1. Who We Are
ARX ("ARX", "we", "us") operates the website at arx.trade (the "Site") and related services. For the purposes of the EU General Data Protection Regulation (GDPR) and the UK GDPR, ARX is the data controller for personal data processed through the Site.
If you have any questions about this Policy or your data, contact us at support@arx.trade.
2. Data We Collect
We collect only the data we need to operate the Site and prepare for launch.
| Category | Examples | Source |
|---|---|---|
| Contact data | Email address, referral code | You, via the waitlist form |
| Wallet data | Public wallet address (optional) | You, via the waitlist form |
| Technical data | IP address, browser type, device type, OS, screen size | Automatically, via server logs and cookies |
| Usage data | Pages viewed, referrer URL, time on page, clicks | Automatically, via analytics |
| Communications | Messages you send to us via email or social channels | You |
We do not knowingly collect data from children under 18. We do not collect government identifiers, passport numbers, or payment-card data.
3. How We Use Your Data and Lawful Basis
Under GDPR, we process personal data only where we have a lawful basis:
- Contract / pre-contract (Art. 6(1)(b)): to register you on the waitlist, send launch notifications, and later provide the Services.
- Legitimate interests (Art. 6(1)(f)): to secure the Site against fraud and abuse, measure traffic, diagnose technical problems, and improve the product.
- Consent (Art. 6(1)(a)): for non-essential cookies and optional marketing communications. You may withdraw consent at any time.
- Legal obligation (Art. 6(1)(c)): to comply with sanctions, anti-money-laundering, and other laws that apply to us.
4. Cookies and Similar Technologies
We use a small number of cookies and local-storage keys:
- Strictly necessary: keep the Site functional (e.g. CSRF protection, session continuity). Cannot be disabled.
- Analytics: count unique visitors and measure traffic patterns. May be disabled in your browser.
- Preferences: remember your consent choices and UI preferences.
You can block or delete cookies through your browser settings. Doing so may affect Site functionality.
5. Third-Party Processors
We share limited personal data with service providers who process it on our behalf under written data-processing agreements. Current and anticipated processors include:
- Hosting and CDN: GitHub Pages, Cloudflare (if applicable) — to serve the Site.
- Email delivery: transactional-email provider (TBD) — to send waitlist confirmations and launch notifications.
- Analytics: Google Analytics or a privacy-preserving equivalent — to measure traffic.
- Search and indexing: Google Search Console — to monitor search performance (aggregated, not user-level).
We do not sell personal data, and we do not share it with third parties for their independent marketing.
6. International Transfers
Our processors may store data in the United States, the European Union, and other jurisdictions. Where personal data is transferred out of the EEA or UK, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, or on the adequacy decisions that apply to the destination country.
7. Data Retention
We retain personal data only as long as needed for the purposes described in this Policy:
- Waitlist email and wallet address: until you unsubscribe or request deletion, or until launch plus 24 months.
- Server logs: up to 90 days.
- Analytics data: up to 26 months, aggregated thereafter.
8. Your Rights
If you are in the EEA, UK, or a comparable jurisdiction, you have the right to:
- Access the personal data we hold about you;
- Rectify inaccurate or incomplete data;
- Erase your data ("right to be forgotten"), subject to our legal retention obligations;
- Restrict or object to processing based on legitimate interests;
- Data portability — receive your data in a structured, machine-readable format;
- Withdraw consent at any time, without affecting the lawfulness of prior processing;
- Lodge a complaint with your local data-protection authority.
To exercise any of these rights, email support@arx.trade. We will respond within 30 days.
9. Security
We use industry-standard measures to protect personal data, including TLS encryption in transit, access controls, and least-privilege administration. No system is perfectly secure, however, and we cannot guarantee absolute protection against unauthorized access.
10. On-Chain Data
If you interact with the Services on a public blockchain, your wallet address and transaction history are recorded on that blockchain and are publicly visible and permanent. We have no control over this data and cannot delete it. You should understand the privacy implications of on-chain activity before using any wallet.
11. Changes
We may update this Policy from time to time. Material changes will be announced on the Site and, where appropriate, by email. The "Last updated" date at the top of this page reflects the most recent revision.
12. Contact
Questions, requests, or complaints? Contact support@arx.trade.