ern-logo

Privacy Policy

This Privacy Policy provides information about how the ern Team ("we", "us", or "our") collects, uses, shares, and otherwise processes your personal information.

You must read this Privacy Policy carefully. By accessing or using the Interface, you acknowledge that you have read, understand, and agree to be bound by this Agreement in its entirety. If you do not agree, you are not permitted to access the Interface or use the Protocol.

By visiting, accessing, or using our Services you acknowledge and agree that you have received and reviewed this Privacy Policy. Please also review the applicable Terms and Conditions, which also apply to the use of our Services.

If you are a resident of the European Economic Area ("EEA") or other country with comprehensive data protection laws, please see the region-specific notice section below for information about your rights under the applicable local data protection laws.

If you have any questions, comments, or concerns please contact us using the methods provided in the "Communication" section of this Privacy Policy below.

Scope

The Protocol operates in a decentralized and permissionless manner. Although we may collect and process information about users on the Interface in accordance with this Privacy Policy, we do not have information about Protocol users beyond what is already publicly available and recorded on the blockchain.

The scope of this Privacy Policy applies to personal information that we collect, use, share, and otherwise process when you:

  • Visit or use our website (the "Interface") or any other website operated by us;
  • Access or use any of our services or functionality we make available through the Interface (the "Services");
  • Communicate with us, such as by sending us an email or other communication method.

This Privacy Policy applies to:

  • Individuals who access or use any of our Services;
  • Visitors to the Interface;
  • Any individuals who communicate with or receive communications from us.

Information Collection

Information You Provide

When you use the Services, we may collect the following information:

  • Correspondence and Content: If you contact us for support or other reasons, you may provide your contact details along with contextual information relevant to your request (for example, wallet type, transaction or token details, device information, or error codes). This information enables us to respond effectively and improve the Services.
  • Voluntary Information: You may also choose to provide us with additional information beyond what we request. In such cases, you are solely responsible for that information.

Information We Collect Automatically

When you interact with the Services, we may automatically collect certain information, including:

  • Wallet Address: We may collect the wallet address you use to connect with the Interface. This may be used, for example, to prevent wallets linked to prohibited activities from accessing the Interface, or to enhance user experience and improve the Services.
  • Usage Data: We may collect data about how you engage with the Interface and Services, such as timestamps of access, pages visited, features or assets interacted with, links clicked, and search queries. This information helps us analyze user activity and make improvements to performance and usability.
  • Device Details: Information about your device—such as device model, operating system, browser type, and screen dimensions—may be collected to help us optimize functionality and address technical issues.

Information We Don't Collect

  • Sensitive Personal Data: We do not deliberately collect sensitive information such as national identification numbers, health data, religious or ethnic details, or similar categories of protected data.

We will not make decisions that create legal or similarly significant effects for you based solely on automated processing of your personal data, unless such processing is reviewed and confirmed to meet requirements under applicable data protection laws.

Cookies & Analytics

We may use cookies and similar technologies to deliver certain features on our Services, remember your preferences, and enhance your overall experience by making the Services more useful and efficient.

The types of cookies we may use include:

  • Essential Cookies: Necessary for the basic operation of the Interface, such as enabling navigation and secure access to certain parts of the site.
  • Performance and Analytics Cookies: Help us understand how visitors interact with the Interface, which allows us to improve performance, reliability, and user experience.
  • Functional Cookies: Support additional features and customization, such as remembering your previous settings.

We may also use analytics tools to better understand how users interact with the Services in an aggregate manner. These tools allow us to gather information about user behavior, preferences, and navigation patterns, which in turn helps us monitor trends, troubleshoot issues, and continually improve the usability and performance of the Services.

Use of Information

Any collected information will be used for legitimate business reasons in accordance with the stated elements of this Policy and. This may include situations where processing is necessary to fulfill a contract, comply with legal or regulatory obligations, or support our own lawful interests or those of third parties with whom we share data. As such, we may use information for purposes including:

  • Service Operation: Delivering the Services to you, responding to inquiries, offering support, sending important updates (e.g., technical notices, security alerts, policy changes, administrative messages), and ensuring compliance with applicable requirements. This also includes preventing and addressing fraud, breaches of our Terms, or other harmful activity.
  • Service Development: Enhancing functionality, refining features, and optimizing user experience, as permitted under applicable law.
  • Security and Compliance: Maintaining the integrity and safety of the Interface, investigating potential misconduct, enforcing our Terms, and meeting legal obligations, including responding to government or regulatory requests.
  • Business Operations: Managing, negotiating, ongoing due diligence or otherwise supporting discussions for any restructuring, acquisition, merger, financing, reorganization, or transfers of our business or its assets.

We may also process and use information that has been aggregated, anonymized, or otherwise stripped of its identifiers for any lawful purpose, unless restricted by applicable law.

