Privacy Policy

Zorai AI Arbitrage DApp Privacy Policy & Terms of Service Effective Date: November 01, 2020

一、Privacy Policy This Privacy Policy is designed to inform you, as a global user, of how Zorai AI Arbitrage DApp (hereinafter referred to as "the Service") processes relevant information during your use of the Service, to protect your privacy rights. This policy strictly complies with globally applicable data protection regulations, including but not limited to the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Swiss Federal Act on Data Protection (FADP), and other international data protection standards, to provide you with clear and transparent information processing instructions.

1. Scope and Nature of the Service

1.1 This policy applies to all users of the Service, covering all interactive behaviors you conduct through this DApp.
1.2 The Service is a decentralized application (DApp) deployed on the blockchain network, which only supports connection and access through Web3.0 wallets (including but not limited to Trust Wallet, MetaMask, OnChain, OKX Web3 Wallet, etc.), and does not provide an independent access entry for ordinary centralized browsers.
1.3 The Service is a decentralized technical service. We do not custody any of your digital assets, do not hold your wallet private keys, mnemonics or other authentication information, do not establish a centralized user account system, and do not control or manage your funds in any way.

2. Principles and Scope of Information Collection

2.1 The Service strictly follows the principles of "Minimum Necessary" and "Public Information Only", and only processes publicly available information on the blockchain, and does not actively collect any personally identifiable information that can identify you.
2.2 To ensure the normal operation of the Service, the Service only processes the following public blockchain information:
① Your blockchain wallet address: This address is a public identifier of the blockchain network and is not personally identifiable information that can directly identify you;
② On-chain transaction records, contract authorization records, strategy execution logs: All are transaction-related data that can be publicly queried on the blockchain network;
③ AI arbitrage strategy interaction data: Only necessary interaction data for the automatic operation of smart contracts, all stored on the blockchain network.
2.3 The Service undertakes never to collect, store or process any of the following information:
① Your name, phone number, email address, ID number and other personally identifiable information;
② Your wallet private key, mnemonic, account password, Keystore and other authentication and asset control information;
③ Your geographic location, address book, device identification and other privacy information irrelevant to the Service.

3. Purposes of Information Use

3.1 We only use the above public information for the following necessary service scenarios, and will not use it for any other purposes beyond the scope:
① Execute core service functions such as AI smart contracts, on-chain quantitative arbitrage, and automatic market making;
② Verify the validity of your wallet authorization and node credentials, and confirm your contract participation qualification;
③ Income settlement, automatic conversion of UNI tokens to USDT and other asset processing operations;
④ Risk control monitoring, abnormal transaction identification, contract security protection, to prevent fraud and malicious attacks.
3.2 All processing of the above information is completed on the blockchain network, will not be transmitted to any centralized server, nor will any centralized storage be performed.

4. Data Security Protection

4.1 The Service adopts a financial-level security architecture and has passed a number of international authoritative security certifications, including ISO 27001 Information Security Management System Certification, SOC2 Type II Security Audit Certification, and FedRAMP US Cloud Service Security Certification, to fully guarantee service and data security.
4.2 All data transmission between the front end and the node adopts full encryption mechanism, using AES-256 encryption algorithm and SSL transmission encryption protocol to ensure the security of data during transmission.
4.3 We regularly entrust third-party professional security agencies to conduct penetration testing and smart contract security audits, to timely discover and fix potential security vulnerabilities, and ensure the security of contracts and services.
4.4 The Service does not establish any centralized user database, will not cache, backup or retain any user-related information, all data are distributed storage and management by the blockchain network.

5. Information Sharing and Disclosure

5.1 The Service undertakes that it will not sell, share, transfer or otherwise dispose of your relevant information to any third party, and will not use the information for any commercial marketing or other unauthorized purposes.
5.2 Only in the following legal circumstances, we may disclose relevant information in accordance with the law:
① When laws and regulations, judicial organs, regulatory authorities put forward mandatory disclosure requirements in accordance with the law;
② When it is necessary to disclose within the necessary scope to prevent fraud, protect contract security, and safeguard public interests.
5.3 You expressly acknowledge that the public data of the blockchain network itself is not privacy information, any subject can query the public data on the chain by itself, and we cannot control the dissemination and use of such public information.

6. User Rights

6.1 You have the right to query your on-chain transaction records, contract status, income records and all other relevant information through the blockchain browser at any time, all information is completely transparent and queryable to you.
6.2 You have the right to disconnect the wallet connection at any time and stop using the Service without any additional procedures, your assets are completely controlled by you.
6.3 For users in the European Economic Area (EEA), you enjoy the rights granted by GDPR, including the right to access, the right to rectification, the right to data portability, etc. However, you expressly understand and agree that blockchain data has the inherent technical characteristics of being non-deletable and non-tamperable. Therefore, we cannot provide you with the "right to be forgotten" or the right to delete relevant data under GDPR, because the data is stored on the decentralized blockchain network and we cannot modify or delete the public data on the chain. You have fully known and accepted this technical limitation before using the Service.
6.4 For users in California, USA, you enjoy the rights granted by CCPA, including the right to know what personal information we collect about you, the right to request deletion of personal information, and the right to opt out of the sale of personal information. As we do not collect or sell your personal information, all relevant rights are naturally satisfied.

7. Third-Party Service Statement

7.1 The Service only provides services to you through Web3 wallets. The privacy policies and service terms of wallet service providers are formulated and responsible by themselves. We do not assume any responsibility for the information processing behavior of third-party wallets. You should review and agree to the relevant rules of wallet service providers by yourself.
7.2 The Service has a chain-based technical cooperation relationship with protocols such as Uniswap, USDT, and Ammuni. We will not share any user-related information with them, and all cooperation is based on on-chain public data and automatic execution of smart contracts.

8. Policy Updates

8.1 We reserve the right to update this Privacy Policy from time to time according to contract upgrades, compliance requirements or service adjustments. The updated policy will be published in this DApp, and the publication content will include the update date and update content.
8.2 If you continue to use the Service after the policy is updated, it means that you have fully read, understood and agreed to accept all the content of the updated Privacy Policy.

9. Contact Us

If you have any questions, comments or suggestions about this Privacy Policy, you can contact us through the official customer service channel in this DApp, we will provide you with feedback and support in a timely manner.