1. Introduction
x2 Tech Labs Limited ("we," "us," or "our") is building a decentralized asset management platform powered by third-party multi-party computation (MPC) technology. Our platform enables secure, transparent, and decentralized management of digital assets, designed to meet the needs of individuals, teams, and institutions who prioritize security and control. We are committed to safeguarding your privacy and ensuring that your personal data is handled responsibly in compliance with global privacy standards.
2. Company InformationLegal Name: x2 Tech Labs Limited
Registered Address:
Unit GV-00-10-07-OF-02
Level 7, Gate Village Building 10
Dubai International Financial Centre
Dubai, United Arab Emirates
3. The BlockchainBlockchain technology, also known as distributed ledger technology (or simply "DLT"), is at the core of our business. Blockchains are decentralized and consist of digitally recorded data in a chain of packages called "blocks." These blocks are linked chronologically, making the data very difficult to alter once recorded. Since the ledger may be distributed globally across several "nodes" that replicate the ledger, there is no single entity making decisions or administering the system, and there is no centralized location.By design, a blockchain's records cannot be changed or deleted and are considered "immutable." This may affect your ability to exercise certain rights, such as the right to erasure ("right to be forgotten") or rights to object or restrict processing of your personal data. Data on the blockchain cannot be erased or changed. While smart contracts may be used to revoke certain access rights and some content may become invisible to others, it is not deleted.In certain circumstances, to comply with our contractual obligations to you, it may be necessary to write certain personal data, such as your wallet address, onto the blockchain. This requires you to execute such transactions using your wallet's private key.In most cases, the decisions to:Transact on the blockchain using your wallet address.Share the public key relating to your wallet address with anyone (including us).rest with you.
If you want to ensure your privacy rights are not affected in any way, you should not transact on blockchains, as certain rights may not be fully available or exercisable by you or us due to the technological infrastructure of the blockchain. The blockchain is available to the public, and any personal data shared on the blockchain will become publicly available.
4. Individuals Under the Age of 18
Individuals under the age of 18 are not permitted to use the Services. We do not knowingly collect, solicit, or maintain personal data from anyone under the age of 18 or knowingly allow such persons to register for the Services.If we learn that we have collected personal data from an individual under age 18, we will use commercially reasonable efforts to delete that information from our database. If you are a parent or guardian and you are aware that your child has provided personal data to the Services, please contact us so that we may remove such data. Note that we cannot delete information stored on public cryptographic blockchains.
5. Data We Collect
5.1 Information and Content You ProvideWe collect the content, communications, and other information you provide when you use our Services, including when you:
Initiate the Use of the Services: Information you provide during onboarding, such as your email address if you use email onboarding.
Create or Share Content: Workspace data, including usernames, workspace names, account names, policy names, and similar information you enter directly.
Communicate with Others: Any messages or communications you send through our Services.
5.2 Your UsageWe collect information about how you use our Services, such as:
Interactions with Content: The types of content you view or engage with; the features you use; the actions you take.
Activity Information: The time, frequency, and duration of your activities.
5.3 Information About Transactions Made on Our ServicesIf you use our Services for transactions of any kind, we collect information about them, including:
Transaction Details: Addresses of externally owned accounts, transactions made, token balances.
Blockchain Data: Interactions with blockchain networks are public and stored on-chain.
5.4 Information Others Provide About You
We also receive and analyze content, communications, and information that other people provide when they use our Services.
6. Cookies and Tracking Technologies
We, and our partners, use cookies and similar technologies to give you the best possible content and experience.
6.1 Types of Cookies We UseEssential Cookies: Necessary for the operation of our Services.
Analytics Cookies: Help us understand how our Services are being used, allowing us to improve them.
Preference Cookies: Remember your preferences and settings.
Marketing Cookies: Used to deliver advertisements relevant to you and your interests.
6.2 Your ChoicesCookie Consent Banner: Upon your first visit, you will see a cookie consent banner that allows you to accept or refuse non-essential cookies.
