← Back to Home

Privacy Policy – Dappable Platform

By Kirobo Ltd.

Last Updated: June 3, 2025

1. Introduction and Scope

This privacy policy comprehensively defines the personal information handling procedures of Kirobo Ltd. ("Company", "we") in connection with the Dappable platform ("Platform", "Service"). This policy is an integral part of our Terms of Service and is binding on all Platform users.

Use of our services constitutes explicit and complete agreement to this privacy policy. Disagreement with this policy requires immediate cessation of Platform use.

2. Types of Information Collected

2.1 Personal Identification Information

The Company collects the following information during registration and account management:

  • Basic identification details: Full name, email address
  • Payment information: Credit card details, billing address, tax information (as required by law)
  • Account preferences: Language settings, time zone, display preferences
  • Authentication data: Encrypted passwords, two-factor authentication tokens

2.2 Activity and Usage Data

  • Code and prompts: All generated code, sent prompts, and system requests
  • Interaction metrics: Usage times, opened menus, utilized functionality
  • Performance data: Response times, errors, technical malfunctions
  • Blockchain data: Wallet addresses, transaction history, smart contract interactions
  • System logs: Security activity records, account access, settings changes

2.3 Technical and Automatic Information

  • Network information: IP addresses, ISP details, general geographic location
  • Device information: Device type, operating system, browser version, screen resolution
  • Navigation data: Pages visited, time spent, site navigation paths
  • Cookie files: Unique identifiers, user preferences, operational data

2.4 Blockchain and Digital Assets Information

  • Wallet addresses: Digital wallet addresses connected to the platform
  • Transaction history: Transfer records, smart contracts, network interactions
  • Token data: Balances, digital currency types, NFTs
  • DeFi interactions: Activity in decentralized protocols, pools, staking

3. Information Collection Methods

3.1 Direct Collection

  • Registration and login forms
  • Profile and account settings
  • Payment and purchase processes
  • Support and customer service inquiries

3.2 Automatic Collection

  • Cookie files: For platform functionality and user experience improvement
  • Server logs: For performance and security monitoring
  • Advanced analytics: PostHog, Google Analytics, and Microsoft Clarity for usage pattern analysis
  • Blockchain tracking: Automatic monitoring of wallet addresses and public transactions

3.3 Third-Party Collection

  • Data from payment providers (Paddle, PayPal)
  • Information from social media platforms (in case of login through them)
  • Blockchain data from public networks (Ethereum, Polygon, BSC)
  • Data from third parties explicitly authorized by you

4. Information Usage Purposes

4.1 Primary Business Purposes

  • Service operation: Access security, account management, payment processing
  • Product improvement: Usage pattern analysis, technical issue identification, new feature development
  • Customer support: Technical assistance, problem solving, guidance

4.2 Security and Compliance Purposes

  • Information security: Suspicious activity identification, fraud prevention, system protection
  • Blockchain security: Prevention of suspicious transactions, identification of dangerous addresses
  • Regulatory compliance: Meeting legal requirements, reporting to authorities (when required)
  • Evidence preservation: For internal or legal investigation purposes

4.3 Marketing and Business Development Purposes

  • Business communication: Product updates, security notices, service changes
  • Market research: Understanding user needs, identifying industry trends
  • Technological model improvement: Algorithm training, artificial intelligence system refinement

5. Information Sharing with Third Parties

5.1 Authorized Service Providers

The Company shares information only with the following providers:

  • Payment processing: Paddle, PayPal (payment data only)
  • Cloud services: AWS, Google Cloud (for secure storage and processing)
  • Analytics: PostHog, Google Analytics, Microsoft Clarity (anonymous data only)
  • Blockchain services: Alchemy, Infura, Moralis (for network connectivity)
  • Technical support: Authorized providers for maintenance and development

5.2 Legal Requirements

Information may be disclosed only in the following cases:

  • Court order or binding legal requirement
  • Suspicion of criminal activity or serious security breach
  • Protection of Company rights or third parties
  • Emergency endangering people's safety

5.3 Business Ownership Transfer

In case of merger, acquisition, or asset sale, information may be transferred to the acquiring entity, subject to commitment to maintain similar privacy policy.

