Privacy Policy
Version: 1.0Last Updated: November 13, 2025
This privacy policy ("Privacy Policy") explains the basis for our collection of personal data when you access our user interface ("Hapy UI") for the automated protocol logic and software ("Protocol Logic" or "Automation Software"), or when you communicate with us or otherwise deal with us, and sets out how we use your personal data, the conditions under which we disclose it to others and the measures we take to keep it secure. In addition, we may inform you about the processing of your personal data separately, for example in consent forms, terms and conditions, additional privacy policies, forms, and other notices. We use the word "data" here interchangeably with "personal data".
If you provide information to us about you or any person other than yourself, you must ensure that the data is accurate and that these other people understand how their data will be used, that they have given their permission for you to disclose it to us and for you to allow us, and our service providers, to use it. You are welcome to provide them with a copy of this Privacy Policy.
1. Controller
The responsible person for processing your data under this Privacy Policy ("Controller") unless we tell you otherwise in an individual case is:
HapyTech AGBahnhofstrasse 206300 ZugSwitzerland
You may contact us regarding data protection matters and to exercise your rights at privay@hapy.agent
2. Data Collection and Purpose of Data Processing
We process the following data about you for the purposes outlined below:
2.1 Hapy UI Access
When you access the Hapy UI, we collect data that is necessary for its functionality and security.The data collected includes: IP address; information about the operating system of your end device; cookies; referrer URL; amount of data transferred; date, region, and time of the server request; location data; websites accessed or from which access is made; browser type and version; name of your Internet provider; protocols; etc.
2.2 Communication
When you contact us by email, letter, telephone, or other means of communication, we collect the data exchanged between you and us for the purposes of communicating with you and providing our services to you, in particular to respond to your enquiries. By providing us with this data, you acknowledge that we use your data in accordance with this Privacy Policy.The data collected includes: contact details; type, manner, place and time of communication; content of communication; etc.
2.3 Marketing and Innovation
We process your data for marketing and business activities in relation to the Hapy UI and the Protocol Logic, in particular to further develop the Protocol Logic, the Hapy UI, and other platforms on which we operate. In addition, we and selected third parties may use your data to show you personalised content or advertising if and to the extent that you give us your consent, provided this is required by applicable law. You can object to such marketing activities or withdraw your consent at any time (see also Section 12 below).
2.4 Safety or Security Reasons
We process your data to protect our IT and other infrastructure. For example, we process data for monitoring, analysis and testing of our networks and IT infrastructures including access controls.
2.5 Compliance with Law and Legal Procedures
We process your data to comply with legal requirements, to fulfil tax obligations, etc., and we might have to request further information from you to comply with such requirements or as otherwise required by law and legal authorities. Furthermore, we may process your data for the enforcement of legal claims and for the defence in legal disputes and official proceedings.
2.6 Risk Management, Corporate Governance and Business Development
We process your data as part of our risk management and corporate government in order to protect us from criminal or abusive activity. As part of our business development, we might sell businesses, parts of businesses or companies to others or acquire them from others or enter into partnerships and this might result in the exchange and processing of data based on your consent, if necessary.
2.7 Cookies
The Hapy UI uses cookies, and we may also allow certain third parties to do so. Cookies are text files that are stored on your device (computer, laptop, smartphone, etc.) and that are necessary for the use of the Hapy UI as such or certain functions or that enable the analysis of the use of our Hapy UI.You can configure your browser in such a way that no cookies are stored on your computer or a message always appears before a cookie is installed. Please note that deactivation of cookies may result in the Hapy UI not functioning or not functioning completely.
2.8 Third-Party Offerings and Platforms
The Hapy UI may contain links to third-party offerings or underlying DeFi protocols. We also operate accounts on third-party platforms like Twitter/X and Discord.Please note that when you use such links or communicate with us via our accounts, your data will be processed according to the privacy policies of the respective third-party provider. We have no control over, do not review and cannot be responsible for these third-party websites, platforms, or their content. We encourage you to read the privacy policies of every website you visit. Any links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.
3. Legal Basis for Data Processing
Where we asked for your consent, we process your data based on such consent. Where we did not ask for your consent and where required under applicable law, we process your data on other legal grounds, such as:
- a contractual obligation;
- a legal obligation;
- a vital interest of the data subject or of another natural person;
- to perform a public task;
- our legitimate interest.
4. Transfer of Data to Third Parties
As part of our data processing, we may share your data with third parties, in particular to the following categories of recipients:
- Service Providers: We may share your information with service providers and business partners around the world with whom we collaborate to fulfil the above purposes (e.g. IT provider, security companies, lawyers) or who we engage to process data for any of the purposes listed above on our behalf and in accordance with our instructions only.
