Privacy Policy

This Policy applies to your use of EUREKA's website, App, web/desktop client, API, and related services (collectively, the "Services").

1. Information We Collect

We follow a data minimization principle and only collect data necessary to provide and improve the Services.

1.1 Information You Provide Voluntarily

• Account details (e.g., email, nickname when registering via email/third-party login)
• Feedback and support information (issue description, screenshots, contact details)
• Optional marketing/subscription preferences (e.g., marketing email opt-in, price alert keywords)

1.2 Information Generated Automatically When You Use the Services

• Device and system info: device model, OS version, language, time zone, app version, crash logs
• Basic usage metrics (de-identified/aggregated): feature clicks, page dwell time, performance metrics

Note: Telemetry is minimized by default; you may disable/limit it in Settings.

1.3 Public Blockchain Information

Public on-chain data such as blockchain addresses, transaction hashes, UTXOs, and Ordinals/rare satoshi identifiers.

We do not proactively link these addresses to real-world identities; however, please note that anyone can view public data on the blockchain.

1.4 Sensitive Information We Do Not Collect/Store

• Private keys, mnemonics, plaintext signatures, PIN/password (generated and stored only on your local device)
• Biometric data (face/fingerprint). If used for device/app unlock, processing occurs only locally via the system's secure module.

2. How We Use Information (Purposes of Processing)

• Provide and maintain the Services: core functionality, bug fixes, compatibility and security updates
• Identify and display rare satoshi information: matching and visualization based on public on-chain data
• Security and risk control: anomaly detection, anti-abuse, anti-phishing alerts
• Improvements and analytics: aggregated analysis of usage trends to optimize experience and performance
• Communications and support: customer support, announcements, and necessary notices
• Regulatory compliance: fulfilling disclosure obligations where required by law/regulation

No commercialization of personal data: We do not sell or rent your personal information.

3. Legal Bases for Processing (GDPR Reference)

• Performance of a contract (Art. 6(1)(b)): provision of the Services to you
• Legitimate interests (Art. 6(1)(f)): security protection, anti-abuse, basic analytics
• Consent (Art. 6(1)(a)): optional telemetry/marketing subscriptions (you may withdraw consent at any time)
• Legal obligation (Art. 6(1)(c)): government/regulatory compliance (if applicable)

4. Cookies / SDKs / Analytics Tools

The website may use strictly necessary cookies (login state, language preferences) and analytics cookies enabled with your consent.

The App/Web may integrate crash/performance SDKs (e.g., Sentry/Firebase/custom), by default collecting de-identified/aggregated information only.

You can disable analytics/marketing cookies or SDKs in Settings → Privacy (strictly necessary cookies cannot be disabled).

5. When We Share Information

We share only the minimum necessary information under the following circumstances:

• Infrastructure/cloud providers (hosting website/logs/CDN)
• Analytics/crash reporting providers (aggregated or de-identified data only)
• Legal compliance: to fulfill regulatory or judicial requirements in accordance with law
• Business transactions: in the event of merger/acquisition/asset transfer, subject to legal requirements

We sign Data Processing Agreements (DPAs) with our service providers and require them to process data only under our instructions.

6. International Data Transfers

If cross-border transfers are required (e.g., accessing overseas servers from Japan/EEA): We will adopt Standard Contractual Clauses (SCCs), necessity assessments, and encryption and other safeguards to ensure data security and lawfulness.

7. Data Retention

• Account data: retained for the duration of your account and no longer than necessary; upon account deletion, retained or deleted/anonymized as required for compliance
• Support tickets: deleted or anonymized within 6–24 months after resolution
• Telemetry and logs: retained 3–12 months with aggregation/anonymization
• Public blockchain data: permanently stored by blockchain networks and not directly controlled by us

8. Your Rights (APPI / GDPR / CCPA)

• Access, rectify, and delete your personal information
• Restrict or object to processing (where processing is based on legitimate interests)
• Data portability (in a structured, commonly used, machine-readable format)
• Withdraw consent: you may withdraw consent for optional telemetry/marketing at any time
• Not to be sold: we do not sell your personal information (CCPA "Do Not Sell/Share" baseline satisfied)
• Complaint and supervisory remedies: you may lodge a complaint with your local data protection authority

9. Your Choices and Controls

• Local encryption: we recommend enabling device-level encryption and system biometric unlock
• Offline backups: securely back up your mnemonics/private keys (we cannot recover them)

10. Security Measures

• Encryption in transit and at rest (HTTPS/database encryption/key separation)
• Access controls with least-privilege principle, audit logs
• Vulnerability response and incident plans; third-party penetration testing (periodic/as needed)

11. Minors

Our Services are intended for adults. If you are under 18 years old, please use the Services only with guardian involvement or discontinue use and contact us to delete related information.

12. Third-Party Websites and Services

The Services may contain links to third-party websites/protocols/marketplaces. Their privacy practices are solely their responsibility; please review their privacy policies before use.

13. Changes to This Policy

We may update this Policy due to business, legal, or technical reasons. Material changes will be communicated via the website/in-app notices. Your continued use after updates constitutes acceptance of the revised Policy.

14. Contact Us (Data Protection Contact)

Email: satigold2025@gmail.com