Data Protection

Privacy Policy

Your privacy is paramount. Learn how Web3 Asset Security handles your data, protects your information, and maintains the confidentiality of your digital assets.

Effective Date: Nov 12, 2025 GDPR & CCPA Compliant

1. Introduction

Web3 Asset Security ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our self-custody wallet platform, website, and related services (collectively, the "Services").

As a self-custody platform, we prioritize the principle of data minimization. We do not have access to your private keys, seed phrases, or the contents of your cryptocurrency wallets. However, to provide security monitoring and comply with legal obligations, we may collect certain personal information and metadata.

Key Privacy Principle: We cannot access your funds or transaction contents. Your private keys never leave your device, and we maintain a strict "zero-knowledge" architecture regarding your wallet credentials.

2. Information We Collect

2.1 Personal Information

We collect personal information only when necessary for security verification or legal compliance:

Contact Information

Email address provided during support requests or account recovery setups.

Identity Verification

Government-issued ID documents provided only during mandatory verification protocols.

Device Information

IP address, device type, operating system, browser type, and device identifiers.

Usage Data

Interaction patterns, feature usage, and security event logs (not transaction contents).

2.2 Blockchain Information

While we provide tools to interact with blockchain networks, we do not control the blockchains themselves. Public blockchain data (wallet addresses, transaction hashes, and on-chain metadata) is publicly available and not considered private personal information under this policy.

2.3 What We Do NOT Collect

  • Private keys or seed phrases (stored only on your device)
  • Wallet passwords or PINs
  • Contents of encrypted transactions
  • Financial account information (bank accounts, credit cards)

3. How We Use Your Information

We use collected information for the following purposes:

Security & Fraud Prevention

Detecting irregularities, unauthorized access attempts, and suspicious transaction patterns. This includes our Asset Verification Protocol to protect against account compromise.

Service Provision

Maintaining your account, providing customer support, and ensuring the technical functionality of our self-custody infrastructure.

Legal Compliance

Complying with applicable laws, regulations, legal processes, or enforceable governmental requests.

Platform Improvement

Analyzing usage trends to improve user experience and develop new security features (using anonymized data only).

4. Blockchain Data & Immutability

Blockchain technology operates on principles of transparency and immutability. When you use our Services to interact with blockchain networks:

  • Public Ledger: All transactions on public blockchains (Ethereum, Bitcoin, Solana, etc.) are recorded on public ledgers visible to anyone. This includes wallet addresses, transaction amounts, and timestamps.
  • Irreversibility: Once confirmed, blockchain transactions cannot be deleted or modified by us or anyone else. This is a fundamental property of decentralized networks, not a limitation of our Services.
  • Pseudonymity: While wallet addresses don't directly reveal your identity, blockchain analysis may potentially link addresses to individuals. We recommend using privacy best practices.

Important: We cannot delete, modify, or censor blockchain data, even if requested. Data on the blockchain exists independently of Web3 Asset Security.

5. Data Security Measures

We implement enterprise-grade security measures to protect your personal information:

  • Encryption: All data in transit uses TLS 1.3 encryption. Sensitive data at rest is encrypted using AES-256.
  • MPC Architecture: Our Multi-Party Computation system ensures no single point of failure can compromise security metadata.
  • Access Controls: Strict role-based access controls limit employee access to personal data. All access is logged and monitored.
  • Regular Audits: We conduct regular security audits and penetration testing by third-party specialists.
  • Anonymization: Where possible, we anonymize or pseudonymize data used for analytics.

Despite these measures, no internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security but commit to promptly notifying you of any data breaches as required by law.

6. Third-Party Services

We may share limited data with trusted third-party service providers who assist in operating our platform:

Service Type Purpose Data Shared
Security Analytics Threat detection and fraud prevention IP addresses, device fingerprints
Cloud Infrastructure Hosting and data storage Encrypted user data
Customer Support Support ticket management Email addresses, inquiry content
Identity Verification KYC/AML compliance checks ID documents (only during verification)

We require all third parties to maintain appropriate security measures and prohibit them from using your data for purposes other than providing services to us.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for basic platform functionality, security authentication, and session management.
  • Analytics Cookies: Help us understand how visitors interact with our website (can be disabled).
  • Preference Cookies: Remember your settings and preferences for future visits.

You can control cookies through your browser settings. Note that disabling essential cookies may affect platform functionality.

8. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Access & Portability

Request copies of your personal data in a structured, machine-readable format.

Correction

Request correction of inaccurate or incomplete personal information.

Deletion

Request deletion of your personal data, subject to legal retention requirements.

Restriction

Request limitation of processing under specific circumstances.

To exercise these rights, contact us at support@web3assetsecurity.com. We will respond within 30 days as required by applicable law.

9. Data Retention

We retain personal information only as long as necessary to fulfill the purposes outlined in this policy:

  • Account Information: Retained while your account is active plus 7 years after closure for legal compliance.
  • Verification Documents: ID documents are retained for 5 years following submission to comply with AML regulations.
  • Security Logs: IP addresses and device data retained for 12 months for fraud prevention.
  • Support Communications: Retained for 3 years to maintain service quality records.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact our Data Protection Officer:

Privacy Inquiries

support@web3assetsecurity.com

We respond to all privacy-related inquiries within 48 hours.

For general support, visit our Support Center. Always ensure you are communicating through our official domain to avoid phishing attempts.

By continuing to use Web3 Asset Security, you acknowledge that you have read and understood this Privacy Policy.