- Contractual Partners: If required by the respective contract, we will pass on your data to other contractual partners (e.g., underlying DeFi protocols) and subcontractors.
- Acquirers of Business: We may disclose your data to acquirers or parties interested in acquiring business units, companies, or other parts of HapyTech AG.
- Legal Authorities: We may pass on data to offices, courts, and other authorities if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The authorities are responsible for processing data about you that they receive from us.
5. Disclosure of Data Abroad
The data that we collect from you may be transferred to, processed, and stored in, a country outside the European Economic Area (EEA) or Switzerland. In view of the EEA or Switzerland the law in some of those countries may not offer an adequate level of data protection. We only transfer data to these countries when it is necessary for the performance of a contract or for the exercise or defence of legal claims, or if such transfer is based on your explicit consent or subject to safeguards that assure the protection of your data, such as the US-EU Data Privacy Framework, the US-CH Data Privacy Framework and/or the Standard Contractual Clauses approved by the European Commission (SCCs), adjusted according to Swiss law, all of the aforementioned if applicable and required.
6. Profiling and Automated Decision Taking
We analyse aspects of your individual's personality, behaviour, interest and habits make predictions or decisions about them for the purposes laid out in Section 2, e.g. to perform statistical analysis or to prevent misuse and security risks. This analysis identifies correlations between different behaviours and characteristics to create profiles for individuals. We do not use profiling that can produce legal effects concerning you or similarly significantly affect you without human review.
7. On-Chain Data (Flow Blockchain)
When you use the Hapy Protocol and interact with the underlying Flow blockchain, you acknowledge that your wallet address and other data/information provided by your transactions, which are considered personal data if relating to an identified or identifiable natural person, are permanently and publicly stored on-chain. This means such data is publicly available to anyone, worldwide, and cannot be deleted or modified by us or any third party due to the immutable nature of the blockchain.If you want to ensure that your privacy rights are not affected in any way, you should not transact on blockchains as certain rights may not be available or exercisable by you or us due to the technological infrastructure of the blockchain.You hereby release and indemnify us of any liability associated with data that you transferred to the blockchain.
8. Protocol Operation and Smart Contracts
When accessing the Hapy UI, you acknowledge that neither the Hapy Protocol nor any User Vault Smart Contracts deployed thereon are controlled and/or operated by us as a custodian. We do not act as an administrator or operator of the underlying DeFi protocols, Smart Vaults, and do not have access to the digital assets that are held in your third-party wallet, Smart Vaults, and/or in the smart contracts of the DeFi Protocols.
9. Connected Wallets
The Hapy UI relies on a third-party service (e.g., [Insert Wallet Connector Name], provided by [Insert Connector Entity Name, e.g., ConnectService Inc. with registered offices in the US]) to enable you to connect your external wallet to the Hapy UI in order to use the Protocol Logic. This third-party service is solely responsible for processing the data associated with connecting your third-party wallet with the Hapy UI. No personal data or wallet information is collected or processed by us during the connection of your third-party wallet, and we have no access to or involvement in the data processing carried out by the third-party service provider. We are therefore not responsible for any data processing activities undertaken by the wallet connector service. For further information on the purpose and scope of data collection and processing, please refer to the respective privacy policy of that service provider.
10. Retention and Storage of Data
We only process your data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of complying with legal retention requirements and where required to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled. Upon expiry of the applicable retention period, we will securely destroy your data in accordance with applicable laws and regulations.
11. Data Security
We take appropriate organizational and technical security measures to prevent your data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. However, we and your data can still become victims of cyber-attacks, cybercrime, brute force, hacker attacks and further fraudulent and malicious activity including but not limited to viruses, forgeries, malfunctions, and interruptions which is out of our control and responsibility. We have also put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
12. Your Rights
To the extent provided for by applicable law, you may request information free of charge about the data processed relating to you, its origin and recipients and the purpose of the data processing. You may also have the right to correction, deletion, restriction, or objection to processing, as well as to the transfer of the data to another controller. Furthermore, you can revoke your consent at any time with effect for the future. All you need to do is send us an informal email to the above address.Please note that the foregoing rights are subject to legal restrictions and may interfere with or make impossible the provision of our services.
13. Amendment of this Privacy Policy
Due to continuous development of the Hapy UI and the contents thereof, changes in law or regulatory requirements, we might need to change this Privacy Policy from time to time. Our current Privacy Policy can be found on the Hapy UI.