Privacy
Last updated: 22nd Jan 2026
This Privacy Policy (this “Policy”) describes how Hotstuff L1, together with its affiliates (collectively, “Hotstuff,” “we,” “us,” or “our”), collects, uses, stores, discloses, transfers, and otherwise processes information in connection with your access to and use of the Hotstuff website-hosted user interface and related services, tools, and functionality that facilitate interaction with the Hotstuff decentralized blockchain protocol (collectively, the “Services”).
This Policy is incorporated by reference into, and should be read together with, the Hotstuff Terms of Use (the “Terms”). Capitalized terms not defined herein have the meanings given in the Terms.
For the purposes of applicable data protection laws, the data controller of personal information processed under this Policy is Hotstuff Labs, a company incorporated under the laws of \[St. Vincent and the Grenadines\].
1. Scope and Application
This Policy applies solely to information processed through systems operated or controlled by Hotstuff in connection with the Services. This Policy does not apply to information recorded on public blockchain networks or other decentralized systems that are not operated or controlled by Hotstuff.
Public blockchain networks are decentralized, permissionless, and immutable by design. Hotstuff does not have the ability to access, control, modify, delete, or restrict information recorded on such networks.
2. Information We Process
2.1 Information Provided by You
We may process personal information which may include information that directly or indirectly identifies you, including but not limited to your email address, Internet Protocol (IP) address, public blockchain addresses, smart-contract addresses, protocol identifiers, transaction references, timestamps, approximate geographic location, device identifiers, browser characteristics, and any other information you voluntarily provide to us through the Services or communications.
You acknowledge that public wallet addresses and related blockchain transaction data may constitute personal data under certain data protection laws where such information can be reasonably linked to an identifiable individual.
You are not required to provide personal data to access the public features of the Services; however, certain functionality, communications, or support services may not be available without the provision of limited information.
2.2 Information Collected Automatically
When you access or use the Services, we may automatically process certain technical and usage information, including:
1) Internet Protocol (IP) address; 2) approximate geographic location (such as country or region); 3) browser type, operating system, device information, and language settings; 4) access times, pages viewed, session duration, and navigation data; 5) referring and exit URLs; and 6) logs, diagnostics, and performance metrics.
This information is processed for purposes including security, stability, analytics, and enforcement of applicable restrictions.
2.3 Blockchain-Related Information
When you interact with the Hotstuff protocol, information relating to such interaction is recorded on public blockchain networks. This may include public wallet addresses, transaction hashes, timestamps, balances, trades, liquidations, funding events, and other protocol-level activity.
Such information is publicly accessible, permanently recorded, and not created, controlled, or stored by Hotstuff in a traditional sense.
2.4 Third-Party Wallet Providers
Certain features of the Services require you to connect a compatible third-party digital wallet in order to interact with the Hotstuff L1 blockchain protocol. Such wallets are provided and operated by independent third-party providers and are not owned, controlled, or maintained by Hotstuff.
Your use of any third-party wallet is governed solely by the terms and privacy policy of the applicable provider. Hotstuff does not control and is not responsible for how such providers collect, use, store, or disclose personal data, including any information associated with your wallet address, transaction history, or device.
By connecting a third-party wallet to the Services, you acknowledge and agree that Hotstuff disclaims all liability arising from the acts or omissions of wallet providers, including any unauthorized access, data breaches, loss of digital assets, or misuse of personal data.
2.5 Cookies and Similar Technologies
We may use cookies, local storage, session identifiers, or similar technologies to support the operation, security, and functionality of the Services, including to maintain session continuity, prevent abuse, and understand aggregated usage patterns.
These technologies are not used for targeted advertising or behavioral profiling across third-party services.
2.6 Communications and Support
If you communicate with us, we may process information relating to such communications, including contact details, message content, and associated metadata.
2.7 Voluntarily Submitted Information
You may voluntarily submit additional information, such as feedback, survey responses, or research participation. Submission of such information is entirely optional.
3. How We Use Information
We process information for the following purposes:
(a) to operate, maintain, and administer the Services; (b) to facilitate interaction with decentralized blockchain protocols; (c) to monitor performance, availability, and reliability; (d) to detect, prevent, and address fraud, abuse, or security incidents; (e) to enforce access restrictions applicable under the Terms; (f) to respond to inquiries and provide support; (g) to improve and develop the Services; and (h) to comply with applicable legal obligations, where required.
4. Legal Bases for Processing
Where required under applicable law, Hotstuff L1 processes information on the basis of one or more of the following:
(a) performance of the Services requested by users; (b) legitimate interests, including security, integrity, and improvement of the Services; (c) compliance with legal or regulatory obligations; and (d) user consent, where applicable.
5. Jurisdictional Restrictions and Compliance
The Services are not available to Restricted Persons, as defined in the Terms. We may process limited technical or location-related information to:
1) enforce jurisdictional restrictions; 2) detect circumvention of access controls; and 3) comply with sanctions or other legal requirements.
Hotstuff does not conduct routine identity verification, or customer due diligence procedures, or know-your-customer procedures for general access to the Services.
6. Disclosure of Information
We may disclose information:
(a) to third-party service providers that assist with infrastructure, hosting, analytics, blockchain analytics and monitoring services, security and fraud-prevention providers, compliance screening services, and technical consultants who assist us in operating, securing, and improving the Services; (b) to professional advisers, including legal or compliance advisers, where reasonably necessary; (c) to governmental, regulatory, or judicial authorities where required by law; or (d) in connection with a merger, acquisition, reorganization, or sale of assets.