6. Your Rights as a User

6.1 Access and Control Rights

  • Right of access: Receiving a copy of all personal information held about you
  • Right of correction: Updating or correcting incorrect or outdated information
  • Right of deletion: Requesting information deletion (subject to legal and business limitations)
  • Right of restriction: Limiting certain types of processing

6.2 Portability and Choice Rights

  • Data export: Receiving information in structured and transferable format
  • Consent withdrawal: Canceling previously given consents (may limit service)
  • Processing objection: Objecting to specific information uses

6.3 Rights Implementation

For rights implementation requests, contact us at: legal@dappable.io

We commit to responding within 14 business days and implementing the request within 30 days.

7. Security Measures and Information Retention

7.1 Advanced Technical Protections

  • Encryption: Advanced encryption for data and information transfer
  • Access control: Advanced protection measures and activity monitoring
  • Backups: Encrypted and distributed backups with rapid recovery
  • Security monitoring: 24/7 intrusion detection, automatic alerts

7.2 Organizational Protections

  • Employee training: Ongoing information security training program
  • Access restriction: Need-to-know principle, approvals at different levels
  • Security audits: Annual penetration testing, quarterly internal audits
  • Incident response: Defined plan for handling security breaches

7.3 Retention Periods

  • Active information: As long as the account is active
  • Accounting records: 7 years (according to Income Tax Ordinance)
  • System logs: As required for security purposes only

8. Cookies and Tracking Technologies

8.1 Cookie Types

  • Essential cookies: Required for platform functionality (cannot be disabled)
  • Functional cookies: Saving preferences, login status
  • Analytical cookies: Google Analytics, PostHog, Microsoft Clarity (can be disabled)
  • Marketing cookies: Only with explicit consent

8.2 Cookie Preference Management

  • Access to cookie settings through the platform
  • Option to opt out at any time
  • Browser settings for complete blocking
  • Detailed information about each cookie

8.3 Additional Technologies

  • Local Storage: For saving local preferences
  • Session Storage: For temporary information during session
  • Web Beacons: For email and activity analysis (with consent)

9. International Information Transfers

9.1 Legal Framework

  • Information transfers are made according to Privacy Protection Law 5741-2011
  • Implementation of Standard Contractual Clauses (SCCs) with overseas providers
  • GDPR compliance for European Union residents

9.2 Destination Countries

Information may be transferred to the following countries:

  • United States: AWS and Google Cloud servers
  • European Union: Backup and data processing servers
  • Additional countries: Only with appropriate privacy protections

9.3 Additional Protections

  • Advanced encryption in every transfer
  • Background checks of international providers
  • Monitoring compliance with local regulations

10. Minors Privacy Protection

The Company commits to absolute protection of minors' privacy:

  • Usage prohibition: Service is prohibited for users under 18
  • Automatic identification: Age identification and blocking systems
  • Immediate deletion: Deletion of all identified minors' information
  • Parental notification: Notice to parents when required

11. Policy Changes

11.1 Update Process

  • Publishing the new version on the website
  • Continued use constitutes agreement to changes

11.2 Emergency Changes

In emergency cases (security, law), changes will take effect immediately with notice.

12. Dispute Resolution and Remedies

12.1 Internal Process

  • Initial contact with company privacy officer
  • Internal investigation within 21 days
  • Solution proposal or reasoned explanation
  • Internal appeal right

12.2 External Procedures

  • Contact with Privacy Protection Authority
  • Arbitration by mutual agreement
  • Legal proceedings in Tel Aviv courts

13. Limitation of Liability

According to Terms of Service, our liability is limited to cases of:

  • Gross negligence on our part
  • Willful violation of the policy
  • Failure to implement stated security measures

The financial liability cap is the amount paid by you during the last 12 months.

14. Contact and Rights Implementation

14.1 Contact Details

Kirobo Ltd.

Arik Einstein St 3

Herzliya, Israel

14.2 Contact Channels

  • Privacy matters: legal@dappable.io
  • Technical support: support@dappable.io
  • General information: info@dappable.io

14.3 Guaranteed Response Times

  • Regular privacy requests: 14 business days
  • Urgent requests: 72 hours (mark "URGENT - Privacy")
  • Rights implementation: 30 days from request date

This privacy policy is an integral part of the Dappable platform Terms of Service and replaces any previous privacy policy.