Privacy Policy

This is the Privacy Policy for Terminal 3 applications (both web and mobile), software development kits, and application programming interfaces, including Dot HK. At Terminal 3 HK Limited ("Terminal 3", "we", "us" or "our"), we are on a mission to build an equitable Web3 future for users and enterprises. We maximize the value of a decentralized internet by empowering users with ownership of their digital identities and data, and by enabling companies to engage securely with their customers and communities. We believe that user data should be self-sovereign and fully controlled by users, be freely composable in web3 while remaining fully secure and private, never be transmitted or copied from decentralized storage, be stored off-chain and remain mutable, and generate rewards for users when accessed, and we make this possible through our platform (hereinafter the "Platform"). We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Policy ("Policy") describes Terminal 3's policies and practices regarding its collection and use of your personal data, and sets forth your privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Policy as we undertake new personal data practices or adopt new privacy policies. Terminal 3 will manage, collect, use and disclose personal data in compliance with the Personal Data (Privacy) Ordinance of Hong Kong ("PDPO" ) and the European Union General Data Protection Regulation ("GDPR").

Terminal 3 may collect and process personally identifiable information about you either directly from you, or by combining information we collect and maintain through other means (such as service providers and partners) or as we may receive from publicly available sources such as social media or other third-party sites. The personal information we collect may include: personally identifiable information, such as your real name, email address, date of birth, gender, national identification number, or other similar identifiers; information relating to your digital identity and web3 activities, such as your public virtual wallet addresses, DIDs (decentralized identifiers), on-chain transactions, and holdings; preference data, such as targetable demographic information including interests; behavioral data, such as online interactions; any other personal information you provide. The personal information you provide is cryptographically secured using symmetric key encryption, which means your data is secure even against quantum computing attacks. The moment you input your personal information, that data is encrypted client-side with a symmetric key. You are the only one with access controls to your encrypted data. We will not collect and process your sensitive personal data unless we have obtained your explicit consent as may be required under applicable law.

We use your personal information to fulfill the objectives of our Platform and to provide and improve our services to you, including: to deliver the products and services you have requested; to standardize the data and make it interoperable; to enrich the data with additional profile information; to generate verifiable credentials; to verify your digital identity; to allow you to manage and share access to your personal data, at your discretion; to allow you to monetize personal data that you have shared access to, at your discretion; to enable you to receive rewards; for marketing and business development purposes in a privacy-preserving manner - to enable you to receive messages, offers, and notifications; for other purposes, with your consent or in accordance with applicable laws. We may also use them to comply with our legal and regulatory obligations.

Terminal 3 uses decentralized storage technology and our operations are supported by a global network of servers, computers, blockchains and other infrastructure and information technologies. User data is fragmented and stored across multiple independent nodes in a global network of computers across jurisdictions. We will retain personal information only for as long as necessary for the purposes set out in this Policy and to comply with our legal and regulatory obligations. We cannot destroy personal information stored on decentralized networks. Therefore, we are committed to securely encrypting this information, without creating a decryption key, to make it completely inaccessible to anyone.

We do not knowingly attempt to solicit or receive information from children.

The European Union's General Data Protection Regulation (GDPR) and other countries' privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following: Right to be informed Right of access Right to rectification Right to erasure Right to restrict processing Right of data portability Right to object Rights related to automated decision making including profiling This Privacy Policy is intended to provide you with information about what personal data Terminal 3 collects about you and how it is used. If you wish to confirm that Terminal 3 is processing your personal data, or to have access to the personal data Terminal 3 may have about you, please contact us. You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside Terminal 3 might have received the data from Terminal 3; what the source of the information was (if you didn't provide it directly to Terminal 3); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Terminal 3 if it is inaccurate. You may request that Terminal 3 erase that data or cease processing it, subject to certain exceptions. You may also request that Terminal 3 cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Terminal 3 processes your personal data. When technically feasible, Terminal 3 will—at your request—provide your personal data to you. Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, Terminal 3 will provide you with a date when the information will be provided. If for some reason access is denied, Terminal 3 will provide an explanation as to why access has been denied. For questions or complaints concerning the processing of your personal data, you can email us at privacy@terminal3.io. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation's data protection authority.

Terminal 3 is headquartered in Hong Kong. Terminal 3 has appointed an internal data protection officer for you to contact if you have any questions or concerns about Terminal 3's personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to Terminal 3's data protection officer by email at privacy@terminal3.io.