and all associated transactions remain on the Polygon blockchain forever, regardless of account deletion. We may continue to index and cache blockchain data associated with deleted accounts to:
  • Maintain historical platform analytics
  • Comply with regulatory requirements
  • Preserve audit trails

8.3 Backup Data Retention

Encrypted wallet backup files sent via email are: (a) Retained in your email account according to your email provider’s retention policies (we do not control this); (b) Not stored on our servers after initial delivery; and (c) Your sole responsibility to maintain and secure.

8.4 Communication Logs

Support emails and communications may be retained for up to three (3) years for customer service quality assurance and training purposes.

8.5 Analytics and Logs

Aggregated analytics data and server logs may be retained indefinitely in anonymized form for research and platform improvement purposes.

9. Your Rights and Choices

9.1 Access to Your Information

You have the right to request access to the personal information we hold about you. You can view most of your information directly through your account dashboard, including:
  • Profile information
  • Transaction history (derived from blockchain data)
  • Active subscriptions
  • Account settings
To request a complete copy of your data, contact us at the email address provided in Section 14.

9.2 Correction and Update

You can update most of your profile information directly through your account settings. If you encounter technical issues preventing updates, contact our support team.

9.3 Deletion and Account Closure

(a) Account Deletion: You may request deletion of your account by contacting us. Upon deletion:
  • Your account profile will be removed from our active systems
  • Your public profile data will no longer be shared with new creators or applications
  • Your encrypted backup file will no longer be sent via email
(b) Limitations on Deletion:
  • Blockchain data cannot be deleted as it is permanently recorded on the public Polygon blockchain
  • Previously shared data with creators or applications cannot be retroactively deleted from their systems
  • Legal retention may require us to retain certain data even after account deletion
(c) Data Retention After Deletion: See Section 8.2 for retention periods following account deletion.

9.4 Objection and Restriction

You may object to certain processing of your information or request restriction of processing, subject to legal and operational limitations. However:
  • We cannot restrict processing necessary for Platform functionality
  • We cannot restrict public blockchain data
  • Objections may limit your ability to use certain features

9.5 Data Portability

You have the right to receive your personal information in a structured, commonly used, and machine-readable format. Contact us to request data export. Note that:
  • Blockchain data is already publicly available and portable
  • Data portability does not apply to information derived from public sources
Where processing is based on consent, you may withdraw consent at any time. However:
  • Withdrawal does not affect the lawfulness of processing prior to withdrawal
  • Withdrawal of consent to automatic profile sharing will prevent you from using Platform features requiring such sharing

9.7 Opt-Out of Marketing Communications

You may opt out of marketing or promotional emails by: (a) Clicking “unsubscribe” links in marketing emails; or (b) Updating email preferences in your account settings. You cannot opt out of transactional emails necessary for Platform functionality (account creation, password reset, backup delivery, security alerts).

9.8 Exercising Your Rights

To exercise any of the rights described in this Section, contact us at the email address provided in Section 14. We will respond to valid requests within:
  • Thirty (30) days for general requests; or
  • Timeframes required by applicable law (e.g., 45 days for California residents, 30 days for EU residents).
We may require identity verification before fulfilling requests to protect your privacy and security.

10. Children’s Privacy

10.1 Age Restriction

The Platform is not intended for use by individuals under the age of eighteen (18). We do not knowingly collect personal information from children under 18.

10.2 Parental Notice

If you are a parent or guardian and believe your child under 18 has created an account or provided personal information to us, please contact us immediately at the email address provided in Section 14.

10.3 Deletion of Children’s Data

Upon learning that we have collected personal information from a child under 18, we will: (a) Delete the account immediately; (b) Remove profile data from our active systems; (c) Cease all further processing of the child’s information; and (d) Notify the child (or parent/guardian if contact information is available) of the deletion. Note: Blockchain data associated with any wallet created by a minor cannot be deleted due to the immutable nature of blockchain technology.

