Hashgreen Labs Privacy Policy

Last modified: October 4, 2023

This Privacy Policy (referred to as the "Policy") outlines the data collection, usage, and sharing practices of Universal Navigation Inc. (referred to as "Hashgreen Labs," the "Company," "we," "us," or "our") in relation to the website https://swap.hash.green/ and all our other properties, products, and services (referred to as the "Services"). By utilizing the Services, you agree to comply with this Policy, along with our Terms of Service.

1. High Level Summary

• Hashgreen Labs is a registered company headquartered in the United States that operates various products and services, including https://swap.hash.green/. We ensure compliance with applicable American laws and regulations.
• Hashgreen Protocol consists of decentralized smart contracts deployed on different Layer 1 and Layer 2 blockchains. It operates independently and is not controlled by Hashgreen Labs.
• Hashgreen Labs does not collect or store personal data, such as first name, last name, street address, date of birth, email address, or IP address.
• The data collected by Hashgreen Labs is non-identifiable and includes public on-chain data as well as limited off-chain data like device type and browser version. This data is used for enhancing our products and does not involve tracking individual users.
• We continuously explore ways to enhance consumer privacy, including implementing opt-out prompts, utilizing privacy-focused tools, and deploying proxies to anonymize network traffic.
• Users have the ability to utilize client-side privacy techniques and tools.
• Any significant changes to our privacy practices will be reflected in an updated privacy policy.

2. Data Hashgreen Labs Collects

Privacy is a core principle that drives our operations at the Company, and transparency is a fundamental value we uphold. As part of our commitment to transparency, we aim to provide clear information regarding the minimal data we collect. We do not retain user accounts, and we do not collect or store personal data such as names or internet protocol ("IP") addresses. When you engage with our Services, the only data we collect is limited to:

• Publicly-available blockchain data:

  When you connect your non-custodial blockchain wallet to our Services, we collect and log your publicly-available blockchain address. This helps us understand how you use our Services and allows us to screen your wallet for any previous illicit activity. We utilize intelligence from leading blockchain analytics providers to conduct this screening. It's important to note that blockchain addresses are publicly-available data and are not created or assigned by us or any central party. They are not personally identifying on their own.

• Information from localStorage and other tracking technologies:

  We and our third-party service providers may access and collect information from localStorage, mobile device IDs, cookies, web beacons, and similar technologies to deliver and personalize the Services for you across different sessions. This information may be used to remember tokens you import, star, or add to your shopping bag, as well as to understand your preferences, usage patterns, and interactions with our Services. Examples of the information collected through these technologies include browser type, referring/exit pages, operating system, device or browser language, and other device-related details. We analyze this data in an aggregated, collective manner to improve the user experience of our products.

• Information from other sources:

  In order to fulfill our legal obligations and prevent fraudulent or illicit activities, we may receive information about your wallet address or transactions made through our Services from our service providers.

• Survey or usability information:

  If you participate in a survey or usability study conducted by us, we will record the biographical information you provide directly (such as your name, email, and job title), along with your responses and interactions with the Services.

• Correspondence:

  Any communications or information you directly provide to us via email, customer support, social media, or other support channels (such as Twitter or Discord), as well as your participation in surveys or questionnaires, will be received and processed by us.

• Biographical information:

  When you apply for a job with us, we collect all the information provided through our Jobs form, including your name, email, phone number, work and immigration status, and any additional details included in your resume, cover letter, or free-form text.

3. How Hashgreen Labs Uses Data

We utilize the data we collect in accordance with your instructions, including any relevant terms outlined in our Terms of Service, and as mandated by law. Additionally, we may utilize the data for the following purposes:

• Service Provision:

  We employ the collected data to provide, maintain, customize, and enhance our Services, as well as the various features they offer.

• Customer Support:

  Information may be used to offer customer support and address inquiries related to the Services.

• Safety and Security:

  Data may be utilized to protect against, investigate, and prevent fraudulent, unauthorized, or unlawful activities. It may also aid in addressing security risks, resolving potential issues such as bugs, enforcing our agreements, and safeguarding our users and the Company.

