📖Privacy policy

Protecting the privacy of Oraclez Network participants who engage with our website (accessible at https://Oraclez.xyz) and utilize the Oraclez dApp (accessible at https://dex.oraclez.xyz) is a top priority for us at Oraclez Foundation ("Oraclez Foundation", "we", "us", "our"). We strive to minimize the collection of personal data while ensuring smooth operations and robust security.

This privacy policy is designed to provide clarity on how we handle your personal data when interacting with our Interface. Please read this policy carefully to understand how we manage your data and for what purposes.

This Privacy Policy specifically addresses the processing of personal data when accessing and/or using our Interface (referred to as the "Privacy Policy" or the "Policy"). It applies to all interactions via our Interface and your engagements with us in connection therewith. We encourage you to thoroughly review this Policy to understand how we collect and process data.

Please note that this Privacy Policy does not cover data processing via channels other than the Interface (including any other services or applications provided by third parties). For such cases, we recommend consulting the respective privacy policies.

Data Controller Identity We, Oraclez Foundation, act as the data controller for processing your personal data, determining the "why" and "how" of processing in connection with the Interface. For contact information, please refer to Section 10 (Contact Us) of this Policy.

Categories of Data We Process When interacting with the Interface, we collect the following categories of data:

Data Voluntarily Provided by You When Using the Interface:

Any identification and contact data such as email address, name, and other personal data provided during communication with us (e.g., when contacting our support service, applying for a grant within the Oraclez Foundation Grant Program, or applying to become a contributor). Data related to your Interface usage (e.g., wallet addresses, transaction and balance information accessible during Interface interactions). Personal data necessary for compliance with anti-money laundering (AML), know-your-client (KYC), and know-your-business (KYB) verification requirements (e.g., when registering and completing the Resolver Verification Process). The provision of your personal data may be necessary to grant you access to certain products available via our Interface and/or the information you request. We will inform you when communication of your personal data is necessary.

We do not have access to, and will never ask for, your private keys or wallet seed. Never trust anyone or any application that requests such information.

Data Automatically Collected When You Use the Interface:

We may automatically collect certain data, either directly or through third-party service providers, including:

Data collected by log files, such as IP addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. Analytics and data related to dApp usage (e.g., IP address, MAC address, log files, domain server, usage data, performance data, website security data, traffic patterns, and location information). Behavioral data related to your Interface usage, including interactions with the Interface, viewed content, accessed features, and Interface status (e.g., Website/dApp launches, taps, clicks, scrolling data, etc.). Third-Party Services:

We may integrate services and technologies from third parties into certain Interface functionalities. For example, we utilize Cloudflare’s performance and security infrastructure to proxy between you and the dApp. Consequently, when you initiate a swap request through the dApp, Cloudflare may collect your IP address. Please note that based on this data collection, Cloudflare may block access to the Services. For more information on eligibility requirements for using the Interface, please refer to the Oraclez Network Terms of Use.

Additionally, we utilize the services of several Remote Procedure Call (RPC) providers, such as QuickNode, Fastnode, Aurora Mainnet RPC, and zkSync Era Mainnet, to facilitate swap operations. The selection of the RPC provider is pre-set based on the blockchain network. When you initiate a swap request through our dApp, the RPC provider typically does not collect your IP address. For more information on how third parties may independently collect and process information, we recommend reviewing their privacy policies and associated terms. Please note that we are not responsible for the data protection practices of any third party.

We also employ cookies and similar tracking technologies to automatically collect data from and store information on your device when you interact with our Interface.

We may use Google Analytics to analyze user behavior on the Interface. For more information on how Google Analytics processes your personal data, please refer to the Google Analytics Privacy&Terms.

Additionally, we may use Mixpanel to understand your interactions and preferences on the Interface. To learn more about how Mixpanel processes your personal information, please review the Mixpanel Privacy Program.

If you wish to opt out of automatic data collection, you have the option to disable cookies. For more information on cookies and other tracking technologies, as well as instructions on how to disable them, please refer to Section 7 of this Policy (Cookies and Other Tracking Technologies).

Blockchain Data:

Please note that we are not responsible for (i) your use of Ethereum or any other blockchain, and (ii) the use of your personal data as processed in these decentralized and permissionless blockchain networks. Your private key, which you utilize to access your Ethereum or other blockchain funds and initiate transactions, is stored only on your own device.

