(another legal page)

Data Policy

Current as of:

August, 2025

Data Policy

This Data Policy explains how information may be collected and processed in connection with the website x.creo.solutions (the “Website”) and the XXX DAO ecosystem (“Xcoin”). It is written in English to follow international standards suitable for decentralized projects.

Scope and Responsible Entity

The Website relates to a decentralized autonomous organization (“XXX DAO”) without a centralized, incorporated legal entity and without a registered office. Content and operations are coordinated by a distributed community of contributors. For general inquiries, please contact [email protected].

Categories of Data We Process

Access logs (server-side)
IP address, user agent, timestamps, requested URLs, referrer, and basic request metadata to ensure availability, security, and abuse prevention.
Communications
If you contact us by email, we process the content of your message, your email address, and related metadata to respond to your request.
Diagnostics/analytics (optional)
If analytics are enabled, we strive to use privacy-friendly, aggregated, or anonymized metrics. Optional analytics are collected only with your consent where required.
On-chain data
Public blockchain data is globally accessible by design and is not controlled by XXX DAO. Such data may, however, be viewable via the Website or referenced in documentation.

Legal Bases for Processing

  • Legitimate interests (Art. 6(1)(f) GDPR): To operate, secure, and improve the Website, prevent abuse, and ensure service integrity.
  • Consent (Art. 6(1)(a) GDPR): For any non-essential cookies or analytics that are not strictly necessary.
  • Contractual necessity (Art. 6(1)(b) GDPR): To respond to your inquiries or provide requested information.
  • Legal obligations (Art. 6(1)(c) GDPR): Where applicable, to comply with mandatory legal requirements.

Cookies and Similar Technologies

The Website may use strictly necessary cookies to provide core functionality. Optional cookies (e.g., analytics) are only set with your prior consent where applicable. You can withdraw consent at any time via your browser settings or provided controls. If enabled, we aim to minimize identifiers and avoid cross-site tracking.

Third-Party Service Providers

  • Hosting/CDN: To deliver the Website securely and efficiently.
  • Email: To handle communications sent to [email protected].
  • Analytics (optional): Only if enabled and subject to consent, using privacy-conscious configurations where feasible.

International Data Transfers

Given the decentralized and global nature of web infrastructure, information may be processed across multiple countries. Where service providers transfer data internationally, we seek appropriate safeguards (e.g., standard contractual clauses) consistent with applicable laws.

Data Security

  • Transport-layer encryption (TLS) for the Website where supported.
  • Least-privilege access to systems and data.
  • Encryption at rest where made available by the hosting provider.

Retention

  • Server logs are typically retained for up to 30 days unless required longer for security or legal reasons.
  • Communications are retained for as long as necessary to resolve your inquiry and for reasonable archival periods.
  • Aggregated, non-identifying analytics (if any) may be retained longer for trend analysis.

Your Rights

Subject to applicable law, you may have rights of access, rectification, erasure, restriction, portability, and objection, as well as the right to withdraw consent where processing is based on consent. Please direct requests to [email protected]. Because XXX DAO is decentralized and does not maintain user accounts, we may only be able to action requests related to data we directly control (e.g., emails).

Children’s Data

The Website is not directed to children under the age of 16. We do not knowingly collect personal data from children. If you believe we have unintentionally collected such data, contact us to request deletion.

Changes to This Policy

We may update this Data Policy to reflect technical, legal, or operational changes. Material updates will be indicated on the Website.

Contact

For questions about this Data Policy, contact [email protected].

Effective Date

This Data Policy is effective as of August, 2025.