This Policy does not apply to personal information collected in the context of employment or recruitment by Witchverse. This Policy is not a contract and does not create any legal rights or obligations. We may also provide additional notices where required by law or specific features, and such notices supplement—not replace—this Policy.
What We Collect
The categories of information we collect depend on how you interact with the Wavist Platform and Services. We collect information that you provide directly to us, information collected automatically as you use the Platform, and information obtained from third parties.
Information You Provide
- Contact Information: Your name, email address, physical address, and communication preferences.
- Financial Information: Your blockchain addresses, connected wallet details, asset holdings, transaction history, and any associated fees.
- Transaction Information: Details of your activity on the Platform, including transaction types, amounts, timestamps, and related metadata.
- KYC and Compliance Information: Documents and data required for identity verification or regulatory checks, including passport scans, utility bills, proof of income, incorporation documents, tax IDs, and photos.
- Interaction Information: Any content you provide during your interactions with us, including inquiries, support requests, feedback, survey responses, or live chat transcripts.
Information We Collect Automatically
- Online Identifiers: IP addresses, geolocation, browser type, OS, mobile network info, device identifiers, referring/exit pages.
- Usage Data: Pages visited, time spent on Platform, navigation paths, links clicked, interaction logs.
- Location Information: IP-based city-level inference for fraud prevention, support, optimization.
- Cookies and Tracking Technologies: Cookies, pixels, embedded scripts to analyze usage and monitor performance.
Information from Third Parties and Other Sources
- Affiliates: Shared information from companies under Witchverse.
- Social Media Platforms: Public info from your profile and interactions.
- Identity Verification Providers: For fraud prevention and user verification.
- Data Analytics Providers: Analyze trends and behavior.
- Other Service Providers: Marketing, technical vendors, support collection.
- Information Providers: Contact or background data from sources like credit bureaus.
- Public Sources: Blockchain and other public directories.
Blockchain Information We Collect
As part of your interaction with the Wavist Platform, we may collect and analyze information from public blockchains or connected wallets:
- Account Address: The public blockchain address linked to your activity on the Platform.
- Wallet Provider: The type of wallet used (e.g., MetaMask, WalletConnect, Ledger).
- Account Balance and Assets: Your current token holdings and asset types linked to your account.
- Transaction Details: Hashes, timestamps, gas fees, transaction types, and sender/recipient addresses.
This information may be combined with your other account data, for example, when connecting a wallet to your profile or verifying transaction eligibility.
How We Use Information
Providing Platform and Services
We may use the blockchain and account information to:
- Identify your wallet and asset holdings
- Track transaction history
- Link wallets with user profiles
Safety and Security
- Detect and prevent fraud or illegal activity
- Verify identity and access
- Monitor abuse or malware
- Run diagnostics and issue resolution
- Protect users, systems, IP, and enforce policies
- Comply with legal obligations
User Support
- Route inquiries to the appropriate team
- Respond to support requests and comments
- Analyze issues and improve experience
- Evaluate and improve service quality
Research and Development
We use data to test, analyze, and enhance our Services. This helps us:
- Improve user experience and platform performance
- Prevent misuse or abuse of the Platform
- Develop and refine new tools, products, or features
Legal and Regulatory Compliance
We may use your information to meet regulatory and legal obligations, including:
- Identity verification, KYC, or customer due diligence
- Cross-checking your information with third-party databases or public records
- Conducting background checks as required
- Investigating disputes or responding to official regulatory inquiries
- Facilitating business transactions or organizational changes
- Complying with financial, tax, or data-related regulations
Direct Marketing
We may use your information to send you updates and marketing communications about the Platform and Services, including promotions, product updates, events, and surveys. You can opt out at any time by clicking"unsubscribe" in our emails or by contacting us atcontact@wavist.io.
How We Share & Disclose Information
We may share personal and blockchain-related information in the following circumstances:
With Affiliates
We may share your information with companies owned or controlled by Witchverse, or under common ownership, particularly when collaborating to provide or support the Wavist Platform and Services.
