Legal

Privacy Policy

Last updated: 12 May 2025

Effective date: 12 May 2025

SwapBlok ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share information when you use our website, platform, and Protocol (collectively, the "Services"). By using the Services, you consent to the practices described in this Policy.

Because SwapBlok is a non-custodial, decentralised protocol, we do not hold or control your digital assets, private keys, or wallet credentials at any time. The nature of blockchain technology means that certain data — including wallet addresses and transaction records — is publicly visible on-chain and outside our control.

1. Data Controller

SwapBlok acts as the data controller for personal information collected through the website and contact forms. For enquiries relating to this Policy or your personal data, please contact us via our contact page.

2. Information We Collect

2.1 Information You Provide

When you contact us through our contact form or other communications, we may collect:

  • Your name and email address (required)
  • Contact telephone number (optional)
  • Business or company name (optional)
  • The content of your message or enquiry
  • The nature of your enquiry (e.g. business, technical support)

2.2 Information Collected Automatically

When you access the Services, we or our third-party service providers may automatically collect:

  • IP address and approximate geolocation (country/region level)
  • Browser type, version, and operating system
  • Referring URL and pages visited
  • Date, time, and duration of access
  • Device identifiers

2.3 Blockchain and On-Chain Data

When you connect a wallet and interact with the Protocol, your public wallet address and all associated on-chain transactions are recorded on public blockchains. This data is inherently public and immutable. We do not control or have the ability to delete blockchain data. We may analyse on-chain data for protocol security, analytics, and abuse prevention purposes.

2.4 Information We Do Not Collect

SwapBlok does not collect:

  • Private keys, seed phrases, or wallet passwords — ever
  • Government-issued identification documents (unless required by law)
  • Financial account information beyond public on-chain data
  • Biometric data

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to enquiries and provide customer support
  • To operate, maintain, and improve the Services
  • To monitor for fraudulent, abusive, or unlawful activity
  • To comply with legal obligations, court orders, and regulatory requirements
  • To enforce our Terms of Service
  • To conduct analytics on usage patterns in anonymised or aggregated form
  • To send service-related communications (not marketing) where you have engaged with us

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects without your explicit consent.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and United Kingdom, we process personal data on the following legal bases:

  • Contract performance: to provide the Services you have requested
  • Legitimate interests: to operate, secure, and improve the Protocol; to prevent fraud and abuse
  • Legal obligation: to comply with applicable laws and regulatory requirements
  • Consent: where you have provided explicit consent (e.g. optional analytics cookies); you may withdraw consent at any time

5. Cookies and Tracking Technologies

5.1 Essential Cookies

We use strictly necessary cookies to enable core functions of the website such as security, session management, and accessibility preferences. These cannot be disabled without affecting site functionality.

5.2 Analytics Cookies

With your consent, we may use privacy-respecting analytics tools (such as anonymised event tracking) to understand how users interact with the Services. We do not use Google Analytics or other surveillance-grade analytics without a consent mechanism. You may opt out of analytics cookies at any time via your browser settings.

5.3 No Advertising Cookies

We do not use advertising, retargeting, or cross-site tracking cookies. We do not sell or share your browsing data with advertisers.

6. Sharing of Information

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

  • Service providers: trusted third parties who assist us in operating the Services (e.g. hosting providers, email delivery), bound by confidentiality obligations
  • Legal compliance: where required by law, court order, or to respond to lawful requests from regulatory authorities
  • Safety and security: where disclosure is necessary to protect the rights, property, or safety of SwapBlok, our users, or the public
  • Business transfers: in connection with a merger, acquisition, or sale of assets, where the acquirer agrees to honour this Privacy Policy
  • With your consent: where you have explicitly authorised sharing for a specific purpose

7. Data Retention

We retain your personal data only for as long as necessary for the purposes set out in this Policy:

  • Contact form submissions: retained for up to 24 months to facilitate follow-up and record-keeping, then deleted or anonymised
  • Technical logs and IP addresses: retained for up to 90 days for security and fraud prevention purposes
  • On-chain data: permanent, public, and outside our control
  • Where required by law (e.g. anti-money laundering regulations): retained for the statutory period, typically 5–7 years

You may request deletion of your personal data at any time (see Your Rights below). We will honour deletion requests subject to our legal obligations.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These include encrypted data transmission (TLS), access controls, and regular security reviews.

However, no method of electronic storage or transmission is 100% secure. You acknowledge that you provide personal information at your own risk. We will notify affected individuals and relevant authorities of data breaches as required by applicable law.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of access: to request a copy of the personal data we hold about you
  • Right to rectification: to request correction of inaccurate or incomplete data
  • Right to erasure ("right to be forgotten"): to request deletion of your personal data, subject to legal obligations
  • Right to restriction of processing: to request that we limit processing of your data in certain circumstances
  • Right to data portability: to receive your data in a structured, machine-readable format
  • Right to object: to object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: where processing is based on consent, to withdraw it at any time without affecting prior processing
  • Right to lodge a complaint: with your national data protection authority (e.g. the UK ICO or a relevant EU supervisory authority)

To exercise any of these rights, please contact us via our contact page. We will respond within 30 days. We may need to verify your identity before fulfilling certain requests.

10. International Data Transfers

Your data may be processed in countries outside your country of residence. Where we transfer personal data from the EEA or UK to countries without an adequacy decision, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent mechanisms approved under applicable data protection law.

11. Third-Party Links and Services

The Services may contain links to third-party websites, protocols, or services. This Policy does not apply to those third parties. We are not responsible for the privacy practices of external sites or protocols. We encourage you to review the privacy policies of any third-party services you interact with, including external blockchain networks, wallets, and decentralised applications.

12. Children's Privacy

The Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will take steps to delete such data.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised "Last updated" date. Where changes are material, we will take reasonable steps to notify you. Your continued use of the Services after changes are posted constitutes your acceptance of the revised Policy.

14. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us via our contact page.