• Legal Compliance:

  The information we collect may be used as necessary or as requested by regulators, government entities, and law enforcement agencies to ensure compliance with applicable laws and regulations.

• Aggregated Data:

  We may employ a portion of the collected information or access to compile aggregated data, which helps us gain insights into how users utilize the Services and identify areas where we can enhance your experience.

4. How Hashgreen Labs Shares Data

We may disclose or share the data we collect in the following circumstances:

• With Service Providers:

  We may share your information with our service providers and vendors who assist us in providing, delivering, and enhancing the Services. This includes sharing your wallet address with service providers like Infura and Cloudflare for technical infrastructure services, sharing your wallet address with blockchain analytics providers to identify and prevent financial crimes and illicit activities, and sharing your social media interactions with our analytics provider to gain insights into your engagement with us and the Services.

• Compliance with Legal Obligations:

  We may share your data in situations involving litigation, regulatory proceedings, compliance measures, and when compelled by a subpoena, court order, or other legal process. We may also disclose data if we believe it is necessary to prevent harm to our users, Company, or others, and to enforce our agreements and policies, including our Terms of Service.

• Safety and Security:

  Data may be shared to protect against, investigate, and prevent fraudulent, unauthorized, or illegal activities. This may involve addressing security risks, resolving potential security issues such as bugs, enforcing our agreements, and safeguarding the well-being of our users, Company, and ecosystem.

• Business Changes:

  In the event of a merger, acquisition, bankruptcy, dissolution, reorganization, asset or stock sale, or any other business transaction, data may be transferred or shared with another entity.

• With Your Consent:

  We may share your information when you provide us with explicit consent to do so.

We do not share your information with any third parties for marketing purposes under any circumstances.

5. Third Party Cookies

We utilize services offered by Google and other third parties that employ tracking technologies like cookies, device IDs, and localStorage to gather information about your usage of the Services and our interactions with you. You have the option to opt out of having your online activities and device data collected by these third-party services. You can do so by:

• Adjusting your browser settings to block cookies. Instructions on how to block cookies in your browser can be found in your browser settings. For more details about cookies, including information on how to view, manage, and delete cookies on your device, you can visit www.allaboutcookies.org.
• Managing or restricting the use of your advertising ID on your mobile device through the device settings.
• Utilizing privacy plug-ins or privacy-focused browsers. Certain browsers and browser extensions can be configured to block third-party cookies and trackers.
• Opting out through the platform-specific opt-out provided by Google, accessible at https://adssettings.google.com. To learn more about how Google uses your information, you can review Google's privacy policy at https://policies.google.com/privacy.
• Utilizing advertising industry opt-out tools available on each device or browser you use to access the Services. These tools can be found at http://optout.aboutads.info and http://optout.networkadvertising.org.

Please note that opting out may impact certain functionalities of the Services that rely on these tracking technologies.

6. Third-Party Links and Sites

We may incorporate technologies operated or managed by third parties into certain aspects of the Services. This could include links within the Services that direct you to websites, platforms, or other services that are not operated or controlled by us. It's important to understand that when you engage with these third parties, such as when you navigate away from our site, they may independently gather information about you and request information from you. To learn more about how these third parties collect and utilize your data, we recommend reviewing their respective privacy policies and terms.

7. Security

We have established and uphold reasonable administrative, physical, and technical security measures to safeguard data against loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. However, it is important to note that transmitting information over the internet is not entirely secure, and we cannot guarantee the security of your personal information. You are responsible for all activities conducted on the Services, including the security of your blockchain network addresses, cryptocurrency wallets, and their associated cryptographic keys.

8. Age Requirements

The Services are designed for use by individuals of general age and are not specifically targeted towards children. We do not knowingly collect personal information (as defined by the U.S. Children's Privacy Protection Act, or "COPPA") from children. If you believe that we have inadvertently obtained personal information about a child under the age of 18, please contact us at [email protected].

