PRIVACY POLICY

1. INTRODUCTION

This Privacy Policy describes how the E.D.D.I.E. project ("we," "us," "our") collects, uses, and shares information about you when you use our website and interact with the $EDDIE token ecosystem. This policy complies with Swiss Federal Act on Data Protection (FADP), the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).

IMPORTANT: Blockchain transactions are public, permanent, and irreversible. We cannot delete or modify on-chain data.

2. INFORMATION WE COLLECT

2.1 Information Collected Automatically

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent, click patterns, referral sources
• Cookies: Session cookies and analytics cookies (see Cookie Policy)
• Blockchain Data: Wallet addresses and transaction history (publicly visible)

2.2 Information You Provide

• Email address (if you subscribe to updates)
• Wallet address (when connecting to the dApp)
• Any information in support inquiries
• Social media handles (if you engage with us)

2.3 Information We DON'T Collect

• Private keys or seed phrases (NEVER share these with anyone)
• Government identification documents
• Banking or credit card information
• Biometric data

3. HOW WE USE YOUR INFORMATION

We use collected information to:

• Operate and improve the website and services
• Process transactions (on-chain)
• Detect and prevent fraud, abuse, or illegal activities
• Comply with legal obligations
• Send important updates about the project (if subscribed)
• Analyze usage patterns and optimize user experience
• Enforce our Terms of Service

We DO NOT sell your personal information to third parties.

4. LEGAL BASIS FOR PROCESSING

We process your data based on:

• Consent: When you explicitly agree (e.g., newsletter subscription)
• Contract: To provide services you've requested
• Legitimate Interests: To operate our business and ensure security
• Legal Obligations: To comply with applicable laws

5. DATA SHARING AND DISCLOSURE

We may share your information with:

• Service Providers: Hosting, analytics, security services (under strict confidentiality)
• Law Enforcement: When required by law or valid legal process
• Business Transfers: In case of merger, acquisition, or asset sale
• Public Blockchain: Transaction data is publicly visible on-chain

WARNING: Blockchain data is public. Anyone can see your wallet address and transaction history.

6. DATA RETENTION

We retain personal data only as long as necessary for the purposes outlined in this policy, typically:

• Account data: Until you request deletion
• Transaction records: Minimum 10 years (legal requirement)
• Analytics data: 2 years
• Marketing data: Until you unsubscribe
• Blockchain data: Forever (immutable)

7. YOUR RIGHTS

Under GDPR, CCPA, and Swiss law, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure: Request deletion (except where legally required or on blockchain)
• Portability: Receive your data in a portable format
• Object: Object to certain processing
• Restrict: Limit how we use your data
• Withdraw Consent: Where processing is based on consent

To exercise these rights, contact us through official channels. Note: We cannot modify blockchain data.

8. INTERNATIONAL TRANSFERS

Your data may be transferred to and processed in countries outside Switzerland/EU/UK. We ensure appropriate safeguards through:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions
• Your explicit consent

9. SECURITY MEASURES

We implement appropriate technical and organizational measures to protect your data:

• Encryption in transit and at rest
• Access controls and authentication
• Regular security audits
• Incident response procedures
• Employee training and confidentiality agreements

However, no system is 100% secure. You are responsible for keeping your wallet credentials safe.

10. CHILDREN'S PRIVACY

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If we learn we have collected information from a child under 18, we will delete it promptly.

11. THIRD-PARTY LINKS

Our website may contain links to third-party sites. We are not responsible for their privacy practices. Review their policies before providing any information.

12. ANALYTICS AND TRACKING

We use analytics services to understand usage patterns. These services may use cookies and similar technologies. You can opt-out through:

• Browser settings
• Analytics opt-out tools
• Do Not Track settings

13. CALIFORNIA PRIVACY RIGHTS

California residents have additional rights under CCPA:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of sale (we don't sell data)
• Right to non-discrimination for exercising privacy rights

14. UPDATES TO THIS POLICY

We may update this Privacy Policy periodically. Material changes will be notified via website notice or email (if subscribed). Your continued use after changes constitutes acceptance.

15. DATA PROTECTION OFFICER

While not legally required to have a DPO, we take privacy seriously. For privacy inquiries, contact us through official channels. Response times may vary.

16. SUPERVISORY AUTHORITY

You have the right to lodge a complaint with a supervisory authority:

• Switzerland: Federal Data Protection and Information Commissioner (FDPIC)
• EU: Your local Data Protection Authority
• UK: Information Commissioner's Office (ICO)