10.4 COPPA Compliance (United States)

If you are in the United States, we comply with the Children’s Online Privacy Protection Act (COPPA). We do not knowingly collect information from children under 13 and have no actual knowledge of selling personal information of minors under 16.

11. International Data Transfers

11.1 Global Platform

The Platform is accessible globally. However, our primary data infrastructure is located in Singapore (Supabase servers).

11.2 Cross-Border Transfers

By using the Platform, you acknowledge and consent to the transfer of your personal information to Singapore and other countries where our service providers operate, which may have different data protection laws than your country of residence.

11.3 European Economic Area (EEA) and United Kingdom

If you are located in the EEA or United Kingdom: (a) Legal Basis for Processing: We process your personal information based on:
  • Contractual necessity: To provide Platform services pursuant to our Terms of Service
  • Legitimate interests: Platform improvement, security, fraud prevention
  • Consent: Where required for specific processing activities
  • Legal obligations: To comply with applicable laws
(b) Data Protection Standards: Data transfers to Singapore and other non-EEA countries are subject to appropriate safeguards, including:
  • Standard Contractual Clauses (SCCs) with service providers
  • Adequacy decisions by the European Commission (where applicable)
  • Processor agreements ensuring GDPR-equivalent protections
(c) EEA Representative: We currently do not have an appointed EEA representative. If required in the future, contact information will be provided here.

11.4 California Residents

If you are a California resident, see Section 12 for additional disclosures required by the California Consumer Privacy Act (CCPA).

11.5 Vietnam Data Protection

As we operate from Vietnam and our primary users may be Vietnamese residents, we comply with Vietnamese data protection laws, including Decree 13/2023/ND-CP on personal data protection.

12. California Privacy Rights (CCPA)

12.1 Applicability

This section applies only to California residents and supplements the rest of this Privacy Policy.

12.2 Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information as defined by the CCPA:
CategoryExamplesCollected?
IdentifiersName, email address, wallet addressYes
Personal information under Cal. Civ. Code § 1798.80(e)Name, email addressYes
Protected classification characteristicsAge (for eligibility verification)Yes
Commercial informationSubscription history, transaction recordsYes
Internet or network activityBrowsing history, device informationYes
Geolocation dataIP-based approximate locationYes
Sensory dataAvatar image (if considered biometric)Yes
Professional or employment informationNot collectedNo
Education informationNot collectedNo
InferencesUser preferences, likely interestsYes

12.3 Sources of Personal Information

We collect personal information from: (a) Directly from you (account registration, profile updates); (b) Automatically from your device (cookies, usage data); (c) Public blockchain networks (transaction data); and (d) Third-party analytics providers (aggregated data).

12.4 Business or Commercial Purposes

We use personal information for the purposes described in Section 5, including:
  • Providing Platform services
  • Security and fraud prevention
  • Platform improvement
  • Communications
  • Legal compliance

12.5 Sharing Personal Information

We share personal information with the categories of third parties described in Section 6, including:
  • Creators and applications (automatic profile sharing)
  • Service providers (Supabase, Alchemy, Brevo, LiFi, Superfluid)
  • Legal authorities (when required by law)

12.6 Sale or Sharing of Personal Information

We do not “sell” personal information as defined by the CCPA. However, automatic sharing of profile data with creators and applications may be considered “sharing” under CCPA definitions. Right to Opt-Out: While we do not sell data for monetary consideration, you may opt out of automatic profile sharing by discontinuing use of the Platform, as such sharing is integral to Platform functionality.

12.7 California Consumer Rights

California residents have the following rights: (a) Right to Know: Request disclosure of personal information collected, used, or shared. (b) Right to Delete: Request deletion of personal information, subject to exceptions (legal compliance, blockchain immutability). (c) Right to Correct: Request correction of inaccurate personal information. (d) Right to Opt-Out: Opt out of sale or sharing of personal information (not applicable as we don’t sell data). (e) Right to Limit Use of Sensitive Personal Information: Not applicable as we do not use sensitive personal information for purposes requiring opt-out rights. (f) Right to Non-Discrimination: You will not be discriminated against for exercising CCPA rights.

