Privacy Policy

Effective Date: April 29, 2026

1. Introduction & Data Controller

This Privacy Policy explains how Aster Kamino Finance collects, uses, and shares your personal data when you use our website and decentralized application.

For the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws, the Data Controller is:

Maria Dos Anjos Da Rocha Guedes Matos
R. Liberato José Pereira 11
2660-179 Santo Antão do Tojal
Portugal
Email: [email protected]

2. Data We Collect

We may collect and process the following data about you:

• Blockchain Data: When you connect your wallet, we may read your public cryptographic wallet address and transaction history related to our smart contracts. This data is inherently public on the blockchain.
• Technical Data: IP addresses, browser type and version, time zone setting, operating system, and platform.
• Usage Data: Information about how you use our website (e.g., page views, clicks, interaction data).
• Contact Information (Optional): If you apply for our Beta program or contact us directly, we may collect your email address, Discord handle, or Telegram handle.

3. Legal Basis for Processing

Under GDPR Article 6, we process your data under the following lawful bases:

• Consent: When you voluntarily provide contact information for the Beta program.
• Legitimate Interests: To operate, secure, and improve our website and services, provided these interests are not overridden by your rights.
• Contractual Necessity: Where processing is necessary to provide the services you request (e.g., interacting with the dApp).

4. How We Use Your Data

We use the collected data to:

• Provide, maintain, and improve the Platform.
• Manage the Beta testing program and communicate with testers.
• Analyze usage patterns to enhance user experience.
• Detect, prevent, and address technical issues or fraudulent activity.

5. Data Sharing & Third Parties

We do not sell your personal data. We may share data with trusted third-party service providers who assist us in operating our infrastructure, conducting analytics, or providing communications. These providers are bound by strict data processing agreements.

Please note that transaction data on public blockchains is accessible to anyone and cannot be deleted or modified by us.

6. International Data Transfers

Your data may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ. We ensure appropriate safeguards are in place for such transfers in compliance with GDPR.

7. Data Retention

We retain your personal data only for as long as necessary for the purposes set out in this policy. Contact information provided for the Beta program will be deleted upon your request or when the program concludes, whichever is earlier.

8. Your Rights under GDPR

If you are a resident of the European Economic Area (EEA), you have the following rights:

• Right of Access: Request copies of your personal data.
• Right to Rectification: Request correction of inaccurate data.
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data (note: this does not apply to immutable blockchain data).
• Right to Restrict Processing: Request limits on how we use your data.
• Right to Data Portability: Request transfer of your data to another organization.
• Right to Object: Object to our processing of your data based on legitimate interests.
• Right to Withdraw Consent: Withdraw consent at any time where we rely on it to process your data.

To exercise these rights, contact us at [email protected]. You also have the right to lodge a complaint with a supervisory authority, such as the Portuguese National Data Protection Commission (CNPD).

9. Cookies and Similar Technologies

We use strictly necessary cookies to operate the website. We may also use analytics cookies to understand user behavior, subject to your consent where required by law.

10. Security Measures

We implement appropriate technical and organizational security measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

11. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children.

12. Changes to this Policy

We may update our Privacy Policy periodically. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date."

13. Contact the Data Controller

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: [email protected]