BancX Privacy Policy: A Manifesto on Data Sovereignty

Welcome to BancX. Before you read the legal specifics of this Privacy Policy, we want to share the core philosophy that guides every decision we make regarding your data.

The cryptocurrency movement was born from a desire for individual sovereignty: sovereignty over one’s money, over one’s transactions, and ultimately, over one’s own identity. In a world of pervasive surveillance capitalism, where personal data is routinely harvested, sold, and weaponized against individuals, we believe a different path is not just possible, it is necessary.

BancX is not a traditional company, and this is not a traditional privacy policy. We are building a new economic system, the BancVerse, anchored by the immutable, sound money principles of gold and the revolutionary transparency of blockchain technology. Just as our tokens, BANCX and BCCN, are architected for stability and value accrual without middlemen, our approach to your personal data is architected for minimalism and respect.

Our Core Tenets:

• Data Minimization: We adhere to the principle of collecting the absolute minimum amount of information required to provide you with a secure and functional service. If we don’t need it, we don’t ask for it.
• Transparency as a Default: We will never hide how we operate. This document is designed to be exhaustive and educational, not just a legal hurdle. We want you to understand the technology behind our services, especially where our control ends and the decentralized blockchain begins.
• You Are Not the Product: We generate value through the utility and adoption of our ecosystem, not through the exploitation of your personal information. We will never sell your personal data to third parties for advertising or any other purpose.
• Sovereignty Acknowledgment: We understand that your cryptocurrency holdings and your blockchain transactions are your business. Our role is to provide the tools for you to manage them securely, not to monitor or control them.

This document is a contract of trust. Please read it carefully.

For your convenience, here is a summary of our key commitments. However, this summary is not legally binding; the full policy below governs our practices.

• For Website Browsers: We collect minimal, anonymized data (like usage analytics) to improve our website. You can opt-out of most of this.
• For BancWall Wallet Users: Because BancWall is a custodial wallet service prioritizing enterprise-grade security, we must collect certain information to comply with global financial regulations (KYC/AML) and to secure your account. This includes identity verification data and blockchain addresses. This data is protected by Hardware Security Modules (HSMs) and stringent access controls.
• We Never Store Sensitive Keys: Your private keys for your BancWall wallet are generated and stored exclusively within certified, un-hackable Hardware Security Modules (HSMs). Our engineers never have access to them.
• Blockchain Transparency: Transactions you conduct using BANCX or BCCN are not our data. They are public, immutable records on the Polygon blockchain. We have no control over them, cannot reverse them, and cannot erase them.
• Your Rights: You have the right to access, correct, or request the deletion of the personal data we hold about you, subject to legal obligations.
• No Sale of Data: We do not and will never sell your personal data.

To fully appreciate what we do collect, it is vital to understand what we categorically do not and cannot collect. This stems from the decentralized architecture of the systems we integrate with.

• We Do NOT Collect Your Polygon Wallet Private Keys: If you interact with our smart contracts (e.g., to claim DIVS rewards) using your own non-custodial wallet (like MetaMask), your private keys are solely your responsibility. We have zero access to them or any information derived from them.
• We Do NOT Collect On-Chain Transaction Histories from Non-Custodial Wallets: Your transaction history on the Polygon blockchain is public data. However, we do not proactively scrape, monitor, or store the transaction history of wallets that are not hosted within our BancWall custodial system. Your on-chain activity, when using your own wallet, is your own private business.
• We Do NOT Collect Information from Our Smart Contracts: Our core smart contracts, including the BANCX token contract and the DIVS Management contract, are immutable and decentralized. They process transactions and calculate intrinsic value, but they do not collect or store personally identifiable information (PII). They interact with wallet addresses, which are pseudonymous identifiers.
• We Do NOT Store Your Financial Data: For fiat purchases during the ICO, we use third-party payment processors (e.g., credit card gateways, bank transfer providers). We never receive or store your full credit card number or bank account details. These are handled entirely by our compliant, PCI-DSS certified partners.

4.1. Information Collected When You Visit Our Website

When you browse https://bancx.money, we use a privacy-focused approach to analytics.

• Log Data: Like all web servers, ours automatically collects information that your browser sends. This may include your IP address, browser type and version, pages visited, time and date of visit, duration on pages, and other aggregated statistics. This data is anonymized and used for trend analysis and website performance monitoring only.
• Cookies and Tracking Technologies: See Section 11 for a detailed breakdown.

4.2. Information Collected When You Use BancWall (Our Custodial Wallet)

BancWall is a custodial wallet service, and this is our primary area of data collection, driven by: 1) providing a secure, recoverable service, and 2) legal obligations under global Anti-Money Laundering (AML) and Counter-Terrorist Financing (CFT) regulations.

