ENEFTRO

Introduction

This Privacy Policy governs the practices of how EVOMINTER LTD (referred to herein as "Eneftro", "we", "our", "ours" or "us") collects, uses, transfers, and shares personal information related to the use of our Services by our Users (referred to herein as "you", "your", or "yours"). This Policy is designed to ensure the transparent, lawful, equitable, and secure management of the personal data of our Users.

Our Privacy Policy explains the kind of personal data we gather through Services, which include services you access through Eneftro websites and any other sites associated with Eneftro (collectively referred to as "the Website"), Eneftro applications and software, including the self-custodial wallets, web applications, mobile applications, trading platform, exchange systems, and any other applications and software associated with Eneftro (collectively referred to as "the Exchange"), as well as all products, smart contracts, protocols, and the issuance and management of non-fungible tokens (NFTs).

For inquiries related to this Privacy Policy, data collection and usage, data disclosure, and sharing, or any other concerns or requests related to your personal data, please contact us at [email protected]

1. Definitions

• Personal Data: Any information that relates to an identified or identifiable natural person. This includes details like names, addresses, email addresses, identification numbers, IP addresses or cookie identifiers.
• Data Subject: The person who the personal data is about, or their representative. In simpler terms, it is you or any other individual whose personal information is being collected and processed.
• Data Controller: The entity who determines the purposes and means of processing personal data. In this case, it would be us.
• Data Processor: The entity that processes personal data on behalf of the data controller. These are vendors and partners we collaborate with.

2. Information of the Data Controller

For Users residing in the British Virgin Islands: Eneftro is the sole controller of your personal data under the British Virgin Islands Data Protection Act 2021 ("DPA"). As the sole controller, Eneftro is responsible for providing you with relevant information regarding data processing and responding to your requests and inquiries.

3. Information We Collect

Due to the decentralized nature of our Services, we strive to collect as little personal information from you as possible, minimizing it to the information strictly necessary to provide our Services.

We will never request information related to your racial or ethnic background, personal life, sexual orientation, political views, philosophical or religious beliefs, biometric or genetic data, or trade union membership.

Information that You Provide

• Basic User Data: Email address
• Verification Data: Photo of identification document, Face photo
• Location Data: GPS coordinates, Location history, Wi-Fi access point data, IP addresses
• Wallet Data: Wallet address
• Usage Data: Website or Exchange usage patterns, Session durations, Pages visited, Clickstream data
• Communications Data: Information provided through our official communication channels

Information from Third Parties

• Blockchain Data: Publicly available blockchain data to monitor and detect illegal activities
• Analytics Data: Information from analytics partners to help us understand how you use our Services
• Research Data: Pseudonymized information from third-party providers conducting research

Information Collected Automatically

• Device Data: Device characteristics, Operating system information, Browser type, IP addresses
• Activity Data: Clickstream information
• Troubleshooting Data: Crash logs, timestamps, performance logs, error messages
• Cookies Data: Information received from the use of cookies

4. How We Use Your Data

You understand and agree that by creating an Account and using our Services, you expressly consent to the collection and processing of your data in accordance with this Policy. Your consent is obtained through an explicit opt-in mechanism during the registration process.

Purposes of Data Use

• Creating your Eneftro Account: To ensure your access to and use of our Services
• Providing and Maintaining Services: Managing operation and maintenance of our Services
• Providing Customer Support: Communicating with you for support and responding to inquiries
• Sending Notifications: Providing information regarding changes and updates to the Services
• Ensuring Safety and Security: Promoting safety, security, and integrity through protective measures
• Service Improvement: Continuously improving quality, performance, and features
• Research and Development: Developing new features and functionalities
• Compliance: Ensuring compliance with relevant laws and regulations including anti-money laundering

5. How We Share Your Data

We do not share or sell any information for purposes of economic gain; however, there will be times in which we will have to disclose your personal information to a third party such as:

• We have obtained your clear and written authorization first.
• It is necessary to comply with any lawful legal action and/or is required by authorities.
• We employ the services of a third party to help us provide our online services.

Third-Party Vendors and Service Providers

• OpenZeppelin: Smart contract libraries, security standards, and upgradeable frameworks
• MoonPay: Fiat on-ramp provider for credit card and payment methods
• Pinata: Decentralized storage solutions (IPFS) for NFT metadata
• MetaMask / WalletConnect: Wallet service partners for user authentication

6. How Your Data Is Secured

We consider the security of your personal information to be of paramount importance. We employ a range of technical, organizational, and administrative measures:

• Data encryption: SSL/TLS encryption protocols to protect data during transmission and storage
• Role-based access controls: Restricted access to authorized personnel only
• Smart contract security: OpenZeppelin audited frameworks
• Regular audits and updates: To identify and mitigate potential vulnerabilities
• Data minimization: Collecting only the minimum amount of personal information necessary

If you have concerns about the security of your data, please contact us at [email protected]

7. Data Retention

Your personal information is held and stored securely for the duration of your active account with us. We are committed to retaining your personal information only for the period necessary to fulfill the specific purposes for which it was collected. Retention periods will not exceed 10 years after the original purpose of collection has been achieved. After this period, your personal data will only be retained if it has been anonymized.

8. Data Breach Policy

In the event of a data breach, we maintain a formal incident response protocol designed to ensure timely and effective action. This protocol includes the immediate isolation of affected systems, the conduct of forensic investigations, and the implementation of remedial measures. Where personal data is impacted, affected users and regulators will be notified without undue delay, in compliance with the DPA.

9. Your Rights as Data Subject

As a User of our Services, you have certain rights regarding the personal data that we collect and use:

• Right to Access: You have the right to request access to the personal data we hold about you.
• Right to Rectification: You have the right to request the correction or completion of inaccurate or incomplete data.
• Right to Erasure (Right to Be Forgotten): You have the right to request the deletion of your personal data under certain circumstances.
• Right to Prevent Processing for Direct Marketing: You have the right to request that we stop processing your personal data for direct marketing purposes.

To exercise any of these rights, please contact us via our official communication channels. Upon receiving a written request, we will inform you in writing within thirty (30) days whether access to the personal data will be granted.

10. Cookie Policy

What is a cookie?

Cookies are small pieces of text sent by your web browser when you visit our Website. Cookies may store user preferences and other information. They provide a convenience feature to save you time or tell the Web server that you have returned to a specific page.

Types of Cookies We Use

• Essential cookies: Strictly necessary for the proper functioning of the Website and provide basic functionalities such as page navigation.
• Functional cookies: Used to enhance website functionality and provide personalized features.
• Analytics cookies: Used to gather information about Website usage and traffic patterns.

How You May Control and Delete Cookies

You have a right to change the categories of cookies you consented to, withdraw your consent, or refuse to accept cookies altogether. You may choose to block all cookies by accessing the relevant feature in your browser. Please note that if you choose to block all cookies, some functionalities of our Exchange may become unavailable to you.

11. Policy Changes and Contact Details

We may periodically update this Privacy Policy to reflect changes in our data processing practices, legal requirements, or to improve transparency and clarity. When we make significant changes, we will notify you through the Website interface as well as via email associated with your account.

For any inquiries, requests, or concerns related to this Privacy Policy or our data processing practices, you may submit written notifications at [email protected]