Privacy Policy

1

Introduction

Welcome to UNP Wallet ("Application", "we", "us", or "our"), a digital wallet application developed and operated by ElyonGames LTD, a company incorporated in England and Wales with its registered office in London, United Kingdom.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile and web application. We respect your privacy and are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable international data protection laws.

Please read this Privacy Policy carefully. By accessing or using UNP Wallet, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy.

2

Who We Are

UNP Wallet is operated by ElyonGames LTD, the data controller for the purposes of applicable data protection legislation.

Company Name: ElyonGames LTD
Registered Address: London, United Kingdom
Contact Email: info@unipolychain.com
Data Protection Officer: privacy@unipolychain.com

As the Data Controller, we determine the purposes and means of processing personal data collected through UNP Wallet.

3

Information We Collect

We collect and process the following categories of information to provide, maintain, and improve our services:

3.1 Information You Provide

Account Information: Email address, username, and encrypted authentication credentials
Wallet Data: Public wallet addresses and blockchain transaction data (publicly available on-chain)
Communication Data: Messages and correspondence when you contact our support team
Preference Data: Language settings, display theme, auto-lock timer, notification preferences

3.2 Information Collected Automatically

Device Information: Device model, operating system version, unique device identifiers, and mobile network data
Usage Data: Pages visited, features used, time and date of access, and interaction patterns
Log Data: IP address (anonymised), browser type, access times, and referring URLs
Push Notification Tokens: Device tokens for delivering notifications (with your explicit consent)

3.3 Information We Do NOT Collect

Your private keys, seed phrases, and passwords are never transmitted to or stored on our servers. All sensitive cryptographic material is stored locally on your device using industry-standard secure storage mechanisms.

4

How We Use Your Information

We process your data for the following purposes:

Service Delivery: To provide, operate, and maintain the UNP Wallet application and its features
Transaction Processing: To facilitate blockchain transactions, staking, bridging, and exchange operations
Account Security: To authenticate your identity, detect fraud, and protect against unauthorised access
Push Notifications: To send transaction confirmations, security alerts, and important account updates
Service Improvement: To analyse usage patterns and improve user experience (using aggregated, anonymised data)
Customer Support: To respond to enquiries, resolve issues, and provide technical assistance
Legal Compliance: To comply with applicable laws, regulations, and lawful governmental requests
NFC Card Services: To link and manage NFC payment cards associated with your account

5

Legal Basis for Processing (GDPR)

Under the UK GDPR and Data Protection Act 2018, we rely on the following legal bases to process your personal data:

Contractual Necessity (Article 6(1)(b)): Processing necessary to perform our contract with you (providing wallet services)
Legitimate Interests (Article 6(1)(f)): To improve our services, ensure security, and prevent fraud — balanced against your fundamental rights
Consent (Article 6(1)(a)): Where you have given explicit consent, such as for push notifications and marketing communications
Legal Obligation (Article 6(1)(c)): To comply with applicable UK and EU laws and regulations

You may withdraw your consent at any time without affecting the lawfulness of processing carried out prior to withdrawal. To withdraw consent, update your settings within the app or contact us directly.

6

Data Security

We implement robust technical and organisational measures to protect your personal data:

End-to-End Encryption: All data transmitted between your device and our servers is encrypted using TLS 1.3
Biometric Authentication: Face ID / Touch ID support for secure, convenient access
Secure Local Storage: Sensitive data (private keys, seed phrases) stored exclusively on-device using hardware-backed keystores
Auto-Lock Protection: Configurable inactivity timeout to prevent unauthorised access
Zero-Knowledge Architecture: We cannot access your private keys or seed phrases — you are the sole custodian
Regular Security Audits: Periodic security assessments and penetration testing of our infrastructure
Access Controls: Strict internal access controls and role-based permissions for our team members

While we strive to use commercially acceptable means to protect your data, no method of transmission or electronic storage is 100% secure. We encourage you to keep your seed phrase backed up safely and never share it with anyone.

7

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy:

Account Data: Retained while your account is active and for 30 days following account deletion
Transaction Records: Blockchain transactions are immutable and permanently recorded on the public ledger
Communication Records: Support correspondence retained for up to 24 months
Usage Analytics: Aggregated, anonymised analytics data may be retained indefinitely
Legal Requirements: Data may be retained longer where required by applicable law or regulation

8

Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

Right of Access (Article 15): Request a copy of the personal data we hold about you
Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten")
Right to Restrict Processing (Article 18): Request limitation of how we process your data
Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format
Right to Object (Article 21): Object to processing based on legitimate interests or direct marketing
Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
Right to Lodge a Complaint: File a complaint with the Information Commissioner's Office (ICO) at ico.org.uk

To exercise any of these rights, please contact us at privacy@unipolychain.com. We will respond to your request within 30 days as required by law.

9

Cookies & Tracking Technologies

Our web application may use cookies and similar tracking technologies to enhance your experience:

Essential Cookies: Required for core functionality such as authentication and session management
Preference Cookies: Store your settings such as theme preference, language, and auto-lock timer
Analytics Cookies: Help us understand how users interact with our application (anonymised)

Our mobile application does not use traditional browser cookies. We use local storage on your device to store preferences and session data.

You can control cookie settings through your browser preferences. Disabling essential cookies may affect the functionality of the web application.

10

Third-Party Services

We may share limited data with trusted third-party service providers who assist in operating our application:

Cloud Infrastructure: Microsoft Azure for secure hosting and data processing
Blockchain Networks: BSC (Binance Smart Chain) for on-chain transaction processing
Push Notifications: OneSignal for delivering push notifications to your device
Analytics: Anonymised usage metrics to improve service quality

All third-party services are contractually bound to protect your data and are only permitted to process data on our behalf and in accordance with our instructions. We do not sell your personal data to any third party.

11

International Data Transfers

As a UK-based company, your data may be processed in the European Economic Area (EEA) and other jurisdictions where our infrastructure providers operate. Where data is transferred outside the UK:

We ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the ICO
Transfers to adequacy countries as determined by the UK Secretary of State for Digital, Culture, Media and Sport
We conduct Transfer Impact Assessments where required

12

Children's Privacy

UNP Wallet is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that a child under 18 has provided us with personal data, we will take immediate steps to delete such information. If you believe a child has provided us with their data, please contact us at privacy@unipolychain.com.

13

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes to our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

Posting the updated policy within the application
Sending a push notification or email about significant changes
Updating the "Last Updated" date at the top of this policy

We encourage you to review this Privacy Policy periodically. Your continued use of UNP Wallet after changes are posted constitutes acceptance of the modified policy.

14

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: