Privacy Policy

1. Information We Collect

1.1 Information You Provide to Us

We collect information you provide directly to us when you:

• Create an account: When you register for an account, we collect your email address, username, password, and wallet address.
• Complete your profile: We may collect additional information such as your name, contact information, and payment details.
• Purchase insurance products: When you purchase our insurance products, we collect information related to the specific coverage, such as flight details, event information, or stablecoin holdings.
• Communicate with us: We collect information you provide when you contact our support team, respond to surveys, or otherwise communicate with us.
• Submit claims: When you submit an insurance claim, we collect information necessary to process your claim, such as proof of loss or other supporting documentation.

1.2 Information We Collect Automatically

When you access or use our Services, we automatically collect certain information, including:

• Log information: We collect log information about your use of the Services, including the type of browser you use, access times, pages viewed, your IP address, and the page you visited before navigating to our Services.
• Device information: We collect information about the device you use to access our Services, including the hardware model, operating system and version, unique device identifiers, and mobile network information.
• Blockchain information: When you interact with our smart contracts or conduct transactions, we collect blockchain addresses, transaction hashes, and other on-chain data that is publicly available.
• Location information: We may collect your approximate location based on your IP address.
• Cookies and similar technologies: We use cookies, web beacons, and similar technologies to collect information about your interaction with our Services and other websites. For more information about our use of these technologies, see Section 5 of this Privacy Policy.

1.3 Information From Third Parties

We may obtain information about you from third parties, such as:

• Blockchain analytics providers
• Identity verification services
• Oracle data providers for insurance trigger events
• Public databases and publicly available sources
• Business partners and service providers who help us provide services to you

2. How We Use Your Information

We use the information we collect for various purposes, including to:

• Provide, maintain, and improve our Services
• Process transactions and fulfill insurance contracts
• Verify your identity and prevent fraud
• Process insurance claims and payouts
• Send you technical notices, updates, security alerts, and administrative messages
• Respond to your comments, questions, and requests
• Communicate with you about products, services, offers, and events, and provide news and information we think will be of interest to you
• Monitor and analyze trends, usage, and activities in connection with our Services
• Detect, investigate, and prevent fraudulent transactions and other illegal activities and protect the rights and property of DefiLean and others
• Personalize and improve the Services and provide content or features that match user profiles or interests
• Facilitate risk models and insurance premium calculations
• Comply with legal obligations

3. How We Share Your Information

We may share information about you as follows or as otherwise described in this Privacy Policy:

• With service providers: We may share information with vendors, consultants, and other service providers who need access to such information to carry out work on our behalf.
• With oracles and validators: We share the minimum necessary information with oracle providers and validators to confirm insurance trigger events and process claims.
• For legal reasons: We may disclose information if we believe that disclosure is in accordance with, or required by, any applicable law, regulation, legal process, or governmental request.
• To enforce our rights: We may disclose information to enforce our Terms of Service and other agreements, including for billing and collection purposes, or to protect the rights, property, and safety of DefiLean, our users, or others.
• In connection with a merger or sale: If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of company assets, information we collect may be transferred as part of that transaction.
• With your consent: We may share information with your consent or at your direction, including when you authorize a third-party application to access your account.
• Aggregated or de-identified information: We may share aggregated or de-identified information with researchers, business partners, or other third parties, which cannot reasonably be used to identify you.

Please note that much of the blockchain transaction data is publicly available and cannot be deleted due to the immutable nature of blockchain technology.

4. Data Storage and Security

We take reasonable measures to help protect information about you from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. However, no data security measures can guarantee 100% security.

You should take steps to protect against unauthorized access to your accounts, including by choosing a robust password, using different passwords for different services, enabling two-factor authentication where available, and signing out after using a shared computer.

Please note that information collected through our Services may be stored and processed in the United States or any other country in which DefiLean or its service providers maintain facilities.

5. Cookies and Similar Technologies

We use cookies and similar technologies such as web beacons, pixels, and local storage to collect information about your browsing activities and to distinguish you from other users of our Services.

Cookies are small pieces of data stored on your device that are sent back to our servers when you make subsequent requests. They help us improve our Services and your experience, see which areas and features of our Services are popular, and count visits.

We use the following types of cookies:

• Essential cookies: These cookies are necessary for the website to function properly and cannot be switched off in our systems.
• Functional cookies: These cookies enable the website to provide enhanced functionality and personalization.
• Analytics cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site.
• Marketing cookies: These cookies may be set through our site by our advertising partners to build a profile of your interests.

Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information, including:

• Access: You may request a copy of the personal information we hold about you.
• Correction: You may request that we correct inaccurate or incomplete information we have about you.
• Deletion: You may request that we delete your personal information, subject to certain exceptions.
• Restriction: You may request that we restrict the processing of your information under certain circumstances.
• Data portability: You may request a copy of the information you provided to us in a structured, commonly used, and machine-readable format.
• Objection: You may object to our processing of your information based on our legitimate interests.

To exercise these rights, please contact us at privacy@defilean.com. Please note that due to the nature of blockchain technology, we may not be able to delete or modify certain information that is stored on a public blockchain.

You can also opt out of receiving promotional communications from us by following the instructions in those communications or by adjusting your notification preferences in your account settings.

7. International Data Transfers

DefiLean operates globally, which means your information may be transferred to, stored, and processed in countries other than the one in which you reside. These countries may have data protection laws that are different from those in your country.

By using our Services, you consent to the transfer of your information to countries outside of your country of residence, including the United States, which may have different data protection rules than those in your country.

When we transfer personal information across borders, we take measures to comply with applicable data protection laws and ensure an adequate level of protection for the rights of data subjects based on the adequacy of the receiving country's data protection laws, contractual obligations placed on the recipient of the data, or data protection safeguards put in place.

8. Children's Privacy

Our Services are not directed to children under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information of a child under 18, we will delete such information as quickly as possible. If you believe that we might have any information from or about a child under 18, please contact us at privacy@defilean.com.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Services or by other means, such as email. We encourage you to review the Privacy Policy whenever you access the Services to stay informed about our information practices.

Your continued use of our Services after we make changes is deemed to be acceptance of those changes.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Email: privacy@defilean.com
Address: DefiLean, Inc., 123 Blockchain Street, San Francisco, CA 94107, USA