HashPass Wallet Docs
  • Terms of Service
  • Privacy Policy
Powered by GitBook
On this page
  • 1. General
  • 2. Categories of Personal Data We Collect and Process
  • 3. Purposes for Collecting and Processing Personal Data
  • 4. Cookies and Local Storage
  • 5. Third-Party Websites and Services
  • 6. How We Transmit, Protect, and Store Your Data
  • 7. Data Subject Rights

Privacy Policy

HashPass Wallet-Privacy Policy

Last Updated: 26th December, 2024

1. General

1.1 This Privacy Policy(“Policy”) is provided by HashKey Token Limited and/or by other its affiliates (“HashPass”, “we”, “us”, or “ours”). HashPass recognizes the importance-of your privacy and is committed to protecting your personal data. This privacy policy explains the principles on how we collect and uses information when you use the Product we provide, and the way in which that data is processed.

1.2 We process your personal data as described in this Policy and in accordance with applicable legislation, including Personal Data (Privacy) Ordinance (Cap. 486 of the Laws of Hong Kong Special Administrative Region of the People's Republic of China, “Privacy Ordinance”).

1.3 Periodically, this Privacy Policy will change. We will notify you when changes are made by revising the “Last Updated” date at the top of this document, providing additional notice by adding a statement to our homepage,. We reserve the right to alter this Privacy Policy at any time and for any reason. Any changes or modifications will be effective immediately upon posting the updated policy, and you waive the right to receive specific notice of each such change or modification.

1.4 IF YOU DISAGREE WITH ANY CHANGES TO THIS PRIVACY POLICY AND DO NOT WISH YOUR INFORMATION TO BE SUBJECT TO THE REVISED PRIVACY POLICY YOU WILL NEED TO DISCONTINUE USING THE SERVICES.

1.5 Personal data are information that can be used to directly or indirectly uniquely identify, contact, or locate you as a private individual (“Data”). The source of the collected Personal Data depends on how you interact with us.

1.6 Any undefined matters shall be consistent with the terms in the Terms of Service and shall be governed by the Terms of Service.

2. Categories of Personal Data We Collect and Process

2.1 When you use the Wallet, we collect and process certain categories of personal data to provide core functionality, improve user experience, and ensure the Wallet operates efficiently. We are committed to protecting your privacy and only collect data that is strictly necessary.

a) Essential Data for Core Functionality

We collect the following information to provide basic wallet services and enable interaction with blockchain networks:

• Username or Display Name: To identify and display your wallet user identity.

• Wallet Address (Public Key): Used to display your balances, transaction history, and facilitate interactions with decentralized applications (“dApps”).

• Blockchain Transaction Data: Including transaction hashes, block numbers, gas fees, and transaction statuses, retrieved from the blockchain. We do not store such data; it is only processed as necessary to enable the essential functions of the Product.

• Network Configuration: Your selected blockchain network(s) (e.g., Ethereum, HashKey Chain). We do not store such data; it is only processed as necessary to enable the essential functions of the Product.

• Authorized dApps Information: A list of decentralized applications to which you have granted permission to interact with the Wallet. We do not store such data; it is only processed as necessary to enable the essential functions of the Product.

Note: The Wallet does not collect or store private keys, seed phrases, or passwords. You are solely responsible for managing and safeguarding this information.

b) Technical and Usage Data

To maintain Wallet functionality and improve user experience, we collect limited technical and usage data:

• Device Information: Including your device model, operating system version, browser type, and Wallet plugin version.

• Error Logs: Data related to Wallet malfunctions, errors, or crashes to diagnose technical issues and improve performance.

• Usage Patterns: Information about how you interact with the Wallet interface, such as: Behavioral data related to Wallet account additions/deletions (method and timestamp); Interaction with dApps (e.g., connecting, authorizing, or signing transactions).

Note: This data is anonymized or aggregated where possible and is used solely to improve the Wallet’s performance and user experience.

c) Data from Third-Party Services

When you interact with third-party services through the Wallet, such as decentralized applications (dApps), or DeFi platforms, the following data may be processed:

• dApps Interaction Data: Including connected dApps URLs, approved permissions.

• Third-Party Metadata: Information from external services (e.g., token balances, or smart contract interactions).

Note: While we facilitate these interactions, we do not control or process data collected by third-party services. Please review their privacy policies for details about how they handle your data.

3. Purposes for Collecting and Processing Personal Data

Data Fields

Purpose of Collection and Use

Username or Display Name

- To identify and display your wallet user identity.

Wallet Address (Public Key)

- To facilitate blockchain transactions (signing and broadcasting).

- To display wallet balance and transaction history.

