Data Processing Agreement

Last Updated: November 2025

This Data Processing Agreement ("DPA") forms part of WalletHound's Privacy Policy and Terms of Service. It describes how we process personal data in compliance with applicable data protection laws, including GDPR and other privacy regulations.

1. Definitions

For the purposes of this DPA:

• Personal Data: Any information relating to an identified or identifiable natural person
• Processing: Any operation performed on personal data, including collection, storage, use, or disclosure
• Controller: The entity that determines the purposes and means of processing personal data
• Processor: The entity that processes personal data on behalf of the controller
• Data Subject: The individual to whom the personal data relates

2. Scope of Processing

WalletHound acts as a data controller for the personal data you provide when using our services. We process your personal data to:

• Provide and maintain our wallet analytics platform
• Manage your account and subscription
• Process payments and prevent fraud
• Communicate with you about service updates
• Improve our services and develop new features
• Comply with legal obligations

3. Types of Data Processed

We process the following categories of personal data:

• Account Data: Email address, password (encrypted), account creation date
• Subscription Data: Plan type, payment status, subscription dates
• Usage Data: Wallet addresses searched, filter preferences, platform interactions
• Technical Data: IP address, browser type, device information, log data
• Transaction Data: Payment identifiers (not payment credentials)

4. Legal Basis for Processing

We process your personal data on the following legal bases:

• Contract Performance: Processing necessary to provide our services under our Terms of Service
• Legitimate Interests: To improve our services, prevent fraud, and ensure platform security
• Legal Obligation: To comply with applicable laws and regulations
• Consent: Where you have provided explicit consent for specific processing activities

5. Data Security Measures

We implement appropriate technical and organizational measures to protect personal data, including:

• Encryption of data in transit using TLS/HTTPS
• Secure password storage using bcrypt hashing
• Access controls and authentication mechanisms
• Regular security assessments and updates
• Secure database configurations and backups
• Employee training on data protection

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Active Accounts: Data retained while your account is active and for 30 days after closure
• Legal Requirements: Certain data may be retained longer to comply with legal obligations
• Anonymized Data: We may retain anonymized usage statistics indefinitely for analytical purposes

7. Data Subject Rights

Under applicable data protection laws, you have the following rights:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your personal data
• Right to Restriction: Request limitation of processing
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us through your account dashboard or our support channels. We will respond within 30 days.

8. Third-Party Processors

We may engage third-party processors to help provide our services. These processors include:

• Payment Processors: NOWPayments for cryptocurrency payment processing
• Infrastructure Providers: Cloud hosting and database services
• Analytics Tools: (If applicable) For platform performance monitoring

All third-party processors are carefully selected and required to maintain appropriate security measures and comply with data protection regulations.

9. International Data Transfers

Your personal data may be transferred to and processed in countries outside your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by data protection authorities
• Adequacy decisions by relevant authorities
• Other legally recognized transfer mechanisms

10. Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will:

• Notify affected users without undue delay
• Report the breach to relevant supervisory authorities where required
• Describe the nature of the breach and mitigation measures taken
• Provide recommendations to minimize potential harm

11. Children's Data

WalletHound is not intended for individuals under 18 years of age. We do not knowingly collect or process personal data from children. If we become aware that we have inadvertently collected data from a child, we will delete it promptly.

12. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. Our analytics are provided for informational purposes only and do not make decisions on your behalf.

13. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

14. Changes to This DPA

We may update this Data Processing Agreement from time to time. We will notify you of significant changes by updating the "Last Updated" date and, where appropriate, providing additional notice.

15. Contact Information

For questions about our data processing practices or to exercise your data protection rights, please contact us through our Telegram community or official support channels.

← Back to Home