• Account Information: When you create a BancWall account, we collect your name, email address, and a password to secure your account.
• Identity Verification (KYC) Information: To comply with regulations, you must verify your identity. Third-party providers may require:
  • Full Legal Name
  • Date of Birth
  • Residential Address
  • Government-Issued ID Number (e.g., Passport or SSN)
  • Photograph of your government-issued ID
  • Live selfie for liveness detection

  This data is encrypted and stored securely, used solely for identity verification and regulatory compliance.

• Blockchain Address Information: We generate and manage your public blockchain addresses on Polygon and associate them with your account to provide balance info, transaction history, and asset transfers.
• Transaction Information: We collect transaction details such as amount, recipient address, network fees, and timestamp. This enables transaction history, customer support, and regulatory reporting.
• Device and Usage Information: To prevent fraud, we collect device info including IP address, device type, OS, unique device identifiers, and mobile network info to detect suspicious login patterns.

4.3. Information Related to the Initial Coin Offering (ICO)

• Purchase Information: Amount of BANCX purchased, POL/fiat paid, wallet address for tokens, and transaction hash.
• KYC/AML Data: Full identity verification is required for ICO participation to ensure regulatory compliance.

For users in the European Economic Area (EEA), United Kingdom, and other jurisdictions with similar regulations, we process your personal data on the following legal bases:

• Performance of a Contract: Processing is necessary to perform the Terms of Service with you. This includes providing access to the BancWall wallet, processing your transactions, and offering customer support.
• Compliance with a Legal Obligation: Processing is necessary to comply with legal obligations, primarily related to financial regulations, anti-money laundering (AML), and know-your-customer (KYC) laws.
• Legitimate Interests: Processing is necessary for our legitimate interests, such as improving our website and services, marketing our products (where you may opt out), and ensuring the security of our systems and users. We always balance our interests against your privacy rights.
• Consent: In limited cases, we may ask for your consent to process data, for example for non-essential marketing communications. You can withdraw your consent at any time.

We use the information we collect for the following purposes:

• To create, maintain, and secure your account.
• To verify your identity and comply with global financial regulations.
• To process your transactions and send you confirmations.
• To provide customer support and respond to your inquiries.
• To develop, improve, optimize, and personalize our services.
• To communicate with you about product updates, security alerts, and administrative messages.
• To detect, prevent, and mitigate fraud, security breaches, and other potentially prohibited or illegal activities.
• To enforce our Terms of Service and other policies.

We do not sell your personal information. We only share it in the following limited circumstances:

• Service Providers: We share information with trusted third-party vendors who perform services on our behalf. These include:
  • Identity Verification Providers: Companies like Jumio or Onfido that conduct KYC/AML checks.
  • Payment Processors: Companies that handle fiat currency transactions.
  • Cloud Storage & Hosting Providers: Companies like AWS that host our infrastructure (all data is encrypted at rest and in transit).
  • Analytics Providers: Privacy-focused services like Plausible Analytics or self-hosted Matomo for website analytics.
  • Customer Support Platforms: Systems like Zendesk to manage your support tickets.

  These vendors are contractually bound to use your information only for the services we request and to protect it to the same standard we do.

• Compliance with Laws and Law Enforcement: We may disclose your information to government or law enforcement officials if necessary to:
  • Comply with a valid legal request, subpoena, or warrant.
  • Protect our rights, property, or safety, or that of our users or the public.
  • Investigate potential violations of our Terms of Service or illegal activities.
• Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or similar event, your information may be transferred to our successor or assignee, subject to the promises made in this policy.

BancX operates globally. Your personal information may be transferred to, stored, and processed in countries other than your own, including the United States, where our servers and primary facilities are located. These countries may have data protection laws that are different from those of your country.

Whenever we transfer your information outside of the EEA or UK, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, such as:

• Standard Contractual Clauses (SCCs): We use European Commission-approved contracts with our providers that give personal data the same protection it has in Europe.
• Provider Certifications: We use providers who participate in adequacy frameworks like the EU-US Data Privacy Framework (DPF).

We retain your personal information only for as long as is necessary to fulfill the purposes we collected it for, including to satisfy any legal, regulatory, accounting, or reporting requirements.

• KYC Data: We are required by law to retain identity verification data and transaction records for a minimum of five (5) to seven (7) years after your account is closed or after you cease to be a customer, depending on the specific jurisdiction.
• Account Information: We retain the information associated with your BancWall account for the duration of your active account life, plus the legally mandated period thereafter for financial records.
• Website Analytics Data: Aggregated, anonymized data may be retained indefinitely to analyze long-term trends.

Upon expiration of the retention period, or if you request account deletion (where permissible by law), we will securely delete or anonymize your personal information.

Depending on your location, you may have the following rights regarding your personal data:

• Right of Access: The right to request copies of the personal data we hold about you.
• Right to Rectification: The right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• Right to Erasure ("Right to be Forgotten"): The right to request that we erase your personal data, under certain conditions. Please note: This right is limited by our legal obligations to retain financial data for specified periods.
• Right to Restrict Processing: The right to request that we restrict the processing of your personal data, under certain conditions.
• Right to Data Portability: The right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
• Right to Object to Processing: The right to object to our processing of your personal data, under certain conditions.
• Rights in Relation to Automated Decision Making: The right not to be subject to a decision based solely on automated processing, including profiling.