Blockchain Transaction Data

- To retrieve and display transaction status, hash, block confirmations, and gas fees.

- To assist in troubleshooting transaction errors.

Network Configuration

- To enable access to blockchain networks (e.g., Ethereum, HashKey Chain).

Authorized dApps List

- To display decentralized applications (dApps) to which the user has granted permissions.

- To help users manage dApps connections and authorizations.

Device Information

- To ensure compatibility with the user’s device and browser.

- To optimize Wallet performance and resolve technical issues.

Error Logs and Crash Reports

- To diagnose and fix technical issues.

- To ensure system stability and improve Wallet functionality.

Usage Behavior Data

- To analyze user interactions with Wallet features.

- To improve user experience and UI/UX design.

Third-Party Integration Data

- To enable interactions with dApps, or DeFi protocols.

- To retrieve token balances, smart contract interactions information.

4. Cookies and Local Storage

4.1 Wallet may use cookies and similar tracking technologies to enhance user experience, analyze service performance, and ensure the security of the Wallet’s features. Cookies are small text files stored on your device to collect and store certain information when you interact with web-based components or services provided by the Wallet.

4.2 The Wallet may use local storage (e.g., browser storage, session storage) to save wallet-related information on your device, including:

• Authorized dApps connections.

• Cached public data for improved loading times (e.g., account balances, recent transaction history, basic network and token information).

4.3 The Wallet does not use cookies or similar technologies for targeted advertising, behavioral tracking, or sharing personal data with advertising networks.

4.4 You have control over cookies and tracking technologies. Depending on your browser or device, you may:

• Manage or Delete Cookies: Adjust your browser settings to block or delete cookies at any time.

• Control Local Storage: Clear browser local storage or reset the Wallet settings.

• Opt-Out of Third-Party Tracking: If third-party services are integrated, you can choose to revoke access to such services or manage preferences through their privacy settings.

However, please note that disabling essential cookies or clearing local storage may affect the Wallet’s functionality and your ability to interact with blockchain services.

5. Third-Party Websites and Services

5.1 Wallet may include links, integrations, or connections to third-party websites, services, dApps, or external platforms (“Third-Party Services”) that are not owned, operated, or controlled by us.

5.2 We do not control, monitor, or endorse the content, privacy practices, security policies, or functionality of any Third-Party Services. Your access to and use of such services are entirely at your own risk, and we are not responsible for:

• The collection, use, or sharing of your personal data by Third-Party Services.

• The content, accuracy, availability, or functionality of any linked websites, dApps, or services.

• Any loss, damage, or harm, including loss of digital assets, arising from your use of Third-Party Services.

5.3 When you choose to access or interact with Third-Party Services through the Wallet, you acknowledge and agree that:

• You are solely responsible for reviewing and accepting the privacy policies, terms of service, and security practices of those Third-Party Services.

• Any data you share or transactions you execute with Third-Party Services are done at your own discretion and risk.

• We do not guarantee the safety, reliability, or performance of Third-Party Services, including any smart contracts, blockchain-based protocols, or decentralized platforms.

5.4 If you use the Wallet to interact with dApps or other blockchain-based platforms:

• Your interactions are conducted directly between you and the respective dApps or service provider.

• dApps and smart contracts may have security vulnerabilities, bugs, or exploits. We assume no responsibility for any resulting losses.

• You should conduct your own research and due diligence before authorizing or interacting with any dApps.

5.5 Some Third-Party Services may use cookies, tracking technologies, or other data collection methods. We do not control or assume responsibility for the data collection or privacy practices of these services. You are encouraged to review their privacy policies to understand how your information may be processed.

5.6 By accessing or using Third-Party Services through the Wallet, you:

• Acknowledge that such use is voluntary and at your sole risk.

• Release us from any claims, damages, or losses arising from your use of Third-Party Services.

6. How We Transmit, Protect, and Store Your Data

6.1 We implement industry-standard security measures to ensure that any data transmitted while using the Wallet is protected against unauthorized access, interception, or tampering. Specifically:

• Encrypted Transmission: All data transmitted between your device and our services (if applicable) or third-party services (e.g., blockchain nodes) is encrypted using HTTPS (SSL/TLS) protocols.

• Blockchain Data: Transactions you sign and broadcast are transmitted directly to the blockchain network through RPC nodes or third-party services. The Wallet does not intercept or store transaction data beyond what is displayed for your convenience.

• Local Operations: Sensitive operations, such as private key generation, storage, and transaction signing, are performed locally on your device and are never transmitted to external servers.

6.2 We are committed to protecting your data from unauthorized access, loss, misuse, or disclosure. To achieve this, we employ the following security measures:

• End-to-End Encryption: Sensitive information (e.g., session data, network configurations) is encrypted during transmission and storage where applicable.