We do not sell personal information.
7. Public Blockchain Considerations
You acknowledge and understand that:
(a) public blockchain networks are transparent and immutable by design; (b) information recorded on such networks may be accessible indefinitely; (c) Hotstuff cannot remove, alter, or anonymize blockchain data; and (d) third parties may independently analyze blockchain activity and associate it with identifiable individuals without Hotstuff’s involvement.
8. International Data Processing
Personal information processed in connection with the Services may be transferred to, stored in, or accessed from jurisdictions outside your country of residence, including jurisdictions that may not provide the same level of data protection.
Where required by applicable law, we implement appropriate safeguards to protect such transfers, including the use of Standard Contractual Clauses approved by the European Commission, the UK International Data Transfer Agreement or Addendum approved by the UK Information Commissioner’s Office, or reliance on adequacy decisions where applicable.
9. Data Retention
Information processed through systems operated or controlled by Hotstuff is retained only for as long as reasonably necessary to:
(a) provide and secure the Services; (b) fulfill the purposes described in this Policy; or (c) comply with applicable legal obligations.
Information recorded on public blockchain networks is retained indefinitely by those networks.
10. Security
We implement reasonable administrative, technical, and organizational safeguards designed to protect information processed in connection with the Services against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures are intended to reflect the nature of the information and the risks associated with processing it.
However, no system, network, or method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security of any information. You acknowledge and accept that information you transmit or store in connection with the Services is done at your own risk, and Hotstuff shall not be responsible for any unauthorized access, interception, loss, or alteration of data except to the extent required by applicable law.
11. Children
The Services are not intended for use by individuals under the age of eighteen (18). We do not knowingly collect or process personal data of individuals under sixteen (16) years of age in the European Economic Area or the United Kingdom, or under thirteen (13) years of age in other jurisdictions.
If we become aware that personal data of a minor has been collected inadvertently, we will take reasonable steps to delete such information as soon as practicable.
12. Usage Data
Usage Data includes technical and operational information generated by your interaction with the Services, including IP address, wallet identifiers, transaction references, access times, pages viewed, device type, operating system, browser version, language settings, session duration, and diagnostic logs.
This information is used to maintain security and stability, prevent abuse or unauthorised access, enforce applicable restrictions, analyze performance, and improve functionality.
13. Your Rights
Depending on your jurisdiction, you may have certain rights in relation to personal information processed by us, including the right to request access, correction, erasure, restriction of processing, data portability, or to object to certain processing activities. You may also withdraw consent where processing is based on consent.
These rights do not apply to information recorded on public blockchain networks due to their decentralised and immutable nature.
Requests may be submitted using the contact details in Section 14. We may require reasonable verification of identity before responding. Where required by applicable data protection law, we will respond to verified data subject requests without undue delay and, in any event, within one (1) month of receipt. This period may be extended by up to two additional months where permitted by law, taking into account the complexity and number of requests.
If you are located in the European Economic Area, you have the right to lodge a complaint with the data protection supervisory authority in the Member State of your habitual residence, place of work, or where an alleged infringement has occurred.
If you are located in the United Kingdom, you may lodge a complaint with the UK Information Commissioner’s Office (ICO).
14. Third-Party Services
The Services may include links to, integrations with, or reliance upon third-party services, software, tools, or platforms, including digital wallet providers, blockchain networks, node operators, analytics providers, data infrastructure providers, and other external services. Such third-party services are operated independently and are not owned, controlled, or maintained by Hotstuff.
Your access to and use of any third-party services is governed solely by the terms, conditions, and privacy policies of the applicable third parties. Hotstuff does not endorse, monitor, or assume any responsibility for the availability, security, accuracy, reliability, or data-processing practices of any third-party services, and disclaims all liability arising from your use of or reliance on such services.
You acknowledge that any personal data you provide to or that is collected by third-party services is processed in accordance with their own privacy policies and not this Policy.
15. Social Media Platforms
The Services may include links to social media platforms or third-party websites operated independently from Hotstuff L1. If you interact with Hotstuff L1 through such platforms, those third parties may collect information about your interaction in accordance with their own privacy policies.
Hotstuff L1 does not control and is not responsible for the data collection, use, disclosure, or security practices of any third-party platforms.
16. Changes to This Policy
This Policy is intended to comply with applicable data protection laws, including the Cayman Islands Data Protection Act (as amended), the UK GDPR, and the EU GDPR. We may review and update this Policy from time to time to reflect changes in legal requirements, regulatory guidance, our data processing practices, or the Services.
Any updates will become effective upon posting the revised Policy on the Interface, unless a later effective date is specified. Where changes are material, we will take reasonable steps to provide notice, such as by displaying a notice on the Interface.
The “Last Updated” date at the top of this Policy will indicate when the most recent changes were made. Continued use of the Services after any update constitutes acceptance of the revised Policy.
17. Contact Information
If you have questions about this Policy or our privacy practices, please contact us at:
Email: support@hotstufflabs.com
Important Notice
Use of decentralized blockchain technology involves inherent privacy risks. Users are responsible for understanding how public blockchains and third-party tools may affect data exposure and anonymity.