Browser Settings: You can manage your cookie preferences through your browser settings. However, disabling certain cookies may affect the functionality of the Services.
Opt-Out Options: For third-party cookies used for interest-based advertising, you may opt-out through industry websites like the Network Advertising Initiative's opt-out page.
7. Device InformationWe collect information from and about the computers, phones, and other web-connected devices you use that interact with our Services, and we combine this information across different devices you use.
Information we obtain from these devices includes:
Device Attributes: Operating system, hardware and software versions, browser type, and plugins.
Device Operations: Information about operations and behaviors performed on the device.
Identifiers: Unique device identifiers and other identifiers.
Data from Device Settings: Information you allow us to receive through device settings you turn on, such as access to your GPS location or camera.
Network and Connections: Mobile operator or ISP, language, time zone, IP address, and connection speed.
Cookie Data: Data from cookies stored on your device, including cookie IDs and settings.
Push Notifications: If you enable push notifications, we collect information necessary to enable such notifications. You can opt out at any time through your device settings.
8. Information from PartnersWe use third-party services such as Grafana, Loki, and Porter to gather information about the computers and devices that connect to our Services. These services may collect information such as:
How often users visit the site.
What pages they visit.
What other sites they used prior to coming to the site.
We use the information we get from these services solely to improve the Services.
9. How We Use Your Personal DataWe use the information we have (subject to choices you make) as described below and to provide and support the Services.
9.1 Provide, Personalize, and Improve Our Services
Personalize Features and Content: Tailor the Services to your needs.
Cross-Device Information: Connect information about your activities on different devices for a consistent experience.
Location Information: Use location-related information to personalize and improve our Services.
Research and Development: Develop, test, and improve our Services by conducting surveys and research.
9.2 Provide Measurement, Analytics, and Business ServicesWe use the information we have to understand how people use our Services, which helps us improve them.
9.3 Promote Safety, Integrity, and SecurityWe use the information to:Verify accounts and activity.Combat harmful conduct.Detect and prevent spam.Promote safety and security.
9.4 Communicate with YouWe use your information to:Send service-related communications.Inform you about our policies and terms.Respond to you when you contact us.
10. Third-Party Data CollectionThird parties may collect or receive certain information about you and your use of the Services to provide content, functionality, or to measure and analyze performance in or through the Services.
11. RetentionWe retain your personal data only as long as necessary to fulfill the purposes we collected it for, including:
Legal Obligations: To comply with legal requirements.
Business Purposes: For legitimate business interests, such as improving our Services.
Dispute Resolution: To resolve disputes or enforce our agreements.To request that information collected about you be deleted, please contact us at the email provided in this policy. A valid request must include sufficient information to identify your personal data. Note that we cannot delete information stored on public cryptographic blockchains.
12. Sharing
We do not sell your personal data to third parties. We may share your data with:
Service Providers: Such as Grafana, Loki, and Porter for analytics, infrastructure, and service improvement purposes. These providers are contractually obligated to protect your data and use it only for specified purposes.
Blockchain Networks: Any transactions you perform may be stored publicly on the blockchain.
Legal Requirements: We may disclose your personal data if required by law, regulation, or legal process.
13. Security
We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorized way, altered, or disclosed. Access to your personal data is limited to employees, agents, contractors, and other third parties who have a business need to know and are subject to confidentiality obligations.We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator where we are legally required to do so.
14. ContactIf you have comments or questions about the privacy policies of the Services, contact us at:
x2 Tech Labs Limited
Unit GV-00-10-07-OF-02
Level 7, Gate Village Building 10
Dubai International Financial Centre
Dubai, United Arab Emirates
Email: privacy@x2techlabs.com
15. ChangesWe may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.
16. California Privacy Rights (CCPA Addendum)
ComplianceWe comply with the California Consumer Privacy Act (CCPA) and its regulations.