At Your Direction
We may share information with third parties when you request or authorize us to do so. For example, you may choose to share personal data with other participants or partners through your interaction on the Platform. Please note that their use of your information will be governed by their own privacy policies.
To Comply with Legal Obligations
We may disclose your information as required to:
- Cooperate with law enforcement or regulatory authorities
- Respond to subpoenas, court orders, or similar legal processes
- Prevent physical or financial harm, or fraud
- Report suspected illegal activity
- Investigate potential violations of our Terms of Service or related policies
With Service Providers
We engage service providers to assist with operational, technical, compliance, and marketing tasks. These providers are contractually required to use your information only to provide services on our behalf.
With Identity Verification Providers
When identity verification is required (e.g., for KYC/AML compliance), we may share the necessary information with trusted third-party verification providers to facilitate the process.
On Public Blockchains
Transaction-related information (e.g., blockchain address, amount, timestamp) may be recorded and visible on public blockchains. This data is inherently public and may be accessible by anyone, depending on the blockchain protocol.
During a Business Change
If Witchverse or Wavist undergoes a merger, acquisition, restructuring, financing, asset sale, or similar corporate event, your information may be transferred to the relevant party, subject to standard confidentiality terms.
With Legal and Professional Advisors
We may share your information with legal counsel, accountants, or law enforcement if:
- Necessary to obtain legal or regulatory advice
- In connection with the defense or enforcement of legal claims or rights
- To comply with applicable laws or legal requests from authorities
- To detect, prevent, or investigate fraud or illegal activity
- To protect the safety and security of our users, employees, or platform
With Respect to Aggregated or De-Identified Data
We may share aggregated or anonymized data (that cannot reasonably be linked back to you) with third parties for analytical, research, or commercial purposes.
No Sale for Marketing/Advertising
We do not sell your personal information to third parties for their own marketing or advertising purposes. This means we do not engage in direct sale of personal data for third party advertising.
Legal Bases for Using Your Information
Where required under applicable law, we rely on specific legal bases to process your personal information as outlined in this Privacy Policy. These include:
- Contractual necessity: Where the use of your information is necessary to perform a contract with you or to take steps at your request prior to entering into such a contract (for example, enabling access to the Wavist Platform or facilitating transactions).
- Legitimate interests: Where it is necessary for our legitimate business interests or those of a third party, and those interests are not overridden by your rights or interests.
- Legal obligations: Where we are required to use your information to comply with legal or regulatory obligations under applicable laws and regulations.
- Consent: Where you have provided consent for specific processing activities, which you may withdraw at any time.
Your Rights and Choices
Subject to applicable data protection laws, you may have certain rights with respect to your personal information. If you would like to exercise any of your rights, please contact us at contact@wavist.io.
Depending on your jurisdiction, your rights may include the ability to:
- Access the information we hold about you and request a copy.
- Update or correct inaccurate or outdated personal information.
- Request deletion of your personal information, subject to legal or operational requirements.
- Restrict processing of your information under certain conditions.
- Withdraw consent for processing where we rely on your consent.
We will review and respond to your request within the timeframe required by applicable law. Please note that in some cases, certain data may be exempt from these rights, such as where continued processing is required for legal compliance or our legitimate business needs.
To protect your privacy, we may request additional information to verify your identity before acting on any rights request.
Information for EU Residents
You are not legally required to provide us with the personal information described in this Privacy Policy. Further, the contractual relationship that you might have entered into with us by using the Platform and Services does not imply any obligation to provide your personal information.
However, you might not be able to use the Platform and Services to the full extent, or in some cases you may not be able to use the Platform and Services at all, if you do not provide us with certain data or object to the use of this data.
Legal Basis for Processing
We process your personal information in accordance with the General Data Protection Regulation (“GDPR”) and other applicable data protection laws. Our legal bases for processing your information include:
- Contractual necessity: We process your information as necessary to perform our contract with you, or to take steps at your request prior to entering into a contract (for example, when you register for an account or use our Platform and Services).
- Legitimate interests: We process your information to pursue our legitimate business interests, such as improving and securing the Platform and Services, provided that these interests are not overridden by your rights and interests.
