Privacy Policy
Effective Date: 30.05.2025
This Privacy Policy (“Policy”) explains how Token.com Digital Services Ltd (“Token.com”, “we”, “our”, or “us”) collects, uses, stores, and protects personal data when you access or use Token.com, including the Token.com application and website (together, the “Platform”).
Token.com is a Web3 self-custody interface. We do not hold user assets, private keys, or sensitive personal information unless you choose to provide it for specific services. This Policy applies to all Platform users (“User”, “you”, or “your”).
If you do not agree with this Policy, please do not use the Platform.
1. Who We Are
1.1 The Platform is owned and operated by Token.com a company registered in the British Virgin Islands, headquartered at Craigmuir Chambers, Road Town, Tortola, company number 2154269.
2. Minimum Age
2.1. The Platform is for users aged 18 and over. If you are a parent or guardian and become aware that a minor under 18 has accessed the Platform, please contact us at dpo@token.com to request deletion of their data.
3. Information We May Collect
3.1. When using our self-custody Web3 platform, we collect minimal data. You are not required to provide personal information unless using specific features.
3.2. We may collect:
Wallet information: Public wallet addresses when connecting via Web3.
Login email address: If you register or log in to the app using your email, we will collect and store your email address for account access purposes.
Device and browser data: IP address, device type, OS, browser, and usage data for security and platform optimization.
Optional contact data: If you reach out for support, provide feedback, or opt into newsletters, we may collect your email address or other info you voluntarily provide.
User-Generated Content: When you post text or videos in the app, we collect and process this content along with basic metadata to display it and ensure it meets our community guidelines.
Cookies: We use only essential cookies. You may configure your device to reject them, though it may limit functionality.
Third-Party Sources: We may receive limited data (such as general engagement data or device type) from third-party tools integrated with our Platform (e.g., analytics, login providers) to improve functionality or support services. These sources do not include your private key or sensitive information.
Aggregated/Anonymized Data: We may generate anonymized data sets for internal analytics. These do not identify you directly and are used solely to improve Platform performance and user experience.
3.3. We do not collect your private keys, seed phrases, or any biometric identifiers.
4. How We Use Your Information
4.1. We collect and process limited personal data for the following purposes:
Purpose of Processing | Legal Basis | Data Involved |
To enable access to the Platform and support wallet features | Performance of a contract (Terms of Use) | Public wallet address, device/browser data |
To maintain security, detect abuse or misuse of platform features, and prevent fraud | Legitimate interest | IP address, usage logs, device information, interaction signals |
To improve the Platform and user experience | Legitimate interest | Aggregated usage data, device/browser data |
To respond to support requests or feedback | Consent or performance of a contract | Email address (if provided), wallet ID, message content |
To send platform updates or product news | Consent | Email address |
To review and report user-generated content that may violate applicable laws | Legal obligation | Posted content, metadata (e.g. timestamp, session ID) |
To perform internal analytics and profiling for UX improvement | Legitimate interest | Usage data (aggregated/anonymized), device type, interaction history |
5. Third-Party Services
5.1. The Platform may interact with third-party tools (e.g., blockchain explorers, smart contracts, IPFS gateways, or analytics providers). These services operate under their own privacy policies and practices.
5.2. Where we rely on third-party service providers to support the Platform (such as infrastructure, analytics, or moderation tools), they are subject to appropriate due diligence to ensure they meet industry standards for data protection, security, and reliability. We only engage with processors that reflect our commitment to providing a safe and trustworthy experience for our users.
5.3. We do not control how third-party services use your data. We encourage you to review their privacy policies before interacting with them. Any interaction with decentralized blockchain protocols may also result in immutable and public data records (e.g., wallet activity).
6. Communications
6.1. If you provide your email for support or updates, we may contact you about Platform updates, security notifications, or product news if you’ve opted in.
6.2. You may unsubscribe at any time by following the instructions in the email or contacting us at help@token.com.
6.3. We may use third-party email delivery platforms or support tools to manage communications. These providers are contractually obligated to maintain appropriate data security standards.
7. Data Security
7.1. We use industry-standard security practices to protect the data we process, such as encryption protocols, access control with audit logs, and secure infrastructure with cloud hosting.
7.2. However, no system can be guaranteed to be completely secure. You are responsible for securing your own devices, wallets, and private keys. Token.com will never ask you to share your private keys or seed phrases.
7.3. Our internal access to user-related data is limited to personnel with a legitimate business need and is subject to strict access controls and monitoring.
8. Data Retention
8.1. We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to comply with our legal obligations, respond to support requests, prevent abuse, and improve the Platform.
8.2. In accordance with the BVI Data Protection Act, 2019, we ensure that personal data is not kept longer than necessary. When data is no longer needed, it is securely deleted or anonymized, unless we are legally required or permitted to retain it for a longer period (e.g., for compliance, dispute resolution, or fraud prevention).
8.3. You may request the deletion of your personal data at any time by contacting us at dpo@token.com, limited to what we are required to retain to comply with legal obligations.
9. Your Rights
9.1. You have the right to:
Access and review any personal data we may have collected.
Request correction or deletion of your data.
Request a copy of your personal data, where technically feasible and applicable.
Withdraw consent, where processing is based on consent.
Contact us at dpo@token.com with any data-related concerns.
9.2. If legally required to retain your data, we may decline deletion until obligations are fulfilled.
9.3. Depending on your jurisdiction, you may also have the right to object to or restrict certain types of data processing (e.g., profiling), and to lodge a complaint with your local data protection authority.
10. International Data Transfers
10.1. We may process your data using secure cloud services located outside your country of residence, including in the United States. This means your data may be transferred to jurisdictions that may not offer the same level of data protection as your home country.
10.2. Where we transfer personal data from the European Economic Area (EEA) to countries outside the EEA, we ensure that appropriate safeguards are in place — such as Standard Contractual Clauses approved by the European Commission.
10.3. By using the Platform, you consent to international data transfers where required. When such transfers occur, we implement appropriate technical and contractual safeguards to protect your data in accordance with applicable data protection laws.
11. Changes to this Policy
11.1. We may update this Policy to reflect legal or operational changes. When we do, we will notify users through the Platform or other appropriate channels. Your continued use of the Platform constitutes acceptance of the updated Policy.
12. Contact Us
12.1. For any questions, concerns, or data-related requests, please email our Data Protection Officer at:
📩 dpo@token.com