12.8 Exercising California Rights

To exercise rights under the CCPA: (a) Submit a request via the contact information in Section 14; (b) Provide sufficient information to verify your identity (name, email address, wallet address); (c) Specify which right you are exercising; and (d) Await our response within 45 days (may be extended by 45 additional days for complex requests). You may designate an authorized agent to submit requests on your behalf by providing written authorization.

12.9 Minors Under 16

We do not have actual knowledge of selling or sharing personal information of consumers under 16 years of age.

12.10 Shine the Light Law

California residents may request information about disclosure of personal information to third parties for direct marketing purposes. However, we do not disclose personal information to third parties for their own direct marketing purposes.

13. Data Security

13.1 Security Measures

We implement reasonable administrative, technical, and physical safeguards to protect your personal information, including: (a) Encryption:
  • HTTPS/TLS encryption for all data in transit
  • AES-256 encryption for wallet backup files
  • Database encryption at rest (via Supabase)
(b) Access Controls:
  • Role-based access controls limiting employee access to data
  • Multi-factor authentication for administrative accounts
  • Regular access audits and permission reviews
(c) Infrastructure Security:
  • Secure cloud hosting with enterprise-grade providers
  • Regular security patching and updates
  • DDoS protection and rate limiting
  • Intrusion detection systems
(d) Application Security:
  • Input validation and sanitization
  • Protection against common vulnerabilities (SQL injection, XSS, CSRF)
  • Regular dependency updates
  • Secure coding practices
(e) Monitoring and Incident Response:
  • Continuous monitoring for suspicious activity
  • Automated alerts for security anomalies
  • Incident response procedures
  • Regular security reviews

13.2 Limitations

Despite our security measures: (a) No security system is impenetrable; data breaches may occur. (b) We cannot guarantee absolute security of data transmitted over the Internet. (c) You are responsible for securing your own devices, networks, and private keys. (d) Blockchain data is public and cannot be secured against viewing or analysis.

13.3 User Responsibilities

To protect your information: (a) Use strong, unique passwords for your account; (b) Enable two-factor authentication if available; (c) Secure your recovery phrase and backup file offline; (d) Avoid accessing the Platform on public or unsecured networks; (e) Keep your devices updated with security patches; (f) Do not share your private keys or recovery phrase with anyone; and (g) Report suspected security incidents to us immediately.

13.4 Data Breach Notification

In the event of a data breach involving your personal information, we will: (a) Notify affected users via email within the timeframe required by applicable law (typically 72 hours for GDPR, without unreasonable delay for CCPA); (b) Describe the nature of the breach and types of information affected; (c) Provide recommendations for protective measures; (d) Notify relevant regulatory authorities as required by law; and (e) Conduct a thorough investigation and remediation. Note: Breaches of public blockchain data or publicly available information may not trigger notification obligations, as such data is not confidential.

14. Changes to This Privacy Policy

14.1 Right to Modify

We reserve the right to modify this Privacy Policy at any time in our sole discretion to reflect:
  • Changes in Platform functionality or features
  • Evolving privacy laws and regulations
  • New data processing activities
  • Changes in service providers
  • User feedback and best practices

14.2 Notice of Changes

For material changes to this Privacy Policy, we will provide notice by: (a) Updating the “Last Updated” date at the top of this page; (b) Posting a prominent notice on the Platform; and (c) Sending an email notification to registered users at least thirty (30) days before the effective date of changes.

14.3 Acceptance of Changes

Your continued use of the Platform after the effective date of changes constitutes acceptance of the modified Privacy Policy. If you do not agree to the changes, you must cease using the Platform and may request account deletion.