- Legal obligations: We may process your information to comply with legal or regulatory requirements, including responding to lawful requests from authorities.
- Consent: In certain cases, we process your information based on your consent, which you may withdraw at any time.
We may also be required to disclose your information to regulatory or law enforcement authorities in accordance with applicable law.
International Data Transfers
Our primary business operations are based in the United States. When we transfer your personal information outside the EEA, United Kingdom, or Switzerland, we implement appropriate safeguards, such as standard contractual clauses, to ensure your information is protected in accordance with applicable law.
Profiling
We may use your information to personalize your experience on the Platform and Services, including providing tailored offers or recommendations. We do not make decisions based solely on automated processing that produce legal or similarly significant effects for you.
Your Rights
Subject to applicable law, you have the following rights regarding your personal information:
- Right of access to your information (Article 15 GDPR)
- Right to rectification (Article 16 GDPR)
- Right to erasure (Article 17 GDPR)
- Right to restrict processing (Article 18 GDPR)
- Right to data portability (Article 20 GDPR)
- Right to object to processing, including profiling and direct marketing (Articles 21 and 22 GDPR)
- Right to withdraw consent at any time, where processing is based on consent
To exercise these rights, or if you have questions about how we process your information, please contact us at contact@wavist.io. We may request additional information to verify your identity before responding to your request.
You also have the right to file a complaint with your local data protection authority if you believe our processing of your personal information violates applicable law.
Your Privacy Rights in the United States
Depending on your state of residence, you may have certain rights regarding your personal information under applicable privacy laws, including those in California, Colorado, Connecticut, Nevada, Utah, Virginia, and other states with similar requirements.
Right to Correction
You may request that we correct inaccurate personal information we hold about you. If your information changes or you believe it is incorrect, please notify us and we will update our records as appropriate.
Right to Deletion
You may request that we delete personal information we have collected from you, subject to certain exceptions. In response, we may delete, deidentify, or aggregate your information as permitted by law. We will confirm the information to be deleted and notify you upon completion of your request. Please note that we may not be able to delete certain information maintained on behalf of third parties or as required by law.
Right to Disclosure
You may request details about our collection and use of your personal information, including:
- The categories of personal information we have collected about you,
- The categories of sources of that information,
- The business or commercial purposes for collecting, using, or sharing your information,
- The categories of third parties with whom we share your information,
- If applicable, whether we have sold or shared your information and the categories of recipients.
Right to Opt-Out of Sale or Sharing
We do not sell your personal information or share it with third parties for cross-contextual behavioral advertising purposes. Where required by law, you may opt out of certain types of data sharing by adjusting your cookie preferences or contacting us.
Right to Limit Use and Disclosure of Sensitive Personal Information
We do not use or disclose sensitive personal information to infer characteristics about you. If our practices change, we will update this Privacy Policy and provide you with options to limit such use and disclosure.
Right to Non-Discrimination
We will not discriminate against you for exercising your privacy rights. This includes denying services, charging different prices, or providing a different level or quality of services, except as permitted by law.
Right to Disclosure of Marketing Information
California residents may request information about our disclosures of personal information to third parties for their direct marketing purposes in accordance with the "Shine the Light" law.
How to Exercise Your Rights
To exercise your privacy rights, please submit a verifiable request to contact@wavist.io. We may need to verify your identity before processing your request. If you are a California resident, only you or your authorized representative may make such a request. For requests related to non-affiliated third parties, please contact those third parties directly.
If you have questions about your rights or our privacy practices, please contact us at contact@wavist.io.
Collection of Information from Children
The Platform and Services are not intended for use by children under the age of 13. We do not knowingly collect personal information from individuals under 13 years of age. If you are under 13, please do not use the Platform and Services or provide any personal information to us.
If we become aware that personal information has been provided by or collected from a child under 13, we will take reasonable steps to delete such information from our records.
Parents and guardians who believe that their child has provided us with personal information may contact us at contact@wavist.io. Upon verification, we will promptly delete the relevant information.
For additional control, parents may wish to use available parental control tools to help manage their child's online activities and prevent the disclosure of personal information without parental consent.