Privacy Policy

3.1 Information Automatically Collected

3.2 Information You Provide

3.3 Information We DO NOT Collect

• Private keys or seed phrases
• Government-issued identification
• Bank account or credit card information
• Sensitive personal data (health, biometric, etc.)
• Know Your Customer (KYC) information

We operate on DeFi principles and do not require or collect traditional identity verification.

4.1 Blockchain Data Uses

• Protocol Operation: Executing smart contract functions
• Security Monitoring: Detecting potential exploits and anomalies
• Analytics: Aggregating protocol metrics (TVL, usage statistics)
• User Interface: Displaying positions and transaction history

These uses are inherent to DeFi protocol operation.

4.2 Off-Chain Data Uses

• Service Provision: Operating our website and interfaces
• Communications: Responding to user inquiries
• Security: Preventing fraud and unauthorized access
• Legal Compliance: Meeting regulatory requirements
• Development: Improving service functionality
• Analytics: Understanding usage patterns

All data use is limited to operational necessities.

6.1 Public Blockchain Data

All blockchain interactions are permanently public and accessible to:

• Any party viewing the blockchain
• Block explorers and analytics platforms
• Other protocols and smart contracts
• Researchers and data aggregators

This is an immutable characteristic of blockchain technology.

6.2 Third-Party Service Providers

We engage limited third-party services for:

• Infrastructure: Cloud hosting and content delivery networks
• Analytics: Privacy-focused analytics tools
• Security: Audit firms and monitoring services
• Communication: Email service providers (for user correspondence only)

Data sharing is strictly limited to operational requirements.

6.3 Legal and Compliance

We may disclose information when:

• Required by valid legal process
• Necessary to comply with applicable laws
• Required to protect safety or prevent harm
• Necessary to enforce our Terms of Use

We will resist overly broad requests and notify users when legally permitted.

6.4 Business Transfers

In the event of merger, acquisition, or asset sale, user information may transfer to the successor entity. Users will be notified of any such transfer.

6.5 Aggregated Data

We may share anonymized, aggregated statistics that cannot identify individual users.

7.1 Blockchain Data

On-chain data is permanent and immutable. We cannot delete blockchain records.

7.2 Off-Chain Data

• Website Analytics: Generally retained for 24 months
• Communication Records: Retained for legitimate business purposes or as legally required
• Technical Logs: Typically retained for 90 days for security purposes
• Cookies: Session cookies expire when browser closes; persistent cookies as specified

8.1 Technical Measures

• Encryption in transit (TLS/SSL)
• Encryption at rest for sensitive data
• Regular security audits of smart contracts
• Access controls and authentication
• Regular security updates and patches

8.2 Organizational Measures

• Limited access on need-to-know basis
• Confidentiality agreements with team members
• Security training and awareness
• Incident response procedures
• Regular security assessments

8.3 Limitations

Despite our measures, no system is completely secure. We cannot guarantee absolute security of your information. Blockchain data is inherently public and permanent.

10.1 Blockchain Data Rights

Due to the immutable nature of blockchain technology, we cannot:

• Delete or modify on-chain transactions
• Make blockchain activity private
• Alter transaction history
• Remove wallet addresses from the blockchain

These limitations are inherent to blockchain technology, not policy choices.

10.2 Off-Chain Data Rights

For off-chain data, you may have the right to:

• Access: Request information about data we hold
• Correction: Request correction of inaccurate data
• Deletion: Request deletion (subject to legal retention requirements)
• Portability: Receive your data in a structured format
• Objection: Object to certain processing activities

The availability of these rights depends on your jurisdiction.

10.3 Exercising Your Rights

To exercise any available rights, contact us at hello@ayeteasea.com. We will verify your identity before processing requests.

10.4 Cookie Preferences

You may control cookies through browser settings. Disabling cookies may affect website functionality but will not prevent protocol use.

14.1 Marketing

We do not sell, rent, or trade your personal information for marketing purposes. We may send service-related communications if you've provided contact information.

14.2 Opting Out

You may opt out of communications by:

• Following unsubscribe links in emails
• Contacting us directly at hello@ayeteasea.com

17.1 Wallet Privacy

• Blockchain transactions create permanent linkages between activities
• Using the same wallet across protocols reduces privacy
• Consider using separate wallets for different purposes
• All transaction history remains permanently traceable

17.2 MEV and Front-Running

• Pending transactions are visible in the public mempool
• This visibility may enable front-running attempts
• Consider using MEV protection services if required
• This is standard for decentralized exchange operations

17.3 Compliance Tools

• Blockchain analytics firms actively monitor and categorize wallet activity
• Centralized exchanges may use these tools for compliance decisions
• DeFi activity may impact access to centralized services
• This reflects current regulatory and compliance practices

19.1 European Economic Area (EEA) and United Kingdom

If you are located in the EEA or UK, you have additional rights under GDPR/UK GDPR:

• Right to lodge complaints with supervisory authorities
• Right to withdraw consent (though this may limit service access)
• Right to object to processing based on legitimate interests
• Right to restriction of processing
• Enhanced rights regarding automated decision-making

Our lawful bases for processing are outlined in Section 5.

19.2 California Residents (CCPA/CPRA)

California residents have additional rights including:

• Right to know categories of personal information collected
• Right to deletion (subject to exceptions)
• Right to opt-out of sale (we do not sell personal information)
• Right to non-discrimination for exercising privacy rights
• Right to correct inaccurate information
• Right to limit use of sensitive personal information (we do not collect such information)

19.3 Other U.S. States

Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws have similar rights to access, deletion, correction, and portability as provided under applicable state law.

19.4 Asia-Pacific

• Singapore: We comply with the Personal Data Protection Act (PDPA)
• Japan: We respect rights under the Act on Protection of Personal Information (APPI)
• South Korea: We comply with the Personal Information Protection Act (PIPA)
• Australia: We respect rights under the Privacy Act and Australian Privacy Principles

19.5 Middle East and Africa

• UAE: We comply with Federal Decree-Law No. 45 of 2021
• Saudi Arabia: We respect the Personal Data Protection Law (PDPL)
• South Africa: We comply with the Protection of Personal Information Act (POPIA) where applicable

19.6 General Compliance

We strive to comply with applicable data protection laws in all jurisdictions where our Services are accessed. The specific rights available to you depend on your location.