• Local Data Security: Private keys, seed phrases, and other sensitive credentials are never stored on our servers; they remain solely under your control on your local device. The Wallet uses secure storage mechanisms (e.g., browser local storage or secure device environments) to store non-sensitive configuration data, such as network preferences.

• Access Controls: Only authorized personnel, where necessary, have access to limited technical data (e.g., logs), and such access is strictly monitored and controlled.

• Regular Audits: Our systems undergo regular security audits and vulnerability assessments to identify and mitigate risks.

• Third-Party Integrations: Where third-party services (e.g., RPC providers, analytics tools) are involved, we ensure that they adhere to industry-standard security and privacy practices.

6.3 The Wallet is designed as a non-custodial tool; therefore, we minimize the collection and storage of personal data. Specifically:

• Local Storage: Sensitive credentials such as private keys and seed phrases are stored only on your local device and are not accessible to us. Configuration data (e.g., network settings, authorized dApps) may be stored locally to enhance usability.

• Temporary Data: Transaction-related or technical data (e.g., error logs, network latency reports) may be temporarily processed to improve performance. Such data is anonymized where possible.

• Retention Period: We retain collected data (e.g., logs or feedback submissions) only for as long as necessary to fulfill the purposes outlined in this policy or as required by applicable laws. Once the retention period expires, data will be securely deleted or anonymized.

6.4 We affirm the following principles regarding the use and sharing of your data:

• Your data will not be sold to third parties for any authorized purposes.

• Your data will not be utilized or disclosed for purposes unrelated to the functionality of the Product.

• Your data will not be used or disclosed for credit assessment, credit scoring, or lending purposes.

6.5 While we take all reasonable measures to protect your data, no transmission or storage system can be guaranteed to be 100% secure. You play a critical role in safeguarding your information, and we encourage you to:

• Use strong, unique passwords to secure your device and Wallet.

• Keep your private keys, seed phrases, and passwords confidential and stored offline.

• Avoid sharing sensitive information on untrusted platforms or clicking on suspicious links.

• Regularly update your software, operating system, and security measures to protect against vulnerabilities.

• If you believe your Wallet or related data has been compromised, please contact us immediately at hashpass@hashkey.com.

7. Data Subject Rights

7.1 You may have certain rights regarding Personal Data:

• Right to Access/Know. You may have the right to obtain confirmation from us whether we are processing your Personal Data and related information; request information about the types, sources and purpose of Personal Data we have collected about you, and to whom we have disclosed your Personal Data and why; or obtain a copy of your Personal Data.

• Right to Data Portability. You may have the right to request to receive your Personal Data that you have provided to us in a structured, commonly used and machine-readable format.

• Right to Rectification/Correction. You may have the right to request that we correct inaccurate Personal Data and to have incomplete data completed.

• Right to Objection. You may have the right to object to the processing of your Personal Data in certain cases required by applicable laws, rules and regulations.

• Right to Restrict Processing. You may request that we restrict the processing of your Personal Data in certain cases required by applicable laws, rules and regulations.

• Right to Erasure/Delete. You have the right to request us to erase/delete your personal data where required by law in certain jurisdictions. Once you have requested us to delete your data, we will delete your personal data held by us. Once deleted, it cannot be recovered and you will not be able to use the products/services provided by us. However, we may be required by the laws of the jurisdiction in which we operate to retain such information, we will no longer use your personal data to carry out any of the activities set out in this Privacy Policy, and such personal data will only be retained for as long as is required by law or as permitted by the laws of the jurisdiction in which it is held, after which time we will arrange for the deletion of the corresponding personal data..

• Right to Lodge a Complaint. You may have the right to lodge a complaint with a supervisory authority in the country where you reside or where the conduct that is the subject of the complaint occurred.

• Right to Refuse or Withdraw Consent. In case we ask for your consent to process your Personal Data, you are free to refuse to give it. If you have given your consent, you may withdraw it at any time without any adverse consequences. The lawfulness of any processing of your Personal Data that occurred prior to the withdrawal of your consent will not be affected.

If you have any questions, comments or complaints about how we handle your personal data, or if you wish to discontinue contacting us, please notify us as set out below. In addition, upon your request, we will provide you with a summary of any personal data we collect and hold about you. You may request to amend, correct or update your personal data or make a request to have your personal data deleted from our database. We will only send a copy of your personal data in a file to the e-mail address tied to your name. In accordance with the Privacy Ordinance, we have the right to charge you a reasonable fee to process and fulfill your data access request: Email: hashpass@hashkey.com.

PreviousTerms of Service

Last updated 4 months ago