You should also be aware that due to the inherent transparency of blockchain networks, transactions approved when using the Interface may be publicly accessible. This includes, but is not limited to, your public sending address, the public address of the receiver, the amount sent or received, and any other data included in a given transaction by a user.

Transactions and addresses available on the blockchain may reveal personal data about the user’s identity, and such personal data can potentially be correlated now or in the future by any party choosing to do so, including law enforcement.

We encourage you to understand how privacy and transparency on the blockchain network function.

How and Why We Use Your Personal Data The following table outlines the various purposes for which we may process your personal data and the corresponding legal basis:

Purpose Legal Basis Categories of Data Concerned To provide the Interface, assess, analyze, and improve performance, and perform maintenance. Legitimate interest to optimize tools and ensure user satisfaction. Personal data provided and automatically collected when using the Interface. To manage our contractual relationship with you and fulfill contractual obligations. Necessity of contract performance or to enter into a contract with you. Personal data provided and automatically collected when using the Interface. To communicate with you, answer queries, and provide support. Legitimate interest to ensure proper communication. Personal data provided and automatically collected when using the Interface. To maintain a secure environment and ensure compliance with laws. Legitimate interest to ensure compliance and security. Personal data provided and automatically collected when using the Interface. To manage disputes with you or third parties. Legitimate interest to defend our interests. Personal data provided and automatically collected when using the Interface. To comply with legal and regulatory obligations. Necessary for compliance with legal obligations. Personal data provided and automatically collected when using the Interface. Please note that we will not process your personal data for any purpose incompatible with the ones listed above.

Sharing Your Personal Data In the course of processing your personal data in accordance with this Policy, we may disclose your personal data to the following recipients, if necessary:

Our subsidiaries or affiliates, if any, only if necessary for operational purposes. Oraclez Limited, as a key contributor to the Oraclez Network, only if necessary for development and enhancement of Interface products and features. Other third-party service providers, external suppliers, contractors, and agents to the extent they assist us in carrying out the purposes set out in this Policy. Competent courts, public authorities, government agencies, and law enforcement agencies to the extent required by law or if we have a good-faith belief that such disclosure is necessary to comply with official investigations or legal proceedings. Third parties in connection with a merger, division, restructuring, change of control, bankruptcy, or other organizational change. Third parties that may collect your personal data on our Interface via cookies, web beacons, and similar tracking technologies, subject to your prior consent. Third-party business partners to assist in investigations, including into known cybersecurity breaches or cyber-hacks, or in cases of serious crimes likely to affect Interface users. In such cases, we disclose information only to trusted business partners based on the duration and quality of our business relationship, the partner's reputation and regulatory status, and the requirements of the applicable data protection legal framework. We communicate your personal data only if we have sufficient legitimate interest to do so. We communicate your personal data to any recipient on a need-to-know basis and only when the processing by the recipient is strictly limited to the purposes identified in this Policy. We do not sell your personal data.

Transfer of Personal Data As we operate globally, we may process your personal data worldwide where our facilities or providers are located. Therefore, for processing your personal data as described in this Policy, we may transfer your personal data outside Asia.

In such cases, we implement appropriate transfer mechanisms and safeguards to ensure that the personal data transferred benefits from the same level of protection within Asia. In practice, each transfer is based on at least one of the following mechanisms:

An adequacy decision issued by the Asian Commission for the country receiving your personal data. Standard contractual clauses adopted by the Asian Commission. An exemption linked to specific situations provided for by the General Data Protection Regulation n°2016/679 ("GDPR"). For more information on transfer mechanisms and safeguards, please contact us (see Section 10 of this Policy).

Data Retention Period We retain your personal data only for as long as necessary for the purposes for which it was collected, as specified in this Policy and in accordance with applicable laws.

Retention periods may vary depending on the purpose of processing your personal data. We consider factors such as the category and amount of personal data, potential risks from unauthorized access or disclosure, specific processing purposes, availability of alternative means to achieve those purposes, and applicable legal requirements.

