Privacy Policy

Effective date: 2025-08-01
Controller: Tokenback Protocol

1. What We Do

Tokenback is a discovery/community platform for apps and builders in the Plasma ecosystem. We process limited personal data to operate the Platform, improve features, combat abuse, and (where permitted) run communications.

2. Data We Collect

You provide:

Profile/handle, email (if you opt in), feedback/ratings/comments, support messages.

Automatic:

Device/OS/browser data, IP address, general location (city/region), pages/events, referral source, cookie/consent state, fraud signals.

Web3:

Wallet address(es) you connect, chain/network metadata, and on-chain transaction references you choose to surface for verification.

Third-party sources:

Analytics, anti-abuse, or identity partners (where lawful).

3. How We Use Data (Purposes & Legal Bases)

Operate the Platform (contract/legitimate interests):

Routing, listings, quests, profiles, fraud prevention, security.

Improve and personalize (legitimate interests/consent):

Debug, A/B tests, recommendation signals.

Communications (consent/legitimate interests):

Service emails; marketing only if you opt in (unsubscribe anytime).

Compliance (legal obligation/legitimate interests):

Sanctions/KYC where required; respond to lawful requests.

4. Cookies & Similar Tech

We use necessary cookies and, with consent (where required), analytics and performance cookies. See our Cookie Policy for details and to manage preferences.

5. Sharing

• Vendors/Processors (hosting, analytics, email, anti-abuse) under contracts.
• Legal & safety (if required by law or to protect rights).
• Business transfers (merger, acquisition).

We do not sell personal information in the conventional sense. In jurisdictions with a broad "sell/share" definition (e.g., CPRA), we provide a "Do Not Sell or Share My Personal Information" mechanism.

6. International Transfers

We may process data globally. Where applicable, we use approved safeguards (e.g., EU SCCs). Contact us for copies of relevant transfer mechanisms.

7. Data Retention

We keep data only as long as necessary for the purposes above, then delete or anonymize it, subject to legal retention obligations.

8. Your Rights

Depending on your region (e.g., EU/UK/EEA, California, Canada), you may have rights to access, correct, delete, restrict, object, port, or withdraw consent.

Requests: privacy@Tokenback.to. We may require verification. You can also manage cookies via the Cookie Policy and unsubscribe from emails via links provided.

9. Children

The Platform is not directed to children under 18. Do not use the Platform if you do not meet the minimum age.

10. Security

We use reasonable technical and organizational measures; no system is perfectly secure. Reach out to us on our socials.

11. Do Not Sell/Share (CPRA)

Residents of California may opt out of "sale"/"sharing" (as defined by CPRA) via [link to /do-not-sell] or the Cookie Policy.

12. Changes

We may update this policy; material changes will be highlighted with a new effective date.