Privacy Policy

Last Updated: [January 1, 2026]

This Privacy Policy (the “Policy”) describes how personal data is collected, used, and processed in connection with access to and use of the HertzFlow user interface, websites, and related services (collectively, the “Interface”) and, where applicable, interaction with the HertzFlow decentralized protocol (the “Protocol”).

This Policy is issued by HertzFlow LTD, a business company incorporated in the British Virgin Islands (the “Company”), acting as the data controller for personal data processed in connection with the Interface, to the extent applicable under relevant data protection laws. By accessing or using the Interface, or otherwise providing information, the user acknowledges having read and understood this Policy.

1. SCOPE AND GENERAL PRINCIPLES

HertzFlow is designed as a decentralized, non-custodial protocol. The Company does not require users to create accounts, does not custody assets, and does not intentionally collect personal data beyond what is necessary to operate and secure the Interface. Blockchain data recorded on public networks is public by nature and is not controlled by the Company.

2. INFORMATION THAT MAY BE COLLECTED

2.1 Information Provided Directly

Depending on how the Interface is used, the following information may be processed:

• public blockchain wallet addresses when voluntarily connected;

• transaction identifiers and on-chain interaction data associated with such addresses; and

• contact information or content voluntarily provided through communications (e.g., support inquiries).

2.2 Information Collected Automatically

When accessing the Interface, certain technical and usage data may be collected automatically, including:

• IP-derived country or region (not precise location);

• browser type, device type, operating system, and language;

• access timestamps and pages or endpoints accessed.

This information is generally used in aggregated or anonymized form.

3. PURPOSES AND LEGAL BASES FOR PROCESSING

Personal data, where applicable, is processed for the following purposes:

• enabling access to and operation of the Interface;

• maintaining security, integrity, and abuse prevention;

• complying with legal obligations and enforcing terms;

• improving functionality and user experience through analytics.

Processing is conducted based on legitimate interests, contractual necessity, legal obligations, or user consent, as applicable under relevant laws.

4. WALLET CONNECTIONS AND THIRD-PARTY SERVICES

Use of the Interface may require connection to third-party wallet providers or services not operated or controlled by the Company. Such providers process data in accordance with their own privacy policies and terms. The Company does not control and is not responsible for the privacy practices of third-party wallets, blockchain networks, or external services.

5. COOKIES AND SIMILAR TECHNOLOGIES

The Interface may use strictly necessary cookies or similar technologies for functionality, security, and performance. These technologies are not used for advertising or profiling purposes. Continued use of the Interface constitutes acknowledgment of such use.

6. DATA SHARING

Personal data may be shared only in limited circumstances, including:

• with service providers supporting security, analytics, or infrastructure;

• with professional advisors or authorities where legally required; or

• to protect rights, users, or the integrity of the Interface.

No personal data is sold.

7. INTERNATIONAL DATA TRANSFERS

Personal data may be processed in jurisdictions outside the user’s country of residence. Where required, appropriate safeguards are implemented in accordance with applicable data protection laws.

8. DATA RETENTION

Personal data is retained only for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law.

9. USER DATA LIMITATIONS

Due to the decentralized and non-custodial nature of the Protocol and the minimal personal data processed in connection with the Interface, the Company may be unable to identify, access, modify, or delete certain data, including data permanently recorded on public blockchain networks. Where applicable data protection laws provide rights in relation to personal data, the exercise of such rights may be limited or unavailable due to:

• the technical immutability of blockchain systems;

• the absence of user accounts or identifying information; and

• legal or security obligations.

Nothing in this Policy shall be interpreted as creating obligations beyond those required under applicable law.

10. SECURITY

Reasonable technical and organizational measures are implemented to protect personal data. However, no system can guarantee absolute security, particularly when interacting with public blockchain networks.

11. CHILDREN

The Interface is not intended for individuals under the age of 18. Personal data of minors is not knowingly collected.

12. THIRD-PARTY LINKS

The Interface may contain links to third-party websites or platforms. The Company is not responsible for the privacy practices or content of such third parties.

13. POLICY UPDATES

This Policy may be updated from time to time. Updates become effective upon publication, with the “Last Updated” date revised accordingly. Continued use of the Interface constitutes acknowledgment of the updated Policy.

14. CONTACT

Questions or requests regarding this Policy may be directed to: [contact@hertzflow.xyz]