Sharing and Disclosure of Information

We may disclose information we collect in line with this Privacy Policy and for the purposes outlined above.

Information may be shared with:

  • Advisors: Professional advisors (such as auditors, accountants, or legal counsel) to ensure compliance with applicable laws and obligations.
  • Third-party service providers: External partners who help us with operations such as fraud monitoring, security, analytics, IT infrastructure, data hosting, and blockchain transaction monitoring. These providers are contractually limited to acting on our instructions and in accordance with this Privacy Policy.
  • Affiliated entities: Our subsidiaries, affiliates, and related companies, either as service providers or for their own internal uses.
  • Regulators and authorities: When required by law, we may share information with governmental or regulatory bodies. In some cases, professional advisors or service providers may be independently obligated to process personal data for their own compliance, in which case they act as separate data controllers.

We may also disclose information that has been aggregated, anonymized, or otherwise stripped of its identifiers for any lawful purpose, unless restricted by applicable law.

Third-Party Sites and Services

Our Interface may include links to external websites, resources or services that are not owned, operated, or otherwise controlled by us ("Third-Party Sites" or "Third-Party Services"). These links are offered solely for your convenience and are not advertisements. They do not represent an endorsement or recommendation by us. Their use and data policies is governed by their own respective Terms and Conditions and Privacy Policies and we are not responsible for the practices, content, or privacy standards of such sites. We strongly encourage you to review these policies before engaging with any external service. We are not responsible for the practices, content, or privacy standards of such sites, and your use of them is governed by their terms of service and privacy policies.

Do Not Track Preferences

Our Interface does not monitor for or behave differently if your browser transmits a "Do Not Track" ("DNT") flag or similar signal. While some Internet browsers may be configured to send a DNT request to the online services that you visit, there is currently no technical consensus among industry participants as to the precise meaning and implementation of DNT functionality.

We do not currently modify our practices when we receive a DNT request from a visitor's browser except as specifically required by law.

Data Security

We take appropriate administrative, organizational, physical, and technical steps designed to protect your personal information against accidental or unlawful loss, theft, misuse, unauthorized access, disclosure, alteration, or destruction. While these measures are intended to provide a reasonable level of protection, no method of transmission over the Internet or method of electronic storage can be guaranteed to be completely secure. Accordingly, we cannot assure or warrant the absolute security of information you provide to us.

Data Retention

We will retain personal data only for as long as is necessary to fulfill the purposes for which it was originally collected, as set out in this Privacy Policy, and in accordance with applicable legal, regulatory, and contractual requirements.

Where you exercise your right to request erasure, we may nevertheless continue to store certain personal data to the extent retention is required or permitted under applicable law, including for the establishment, exercise, or defense of legal claims, to comply with tax or accounting obligations, or for other legitimate business purposes.

We will securely delete or anonymize your personal data once it is no longer needed for these purposes or when retention is no longer legally or operationally justified.

Your Data Protection Rights

Under applicable data protection laws, you may exercise a number of rights in relation to your personal information. These include:

  • Right to be informed – You have the right to receive clear and transparent information about how we collect, use, and share your personal data, including the purposes of processing and your rights in relation to it.
  • Right of access – You can request a copy of the personal data we hold about you, together with details of how it is processed.
  • Right to object to direct marketing – You may at any time ask us to stop using your personal data for direct marketing purposes, and we will respect your request.
  • Right to restrict processing – In certain circumstances, you can request that we limit the way we process your data (for example, while we verify its accuracy or assess an objection you have raised).
  • Right to rectification – If you believe that the personal data we hold about you is incomplete or inaccurate, you can request that it be corrected or updated.
  • Right to object to processing – You may object to the processing of your personal data where we rely on legitimate interests or the performance of a task in the public interest, unless we have compelling legal grounds to continue.
  • Right to be informed of a data breach – You are entitled to be notified without undue delay if a breach of your personal data occurs that is likely to result in a risk to your rights or freedoms.
  • Right to lodge a complaint – You have the right to raise a concern with a data protection supervisory authority, such as the Data Protection Ombudsman of the Cayman Islands.
  • Right to erasure ("right to be forgotten") – In specific circumstances, such as where data is no longer necessary for the purposes for which it was collected or you have withdrawn consent, you may request that we delete your personal data.

International Transfers

Please be aware that information collected through the Services may be transferred to, processed, stored, and used in the Cayman Islands, European Economic Area, the United Kingdom, and other jurisdictions outside of your country of residence. Data protection laws in the Cayman Islands and other jurisdictions may be different from those of your country of residence.

Where your personal data is transferred to a jurisdiction that does not provide an equivalent level of protection under applicable data protection legislation, we shall request that appropriate safeguards are set. This may include implementing contractual protections or other mechanisms required by law to ensure that your data is handled in a manner consistent with applicable data protection standards.

Using the Services or providing us any information implies your acknowledgement and consent to transfers (to and from), processing, usage, sharing, and storage of your information in the jurisdiction of the Cayman Islands and other applicable jurisdictions.

Additional Notice to Data Subjects in the European Area

This section supplements the main Privacy Policy and applies specifically to individuals who are located in the European Economic Area (EEA), the United Kingdom, Switzerland, or in other jurisdictions that apply comprehensive data protection legislation.

For the purposes of the EU General Data Protection Regulation (EU 2016/679) ("GDPR") and equivalent national laws, we act as the "data controller" of your personal information. Within this section, the termpersonal information refers to personal data as defined under Article 4(1) GDPR or the relevant local legislation. If you have questions about our processing practices, or wish to exercise your data protection rights, please reach out to us using the details in the Contact Us section of this Privacy Policy.

Legal Grounds for Processing

We only process your personal data where there is a valid legal basis under applicable law. The lawful grounds that may apply include:

  • Contractual Necessity: We process your data when it is required to fulfill our obligations under the Terms of Service or other applicable agreements with you. Examples include:
    • Enabling your access to and use of the Services;
    • Maintaining and operating the Services in accordance with this Privacy Policy and applicable terms;
    • Providing customer support; and
    • Responding to inquiries, requests, and other communications.
  • Legitimate Interests: We may process personal data where it is necessary to pursue our legitimate business interests, provided those interests are not overridden by your rights or freedoms. These activities may include:
    • Offering customer support and troubleshooting issues;
    • Improving, maintaining, and securing the Services;
    • Personalizing user experience;
    • Sending marketing communications consistent with your preferences;
    • Preventing, detecting, or addressing fraudulent or unlawful activity;
    • Conducting analytics to understand usage patterns; and
    • Establishing, exercising, or defending legal claims.

    If you are based in the EEA, UK, or Switzerland, you may request further details about processing we undertake based on our legitimate interests.

  • Legal Obligations: We may process your personal information to comply with statutory or regulatory requirements to which we are subject.
  • Consent: In cases where consent is required, we will request it before processing. Examples include:
    • Participation in surveys;
    • Receiving certain marketing communications about our Services or other offerings;
    • Use of specific marketing features or optional functionality.

    If you provide consent, you may withdraw it at any time. Withdrawal will not affect processing carried out prior to the withdrawal or processing based on another lawful basis.

Your Data Protection Rights

Under the GDPR and other applicable local data protection laws, the following rights can be applicable:

  • Right to Information: To receive clear explanations about how we collect, use, and share your data.
  • Right of Access: To request a copy of the personal data we hold about you.
  • Right to Rectification: To request corrections to data that is inaccurate or incomplete.
  • Right to Erasure: In certain circumstances, to ask that we delete personal data held about you.
  • Right to Restrict Processing: To request that we temporarily limit the way your data is processed in specific situations.
  • Right to Data Portability: To obtain a copy of your data in a structured, commonly used, machine-readable format and, where feasible, have it transferred to another controller.
  • Right to Object: To object to processing based on legitimate interests, including profiling, or to direct marketing activities.
  • Rights related to Automated Decision-Making: To not be subject to decisions based solely on automated processing (including profiling) that produce legal or similarly significant effects.
  • Right to Withdraw Consent: Where we rely on consent, to revoke it at any time without affecting the lawfulness of processing already carried out.
  • Right to Lodge a Complaint: To raise concerns with your local data protection authority if you believe your rights have been infringed.

Exercising Your Rights

To exercise any of the rights described above, please contact us through the methods listed in the Contact Us section. We respond to all valid requests in line with applicable data protection laws. Please note that these rights may only apply in specific circumstances, and we may need to request further information from you in order to verify your identity before processing your request. This safeguard is intended to prevent unauthorized access to personal data.

If you are located in the EEA, UK, or Switzerland, you also have the right to escalate matters by submitting a complaint to your local supervisory authority. However, we encourage you to contact us first so we can attempt to resolve your concerns amicably.

Children's Privacy

Our Service is intended for general audience and is not targeted at children. To use the Service, you must legally be able to enter into the Agreement in your jurisdiction. We do not knowingly collect or solicit personal information from children.

Amendments or Updates

We reserve the right to update or change this Privacy Policy with a newer amended version. The amendments or updates shall be effective at the time of publication. The continued use the Services such amendments constitute acceptance of the amended Privacy Policy.

We reserve the right, but not the obligation to update the Services at any time, including the removal of services or content for definite or indefinite periods of time, without notice. It is your responsibility to monitor changes in that may affect you.

If you do not agree with any modifications to this Privacy Policy, you must immediately stop accessing and using the Interface.

Communication

For any inquiries about this Privacy Policy, our data practices you may contact us using one of the following channels:

  • Email: contact@ern.app