Your Rights Under the CCPA
California residents have specific rights regarding their personal information:
Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected.
Right to Delete: Request deletion of your personal information, subject to certain exceptions.
Right to Opt-Out: Right to direct us not to sell your personal information. We do not sell personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
How to Exercise Your RightsTo exercise the rights described above, please submit a verifiable consumer request by:
Email: privacy@x2techlabs.com
Mail: Send a written request to our address provided in the "Contact" section.We may need to verify your identity before processing your request.
Information We Collect
We collect the following categories of personal information:
Identifiers: Name, email address, IP address, and online identifiers.
Internet Activity: Browsing history, search history, interactions with our Services.
Geolocation Data: If you choose to provide it.We have not sold any personal information in the preceding 12 months.
ProhibitionsWe will not:Sell personal information collected from consumers covered by the CCPA.Retain, use, or disclose such information for any purpose other than performing the Services.Retain, use, or disclose such information outside of our direct business relationship with you.
CertificationWe understand the restrictions in the Prohibitions and will comply with them.
MinimizationWe agree to limit the use of personal information covered by the CCPA to what is reasonably necessary to provide the Services.
SubcontractingWe ensure that each subcontractor processing your information also qualifies as a "service provider" under the CCPA.
ConflictsIf the terms of this addendum conflict with the Terms of Service or Privacy Policy, the terms of this addendum take precedence.
17. European Union Privacy Rights (GDPR / EU Addendum)Legal Basis for ProcessingWe process your personal data on the following legal bases:
Contractual Necessity: To perform our contract with you or take steps at your request before entering into a contract.
Legitimate Interests: For our legitimate business interests, provided your rights are not overridden.
Consent: Where you have provided explicit consent.
Legal Obligation: To comply with legal obligations.
Transferring Your Data Outside of the EUYour data may be transferred to and stored in countries outside the European Economic Area (EEA), including the United States. We ensure appropriate safeguards are in place:
Standard Contractual Clauses: We use European Commission-approved clauses for data transfers.
Third-Party Compliance: Our service providers comply with GDPR requirements for international data transfers.
Your Rights as a Data SubjectYou have the following rights under GDPR:
Right to Access: Request access to your personal data.
Right to Rectification: Request correction of inaccurate data.
Right to Erasure: Request deletion of your data, subject to certain exceptions.
Right to Restrict Processing: Request restriction of processing under certain circumstances.
Right to Object: Object to processing based on legitimate interests.
Right to Data Portability: Receive your data in a structured, commonly used format.
Right to Withdraw Consent: Withdraw consent where processing is based on consent.
Right to Lodge a Complaint: Lodge a complaint with a supervisory authority.
How to Exercise Your RightsTo exercise these rights, please contact us at:
Email: privacy@x2techlabs.comWe may need to verify your identity before processing your request.
Automated Decision-MakingWe do not use automated decision-making processes that produce legal effects or similarly significant effects concerning you.
Contact
x2 Tech Labs Limited
Unit GV-00-10-07-OF-02
Level 7, Gate Village Building 10
Dubai International Financial Centre
Dubai, United Arab Emirates
Email: privacy@x2techlabs.com
Raising a ComplaintIf you have concerns about our data processing practices, you have the right to lodge a complaint with your local data protection authority.
18. International UsersOur Services are available worldwide. By using our Services, you consent to the processing and transfer of your personal data in accordance with this Privacy Policy, regardless of your location.
19. Consent MechanismsBy accessing or using our Services, you consent to the collection and use of your personal data as described in this Privacy Policy. Where required by law, we will obtain your explicit consent for certain processing activities, such as the use of non-essential cookies or marketing communications.
20. Data Protection OfficerWe have appointed a Data Protection Officer (DPO) to oversee compliance with this Privacy Policy. If you have any questions about this policy or how we handle your personal data, please contact:
Data Protection OfficerEmail: dpo@x2techlabs.com