Privacy Policy

This website-hosted user interface (the "Interface") is made available by NT Labs Limited, a company organized under the laws of the British Virgin Islands ("the Company," "we," "us," or "our").

This Privacy Policy (the "Policy") describes how we may collect, use, store, and disclose information in connection with the Company's websites and applications that present this Policy, including Hashmarket, related web or mobile experiences, and associated functionality (collectively, the "Site"), and services, content, and features we may provide or facilitate (collectively with the Site, the "Services"). References to "you" or "your" mean the person or entity accessing the Services.

Our Terms of Service govern use of the Services and, together with this Policy, form the agreement between you and us where applicable. If you disagree with this Policy, you must not access or use the Services.

By accessing or using the Services, connecting a wallet, or otherwise submitting information, you acknowledge that you have read this Policy and consent to the practices described herein to the extent permitted by applicable law.

Privacy-related questions: support@hashmarket.app. We may not respond to every inquiry. No response constitutes legal advice or an admission regarding our practices.

This Policy applies to information collected in connection with the Site and Services as described here. It does not apply to information collected offline, or on third-party sites or services we do not control, including wallet providers, block explorers, RPC endpoints, or the Ethereum protocol—all of which have their own practices over which we disclaim responsibility.

"Personal information" means information that can be linked to an identified or identifiable person. It does not include data that has been aggregated or de-identified in a way that cannot reasonably be reversed. Information you submit about third parties is your responsibility.

We may collect information directly from you, automatically when you use the Site (including technical and usage data), and from third parties such as analytics vendors, infrastructure hosts, or integrations you authorize. We do not control and are not responsible for wallet providers or blockchain networks.

Categories of information we may process include, without limitation:

• Identifiers & account data: such as email, username, or similar identifiers if you choose to provide them; wallet public addresses and on-chain activity are often public by design.
• Technical & usage data: IP address, device type, browser, language, referring URLs, approximate location derived from IP, logs, and events.
• Cookies & similar technologies: as described in Section 5.
• Communications: content of emails or support messages you send us.
• Compliance & risk: where permitted by law, information you provide for verification, fraud prevention, or sanctions screening.

No obligation; no custody of keys. You are not required to provide personal information except where the Services cannot function without it. We do not collect, store, or have access to your private keys, seed phrases, or similar wallet secrets. You alone control your self-custodial wallet.

No guarantee of lawful processing outcome. Descriptions in this Policy are not promises that we will process data in a specific manner in all circumstances, or that we will achieve any particular security outcome.

The Services are not intended for individuals under twenty-one (21) years of age. We do not knowingly collect personal information from anyone under 21. If you believe we have received such information, contact us at support@hashmarket.app and we will take steps we deem appropriate to delete it, subject to legal retention obligations.

We and our vendors may use cookies, local storage, pixels, and similar technologies for functionality, analytics, security, and (where used) advertising measurement. You can control cookies through browser settings; disabling cookies may break parts of the Services. We do not guarantee recognition or honor of "Do Not Track" signals.

We may use information for purposes including:

• Providing, operating, and improving the Services;
• Security, fraud prevention, abuse detection, and enforcing our Terms;
• Communications about the Services, including support and transactional messages;
• Analytics in aggregated or de-identified form;
• Compliance with law, regulation, or lawful process;
• Corporate transactions (e.g., merger or asset sale) as described below.

To the maximum extent permitted by law, we disclaim any obligation to use information for your benefit and any duty to notify you of every use. Marketing communications, if any, will be sent only where permitted; you may opt out of promotional emails as described in Section 11 where applicable.

NO METHOD OF TRANSMISSION OR STORAGE IS FULLY SECURE. TO THE FULLEST EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES REGARDING SECURITY, INCLUDING THAT THE SERVICES WILL BE FREE OF UNAUTHORIZED ACCESS, LOSS, OR ALTERATION. YOU USE THE SERVICES AT YOUR OWN RISK. Any transmission of information is at your sole risk.

We may use administrative, technical, and organizational measures we consider appropriate, but such measures do not guarantee security or confidentiality.

We may share information:

• With vendors and service providers who process data on our behalf (e.g., hosting, analytics, email);
• To comply with law, regulation, legal process, or governmental request;
• To protect rights, safety, and property of the Company, users, or others;
• In connection with a merger, acquisition, financing, or sale of assets, where information may be transferred as a business asset;
• With affiliates under common control;
• In de-identified or aggregate form;
• When you direct or consent to disclosure.

Blockchain transparency. Transactions and data recorded on public blockchains are inherently visible. We do not control how third parties index, display, or analyze on-chain data linked to your public addresses.

We are not responsible for third-party privacy practices, including advertisers, analytics providers, or social platforms linked from the Services.

The Services may link to third-party sites or integrations. We do not control and are not responsible for their content or privacy practices. Your use of third-party services is governed by their terms and policies.

We may use third-party analytics tools to understand usage of the Services. Those providers may set their own cookies or collect device data subject to their policies. Where available, consult the provider's opt-out resources. We make no representation that any third party will honor opt-out requests.

You may request access, correction, deletion, or restriction of certain personal information where required by applicable law, subject to exceptions (e.g., legal retention). Email support@hashmarket.app with a clear description of your request. We may require identity verification. We may deny or limit requests where permitted by law, or where requests are excessive or unfounded.

Unsubscribe from marketing emails using the link in those emails, where provided, or by emailing us with "Unsubscribe" in the subject line. Transactional or legal notices may continue.

If you are in a region with a supervisory authority (e.g., EEA, UK), you may have the right to lodge a complaint there; this does not waive any limitations of liability in our Terms.

We may process and store information in the British Virgin Islands and other countries where we or our providers operate. Those jurisdictions may have different data-protection laws. By using the Services, you acknowledge that transfers may occur and that courts or authorities in those countries may seek access to data as permitted by local law.

EXCEPT WHERE PROHIBITED BY LAW, THE SERVICES AND ALL DATA PRACTICES DESCRIBED HEREIN ARE PROVIDED "AS IS" AND "AS AVAILABLE." WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, WE WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES ARISING OUT OF OR RELATED TO PRIVACY OR DATA SECURITY, EVEN IF ADVISED OF THE POSSIBILITY. OUR AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS POLICY SHALL NOT EXCEED ONE HUNDRED U.S. DOLLARS (US$100) OR THE MINIMUM AMOUNT REQUIRED BY MANDATORY LAW, WHICHEVER IS GREATER, UNLESS OUR TERMS PROVIDE OTHERWISE.

We do not represent that the Services are appropriate for users in any jurisdiction, including Restricted Jurisdictions described in our Terms. We do not target or solicit U.S. persons or users in other restricted regions. See our Terms.

We retain information for as long as reasonably necessary to provide the Services, comply with law, resolve disputes, and enforce agreements. Deletion may not be immediate in backups or logs; we may retain anonymized or aggregate data. On-chain data cannot be cleared by us.

We may modify this Policy at any time. The "Last updated" date will be revised. Continued use after posting constitutes acceptance to the extent permitted by law. If you do not agree, stop using the Services.

The Services are operated from the British Virgin Islands. This Policy is not intended to subject the Company to laws other than those we expressly acknowledge, except as required by mandatory applicable law. Disputes may be subject to the dispute-resolution and arbitration provisions of our Terms where applicable.