To exercise any of these rights, please contact us at support@bancx.money. We will respond to all legitimate requests within one month. We may need to request specific information from you to help us confirm your identity before processing your request.

Our website uses cookies to distinguish you from other users. This helps us provide you with a good experience and allows us to improve our site.

• Strictly Necessary Cookies: These are essential for the website to function and cannot be switched off. They are usually only set in response to actions you take, such as setting your privacy preferences or logging in.
• Performance Cookies: These allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us know which pages are popular and how visitors move around the site. All information these cookies collect is aggregated and anonymous. We use privacy-first, self-hosted analytics to minimize third-party data sharing.
• Functionality Cookies: These enable the website to provide enhanced functionality and personalization.
• Targeting Cookies: These cookies may be set through our site by our advertising partners. They may be used to build a profile of your interests and show you relevant ads on other sites. We currently do not use any third-party advertising or targeting cookies on our website.

You can set your browser to block all cookies, but some parts of our site may not work as a result.

We implement a multi-layered, state-of-the-art security architecture to protect your information.

• Hardware Security Modules (HSMs): Your wallet's private keys are generated, stored, and used exclusively within FIPS 140-2 Level 3 certified HSMs. These physical, tamper-resistant devices cannot be hacked remotely.
• Encryption: All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption.
• Multi-Signature Cold Storage: The majority of user funds are held in multi-signature cold wallets, requiring multiple authorized approvals to move assets.
• Access Control: Strict role-based access ensures employees only access data necessary for their roles.
• SOC 2 Compliance: Systems and processes meet SOC 2 Type II standards for security and availability.
• Insurance: Comprehensive insurance protects against potential losses.

This is a critical section that underscores the core of web3 privacy.

When interacting with BancX smart contracts or transferring BANCX/BCCN tokens between non-custodial wallets, you are directly engaging with the decentralized Polygon blockchain.

• Public and Immutable Ledger: The Polygon blockchain is a public ledger. All transactions are recorded, visible to anyone, and cannot be altered or erased. This is a fundamental feature of blockchain technology, not a bug.
• Pseudonymity, Not Anonymity: Transactions are tied to public wallet addresses, which are pseudonymous identifiers. While these addresses are not directly linked to your real-world identity by the blockchain itself, sophisticated analysis can sometimes de-anonymize users.
• BancX Has No Control: BancX (the company) has no control over, cannot reverse, cannot censor, and cannot privacy-shield any transaction that is confirmed on the Polygon network. The network is operated by a global, decentralized set of validators. Any issues pertaining to network congestion, transaction finality, or protocol-level changes are entirely outside of our control.
• Your Responsibility: When using non-custodial wallets, the security of your funds and the privacy of your transaction history are your responsibility. You must take care to avoid revealing your public addresses in ways that could link them to your identity if you wish to remain pseudonymous.

Our website and services may contain links to third-party websites, plug-ins, and services (e.g., the Polygon block explorer, news articles). Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We encourage you to read the privacy policy of every website you visit.

Our services are not intended for individuals under the age of 18 ("Children"). We do not knowingly collect personal information from children. If you are a parent or guardian and you are aware that your Child has provided us with personal information, please contact us. If we become aware that we have collected personal information from a Child without verification of parental consent, we take steps to remove that information from our servers.

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we may also provide additional notice (such as adding a statement on our website homepage or sending you a notification through BancWall).

If you have any questions about this Privacy Policy, your data rights, or our practices, please do not hesitate to contact us at:

support@bancx.money

• Blockchain: A decentralized, distributed digital ledger that records transactions across many computers in such a way that the registered transactions cannot be altered retroactively.
• Custodial Wallet: A wallet where a third party (like BancX) holds and manages the private keys on behalf of the user. This offers easier recovery but requires trust in the custodian.
• Non-Custodial Wallet: A wallet where the user holds and manages their own private keys. This offers full control and sovereignty but places the burden of security and recovery entirely on the user.
• Hardware Security Module (HSM): A physical computing device that safeguards and manages digital keys for strong authentication and provides crypto-processing.
• KYC/AML: Know Your Customer and Anti-Money Laundering. Regulatory processes that require financial services to verify the identity of their clients and monitor for suspicious activities.
• Personal Data (Personal Information): Any information that relates to an identified or identifiable individual.
• Polygon: A decentralized Ethereum scaling platform that enables fast, low-cost transactions with finality on a secure Layer 2 sidechain.
• Private Key: A sophisticated form of cryptography that allows a user to access their cryptocurrency. It is a secret number that proves ownership and is used to sign transactions.
• Public Address (Wallet Address): A publicly shareable identifier, derived from a private key, that others can use to send cryptocurrency to a wallet.
• Smart Contract: Self-executing contracts with the terms of the agreement directly written into code, deployed on a blockchain.