🔒 Privacy Policy — Chaiger Ecosystem
Version 1.0 • Effective Date: 2025-08-16
PRIVACY POLICY Version: 1.0 • Effective Date: 2025-08-16 • Last Update: 2025-10-10 SCOPE Applies to the Chaiger Ecosystem website/app, smart contracts, and integrations, including compatible wallets (e.g., MetaMask). We do not collect seed phrases or private keys. ROLES AND DEFINITIONS a) “Controller”: Chaiger Ecosystem. b) “Processors/Sub-processors”: providers listed in Section 12. c) “Personal Data”: information relating to an identified/identifiable person. d) Laws: GDPR (EU), LGPD (BR), CCPA/CPRA (CA-USA), LPD (CH), and equivalents. LEGAL BASES (GDPR/LGPD) — Performance of contract/pre-contractual measures (usage, support). — Legitimate interest (security, abuse prevention, aggregated metrics). — Legal obligation (AML/CTF & Sanctions). — Consent (non-essential cookies/SDKs, marketing where required). — Regular exercise of rights and defense in legal proceedings. DATA WE PROCESS a) Network metadata: approximate IP, user-agent, language, timezone, logs. b) Public wallet and related on-chain activities (addresses, transactions, permissions). c) Optional account (if created): email/handle, preferences. d) KYC/KYB (when applicable): name, ID, selfie/liveness, proof of address, corporate data. e) Support: messages/attachments. f) Cookies/SDKs: see Cookie Policy. PURPOSES — Operate features (game, redemption of 1 NFT via Paws in Phase 1, staking, marketplace, affiliates). — Security/integrity (fraud detection, anti-sybil and anti-abuse in redemption/conversions). — Compliance (AML/CTF, legal orders, sanctions). — Service communication and updates to Terms. — Aggregated analytics and product improvements. — Phase 2 (conditional): operate possible conversions when enabled, including eligibility validations (KYC/KYB, sanctions), without creating an economic profile for credit. DATA SUBJECT RIGHTS Access, correction, portability, deletion, restriction, objection, withdrawal of consent, and information on sharing. How to exercise: <Form URL> or <DPO email>. Applicable legal timeframes. CCPA/CPRA: right to know, delete, correct, opt-out of “sale/share”, limit sensitive data. GPC honored where feasible. RETENTION Periods linked to purposes/legal requirements (e.g., AML up to 10 years). Security logs: 12–24 months; inactive accounts: deletion/anonymization after 24 months unless legally required otherwise. INTERNATIONAL TRANSFERS SCCs (EU), LGPD addenda, and additional safeguards. Provider countries/locations: Section 12. SECURITY Encryption in transit/at rest, environment segregation, access controls, audit trails, vulnerability scanning. Significant incidents will be notified in accordance with applicable law. CHILDREN/TEENS Service for 18+. We do not knowingly collect data from minors. SHARING — Operators: KYC, analytics, cloud, monitoring, on/off-ramp (Phase 2, when applicable). — Authorities/legal orders when required. — Corporate transfers (merger/reorganization) with safeguards. We do not sell personal data in the traditional sense; CPRA “sale/share” for cross-advertising is opt-out (Section 6). COOKIES/SDKs Details in the Cookie Policy. Consent manager: <provider>. CHANGES We will publish changes with notice on the site/app. Archived versions: <URL>. INCORPORATED DOCUMENTS Terms of Use, Cookie Policy, AML/CTF & Sanctions Policy, Risk Disclosure.