Privacy & Cookies Policy
Effective Date: 7/4/2025
Contact Email: [email protected]
1. Introduction
We are committed to protecting your privacy and complying with global data protection laws,
including the EU GDPR, California CCPA, Brazilian LGPD, and other international standards.
Palcoin Labs acts as the Data Controller for all data collected through its platform and
services.
We apply the GDPR framework as the default legal basis across our website due to its
strictness and wide international acceptance.
2.What data we collect?
We may collect the following categories of daata:
- Personal Data (name, email, ID)
- Transaction Data (type, amount, date)
- Device Data (IP, browser, usage)
- Cookies (essential + optional)
We may also collect additional information you voluntarily provide during support interactions, surveys, or participation in community activities.
3. Legal Basis (GDPR, LGPD)
We process data based on:
- Consent
- Legal obligation
- Contract performance
- Legitimate interest
You may request clarification on which legal basis applies to your specific data at any time.
4. How We Use It
We use your data for the following purposes:
- To process and verify transactions
- To improve the platform and personalize user experience (when optional analytics are enabled)
- For customer support and technical assistance
- To comply with applicable laws and regulatory requirements
5. User Rights
Depending on your jurisdiction, you may have the right to:
- Access, correct, or delete your personal data
- Object to processing
- Request data portability
- Withdraw consent at any time
- Know how and with whom your data is shared (CCPA)
- Lodge a complaint with a data protection authority
6. Data Sharing
We do not sell or share your data for marketing purposes.
Data may only be shared with:
- Trusted service providers under strict confidentiality and Data Processing Agreements (DPAs)
- Law enforcement or regulators where required by applicable law
7. Cookies
We use:
- Essential cookies necessary for basic functionality
- Optional cookies (e.g., analytics or customization) – only with user consent
A cookie banner will appear on first visit, allowing you to manage cookie preferences.
8. Data Storage
Data may be stored securely using cloud services such as AWS or equivalent providers across various jurisdictions. All third-party providers are contractually obligated to comply with applicable data protection laws and have signed appropriate DPAs with us.
9. Children's Privacy
- Our services are intended only for users 18 years or older. We do not knowingly collect or process data from minors under this age threshold
10. Security
- We implement industry-standard encryption protocols (e.g., SSL/TLS) to protect data during transmission. Additionally, certain transactions are recorded via Ethereum smart contracts to ensure transparency and verifiability.
11. Policy Updates
- We may update this Privacy & Cookies Policy from time to time. Continued use of the platform after any update signifies your acceptance of the revised policy.
- We will notify users of material changes via email or website announcement, where appropriate.
- We encourage users to review this page periodically.
12. Global Compliance Scope
This policy is designed to comply with multiple global privacy laws, including:
- EU GDPR
- UK GDPR
- CCPA(California, USA)
- LGPD (Brazil)
- PIPEDA(Canada)
- POPIA (South Africa)
- Privacy Act 1988 (Australia)
This ensures that user data is handled responsibly and transparently, regardless of location.
13. Data Retention & Deletion Timeline
- We retain personal data only as long as necessary for the purposes outlined in this policy, or as required by applicable regulations.
- Requests for deletion will be processed within 30 days, unless extended by legal or compliance obligations.
- Some data may be retained for longer periods for regulatory, accounting, or legal purposes.
14. Third-Party Services
If we engage third-party services (e.g., analytics, marketing, infrastructure), they will only access your data when necessary to perform specific tasks on our behalf.
Examples include:
- AWS for hosting
- Google Analytics for traffic analysis
- SendGrid or similar tools for transactional emails
All third-party providers are bound by confidentiality agreements and data protection laws.
15. Data Controller
The entity responsible for collecting and processing your data is:
Palcoin Labs
If the legal entity behind Palcoin changes in the future, this policy will be updated accordingly.
16. Data Breach Notification
In the event of a data breach that may affect your personal information, we will notify you within 72 hours of becoming aware of the incident, in accordance with GDPR and other applicable laws.
The notice will include:
- The nature of the breach
- Types of data involved
- Actions taken to mitigate the impact
- Instructions for any steps users should take