We also retain personal data to comply with legal and regulatory obligations. Sometimes, business and legal requirements necessitate retaining certain data for specific purposes for an extended period (e.g., to comply with AML compliance requirements or record-keeping obligations imposed by applicable laws).

In some cases, we may anonymize personal information so that it cannot identify you. In such instances, we may use this information indefinitely without further notice to you.

Cookies and Other Tracking Technologies Cookies and similar tracking technologies, such as "Flash" cookies, "local storage", etc., are text files that may be stored on your devices when you visit an online service like an application or a website. Cookies store information on the user's device for later access.

As you interact with the Interface, various types of cookies may be placed on your device, and we may request your consent to use them. These cookies may be placed directly by us or by third parties. The data we automatically collect includes statistical and performance information arising from your Interface usage, which we use only in an aggregated or anonymized manner.

Apart from cookies necessary for Interface functioning, you are free to refuse cookie placement on your device at any time. If you choose not to accept cookies when prompted, a refusal cookie will be stored on your device to track your preference. Deleting this cookie will remove your refusal preference. Similarly, if you consent to accept cookies, a consent cookie will be placed on your device.

You can disable cookies through your individual browser options. Browser settings vary, and instructions are available in the browser's help menu. For example:

In Microsoft Edge, refer to this link. In Safari, refer to this link. In Chrome, refer to this link. In Firefox, refer to this link. In Opera, refer to this link. To disable Google Analytics cookies, you can use this hyperlink to download the Google Analytics Opt-Out Browser Add-on. Additionally, www.allaboutcookies.org offers further information on managing your cookies preferences.

Your Rights Under applicable personal data protection regulations, including the GDPR, you have the following rights: access, rectification, deletion, objection, restriction of processing, and data portability of your personal data.

Some rights are subject to specific conditions outlined in the applicable personal data protection regulations. If your situation does not meet these conditions, we may be unable to fulfill your request, in which case we will provide reasons for our refusal.

Right of Access: You may request access to your personal data at any time. We will provide you with a copy of the personal data we hold about you and information on its processing. Right of Rectification: You can ask us to correct or complete any inaccurate or incomplete personal data in our possession. Right to Erasure / to Be Forgotten: You may request deletion of your personal data if it is no longer necessary for the processing we conduct. We will make every effort to comply with your request, but legal requirements or the need to establish, exercise, or defend our rights may necessitate retaining some or all of your personal data. Right to Restriction of Processing: You may request that we temporarily halt processing your personal data based on your particular situation. For instance, if you dispute the accuracy of your personal data or object to its processing, we may suspend processing until we verify and address your concerns. Right to Data Portability: You may request portability of personal data you provided us with. Upon request, we will provide your personal data in a readable and structured format for easy reuse. This right applies only to personal data you provided or that resulted from your Interface activity, provided its disclosure does not infringe third-party rights. If we cannot fulfill your request, we will explain why. Right to Object: You may object at any time to the use of your personal data based on your particular situation. We will cease processing your personal data unless compelling legitimate grounds override your objection. If we cannot comply, we will provide reasons. You may also object to the processing of your personal data for marketing purposes. Right to Withdraw Consent: You have the right to withdraw consent for processing your personal data based on consent at any time. Withdrawal of consent prevents further processing of your personal data but does not affect prior lawful processing. Specific rights granted may vary depending on your country's applicable law. Contact us if you have questions about your rights.

Keep in mind that many blockchains allow forensic analysis, which may lead to deanonymization and unintentional personal data exposure, especially when combined with other data. As we do not control or operate decentralized or third-party blockchain networks, we cannot erase, modify, or alter your personal data on such networks.

How to Exercise Your Rights To exercise your rights, contact us using the information provided in Section 10 of this Policy (Contact Us). For efficient processing, we may request additional information to confirm your identity or locate related personal data.

You may lodge complaints with data protection regulators in one or more Asian countries. Find a list of data protection authorities in Asia here.

Contact Us If you have questions about processing your personal data under this Policy, including exercising your rights, email us at [email protected].

Changes to this Privacy Policy

We review this Policy regularly to ensure compliance with applicable data protection regulations. Updates will be posted on this page, with changes taking effect upon posting or on a specified effective date, if any. Your continued Interface access and usage indicate acknowledgment and acceptance of the updated Privacy Policy.