Introduction
Yieldable ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your information across all regions in which we operate.
It complies with:
- The General Data Protection Regulation (GDPR) and UKβGDPR;
- The California Consumer Privacy Act (CCPA/CPRA) and U.S. state privacy laws;
- The AsiaβPacific Economic Cooperation (APEC) Privacy Framework, including APPI (Japan), PDPA (Singapore/Malaysia), and the Australian Privacy Act 1988.
By accessing or using Yieldable.io or related applications (the "Platform"), you agree to the terms of this Policy. If you do not agree, please discontinue use of the Platform.
1. Eligibility
Yieldable's services are intended for individuals 18 years of age or older. By using this Platform, you represent that you are at least 18 and legally permitted to use blockchain and digital asset services in your jurisdiction.
We do not knowingly collect data from anyone under 18. If such data is discovered, contact us at privacy@yieldable.io, and we will promptly remove it.
2. Who We Are
Yieldable provides decentralized tools and analytics for yield strategies, tokenized assets, and blockchain-based financial activity.
Yieldable acts as a:
- Data Controller under GDPR/UK-GDPR;
- Business under CCPA/CPRA and U.S. state privacy laws;
- Personal Information Controller under relevant APAC privacy acts.
3. Information We Collect
We collect limited information necessary to provide, secure, and improve our services.
A. Information You Provide
- Contact information (e.g., email) submitted via forms or support channels;
- Feedback, inquiries, or survey responses;
- Details provided for newsletters, waitlists, or beta programs.
B. Automatically Collected Data
When using our Platform, we automatically collect:
- IP address, approximate geolocation (where permitted);
- Browser, device type, OS version, and language;
- Page interactions, referral URLs, and session data;
- Cookies and similar technologies (see Section 9).
C. Web3 and On-Chain Data
When using blockchain or wallet features, we may process publicly available blockchain data, including:
- Wallet address (public key);
- Transaction hashes, contract interactions, and timestamps;
- On-chain analytics data.
Important: We never access or store private keys, seed phrases, or custodial wallet data. All wallet connections are non-custodial and initiated by you.
4. How We Use Your Data
We process personal and technical data to:
- Operate, maintain, and improve our Platform;
- Respond to inquiries or technical support requests;
- Deliver updates, newsletters, or product communications (with consent);
- Ensure security, prevent fraud, and monitor network integrity;
- Comply with legal, regulatory, or compliance obligations;
- Conduct analytics, usage metrics, and research to improve performance.
We do not sell, rent, or trade your data. We do not engage in automated decision-making that produces legal effects.
5. Legal Basis for Processing (EU/UK Users)
Under the GDPR, we rely on one or more of the following legal bases:
- Consent β for newsletters, cookies, and voluntary submissions;
- Contractual necessity β to deliver requested services or features;
- Legal obligation β to comply with applicable law;
- Legitimate interest β for fraud prevention, analytics, and service optimization.
6. Data Rights (Global Summary)
Depending on your jurisdiction, you may have the right to:
- Access your personal data;
- Correct inaccurate or incomplete data;
- Delete or request erasure ("right to be forgotten");
- Restrict or object to certain processing;
- Withdraw consent at any time;
- Data portability (obtain a copy in machine-readable format);
- Non-discrimination for exercising privacy rights (U.S.);
- Complain to a data protection authority in your region.
To exercise your rights, email privacy@yieldable.io. We may need to verify your identity before processing your request.
7. Data Retention
We retain data only as long as necessary:
- Contact inquiries: up to 12 months after last communication;
- Newsletter data: until you unsubscribe;
- Analytics logs: anonymized or aggregated after retention period;
- Blockchain data: remains permanently public and outside of our control.
8. Data Sharing and Disclosure
We share limited data only when necessary:
- With trusted vendors (hosting, analytics, or support) under data processing agreements;
- With regulators or law enforcement when required by law;
- During business transitions (mergers, acquisitions) under equivalent protections.
We do not sell or "share" personal data as defined under the CPRA.
9. Cookies and Tracking Technologies
We use cookies and similar tools to:
- Remember preferences and wallet connection settings;
- Measure performance and traffic (via privacy-safe analytics tools);
- Secure user sessions and prevent fraud.
You can adjust or disable cookies in your browser. EU users will see a cookie consent banner per ePrivacy Directive.
10. Data Security
We employ robust technical and organizational safeguards:
- Full HTTPS/TLS encryption;
- Strict server access controls;
- Pseudonymization and anonymization of analytics data;
- Regular audits and vulnerability scanning.
Despite best efforts, no digital system is 100% secure. You are responsible for securing your wallet credentials and devices.
11. International Data Transfers
When transferring data across borders, we rely on:
- Standard Contractual Clauses (SCCs) for EU/UK compliance;
- APEC Cross-Border Privacy Rules (CBPR) for APAC-U.S. flows;
- Transfers only to countries with adequate protection recognized by regulators.
12. Blockchain Transparency & Immutability Notice
Because Yieldable integrates blockchain technology:
- Data recorded on-chain (wallet addresses, transactions) is public, permanent, and immutable;
- We cannot alter or delete on-chain records;
- Users should consider all blockchain interactions as public disclosures;
- We may analyze aggregated on-chain data to improve platform performance or ensure compliance.
By using our Web3 features, you acknowledge and consent to the immutable nature of blockchain data.
13. Regional Addenda
A. European Union / United Kingdom
We comply fully with GDPR and UK-GDPR. Data subjects have full rights under Articles 12β23 of the Regulation.
Supervisory authority contact: https://edpb.europa.eu
B. United States (CCPA/CPRA and Similar Laws)
California and other state residents may:
- Request details of collected, disclosed, or shared data;
- Request deletion or correction;
- Opt out of data sharing (not applicable β we do not sell/share data).
Authorized agents may submit requests under verified power of attorney.
C. Asia-Pacific (Japan, Singapore, Malaysia, Australia)
We comply with:
- APPI (Japan) β personal data stored securely and deleted upon request.
- PDPA (Singapore & Malaysia) β lawful purpose, consent, and minimal retention.
- Australian Privacy Act (1988) β transparency, access, and cross-border notice.
Cross-border data transfers use the APEC CBPR framework where applicable.
14. Updates to This Policy
We may update this Policy from time to time. The updated version will be posted on this page with a new "Last Updated" date.
If material changes are made, we will notify users through the website or email.