14.4 Review Responsibility

You are responsible for periodically reviewing this Privacy Policy to stay informed of updates.

15. Contact Information

15.1 Privacy Questions and Requests

For questions about this Privacy Policy, to exercise your privacy rights, or to report privacy concerns, please contact us at: Email: privacy@utilsio.dev Subject Line: Use “Privacy Request” for data rights requests or “Privacy Inquiry” for general questions Response Time: We aim to respond to inquiries within seven (7) business days and to rights requests within thirty (30) days (or as required by applicable law).

15.2 Data Protection Officer

We currently do not have a designated Data Protection Officer (DPO). If required in the future by applicable law (e.g., GDPR), DPO contact information will be provided here.

15.3 EEA Representative

We currently do not have an appointed EEA representative as we do not specifically target EEA users. If we establish EEA operations or are required to appoint a representative, contact information will be provided here.

15.4 Supervisory Authority

If you are located in the European Economic Area and believe we have violated your data protection rights, you have the right to lodge a complaint with your local supervisory authority. For Vietnamese residents, you may file complaints with the relevant Vietnamese data protection authority.
The Platform may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to third-party sites or services.

16.2 Third-Party Practices

We are not responsible for the privacy practices or content of third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

16.3 Integrated Applications

Creators and integrated applications accessible through the Platform are independent third parties with their own privacy policies. Your interactions with these third parties are governed by their privacy policies, not ours.

16.4 Blockchain Explorers

Links to blockchain explorers (e.g., Polygonscan) will display your publicly available blockchain data. We have no control over blockchain explorer data practices.
For users in the European Economic Area, United Kingdom, or other jurisdictions requiring specification of legal basis for processing:

17.1 Contractual Necessity

We process the following data to perform our contract with you (Terms of Service):
  • Account registration information
  • Authentication and session data
  • Transaction processing data
  • Platform functionality data

17.2 Legitimate Interests

We process the following data based on legitimate interests:
  • Security and fraud prevention: Detecting abuse, protecting users
  • Platform improvement: Analytics, bug fixes, feature development
  • Customer support: Responding to inquiries, resolving issues
  • Legal compliance: Record-keeping, regulatory reporting
We process the following data based on your consent:
  • Marketing communications (you may withdraw consent anytime)
  • Optional profile enhancements
  • Non-essential cookies and analytics
We process data to comply with legal obligations:
  • Tax reporting requirements
  • Anti-money laundering (AML) obligations
  • Sanctions screening
  • Response to legal process

18. Automated Decision-Making

18.1 Limited Automated Processing

We use limited automated processing for: (a) Fraud detection and risk scoring based on transaction patterns; (b) Enforcement of smart contract limits based on tier status; and (c) Spam and abuse detection using heuristic algorithms.

18.2 No Profiling

We do not engage in profiling (automated processing to evaluate personal aspects) that produces legal effects or similarly significantly affects you, except as disclosed above.

18.3 Right to Human Review

If you believe an automated decision has incorrectly affected your account, you may request human review by contacting us at the email address in Section 14.

19. Interpretation and Definitions

19.1 Definitions

For purposes of this Privacy Policy:
  • “Personal Information” or “Personal Data” means information that identifies, relates to, or could reasonably be linked to you.
  • “Processing” means any operation performed on personal information, including collection, storage, use, disclosure, or deletion.
  • “Third Party” means any person or entity other than you or utilsio.
  • “Service Providers” means third parties who process personal information on our behalf.

19.2 Interpretation

Headings are for convenience only and do not affect interpretation. References to sections include subsections unless otherwise specified. Singular includes plural and vice versa where context requires.

Acknowledgment

BY USING THE PLATFORM, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND CONSENT TO THE COLLECTION, USE, SHARING, AND PROCESSING OF YOUR INFORMATION AS DESCRIBED HEREIN.
Last modified on February 17, 2026