9. Supplementary Notification for California Residents ("CCPA Notice")

The California Consumer Privacy Act of 2018 ("CCPA") mandates that certain businesses provide a CCPA Notice to California residents, outlining how their personal information is collected, used, and shared, as well as the rights and choices available to them regarding their information.

• Privacy Practices. We do not engage in the "sale" of personal information as defined by the CCPA. Please refer to the "Sharing and Disclosure of Information" section above for more information on the parties with whom we share information.
• Privacy Rights. Under the CCPA, individuals have the right to request information about the collection, use, and sharing of their personal information. They also have the right to request a copy of their information and ask for the deletion of any personal information we may have collected. It's important to note that the CCPA imposes certain limitations on these rights, such as restricting the disclosure of certain sensitive information and specifying conditions for complying with deletion requests. We will respond to requests for information, access, and deletion to the extent that we can reasonably associate the requested information with the details provided in the request. If a request is denied, we will communicate the decision. You have the right to exercise these rights without facing discrimination.
• Submitting a Request. You can submit a request for information, access, or deletion by contacting us at [email protected].
• Identity Verification. The CCPA requires us to collect and verify the identity of individuals making requests to access or delete personal information before providing a substantive response.
• Authorized Agents. California residents can appoint an "authorized agent" to submit requests on their behalf. We will require the authorized agent to provide written authorization confirming their authority.

10. Information Disclosures for European Union Data Subjects

10-1 Purposes of Personal Data Processing

We process personal data for the purposes outlined in the "How We Use Data" section above. The legal bases for processing your data include: (i) your consent for one or more specific purposes provided to us or our service providers; (ii) processing necessary for the performance of a contract with you; (iii) processing necessary for compliance with a legal obligation; and/or (iv) processing necessary for the legitimate interests pursued by us or a third party, provided that your interests and fundamental rights and freedoms do not override those interests.

10-2 Your Rights under the General Data Protection Regulation (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

• The right to request access to and obtain a copy of your personal data.
• The right to request the rectification or erasure of your personal data.
• The right to object to or restrict the processing of your personal data.
• The right to request the portability of your personal data. Additionally, you have the right to withdraw your consent to our collection of your personal data at any time. However, please note that we cannot edit or delete information stored on a specific blockchain. Information such as transaction data, blockchain wallet addresses, and assets held by your address that may be associated with the data we collect are beyond our

10-3 Exercising Your Rights under the GDPR

To exercise any of your rights under the GDPR, please contact us at [email protected]. We may require additional information from you to process your request. Please be aware that we may retain information as necessary to fulfill the purpose for which it was collected, and we may continue to do so even after a data subject request in accordance with our legitimate interests, including but not limited to complying with legal obligations, resolving disputes, preventing fraud, and enforcing our agreements.

11. Changes to this Policy

In the event of significant updates to this Policy, we will provide notification through the Services. However, please note that your ongoing use of the Services implies that you regularly review this Policy and other terms of the Company, and signifies your consent to them.

12. Contact Hashgreen Labs

If you have any inquiries regarding this Policy or the collection, use, or sharing of your information, please reach out to us at [email protected].

We process the data we collect in accordance with your instructions, including any applicable terms outlined in our Terms of Service, as well as legal requirements. Furthermore, we may utilize the data for the following purposes:

• Service Provision: We utilize the collected data to provide, maintain, customize, and improve our Services and the various features they offer.
• Customer Support: Information may be used to provide customer support and address inquiries related to the Services.
• Safety and Security: Data may be utilized to protect against, investigate, and prevent fraudulent, unauthorized, or unlawful activities. It may also be used to address security risks, resolve potential issues such as bugs, enforce our agreements, and ensure the safety of our users and the Company.
• Legal Compliance: The information we collect may be used as required or requested by regulators, government entities, and law enforcement agencies to comply with applicable laws and regulations.
• Aggregated Data: We may utilize a portion of the collected information or access to compile aggregated data, which helps us gain insights into how users utilize the Services and identify areas where we can enhance your experience.