Privacy Policy
Version: 1.0
1. Introduction
Welcome to LXX DAO. This Privacy Policy explains how we, as a decentralized autonomous organization ("DAO,"
"we," "our"), approach information in the context of our operations, which are primarily built on public
blockchain technology. It outlines the limited circumstances under which we may process personal data, your
rights regarding that data, and the inherent transparency of blockchain-based systems.
By interacting with our website (https://www.lxx-dao.com/), our smart contracts, or participating in our governance,
you acknowledge the terms described in this policy.
2. Key Principles & the Nature of a DAO
- Transparency & Immutability: Core to our operation is the use of public, permissionless
blockchains (like Polygon). Transactions, governance votes, and smart contract interactions are recorded
on-chain. This data is public, permanent, and immutable.
- Pseudonymity: Interactions are typically conducted via blockchain addresses (public
keys), which are pseudonymous identifiers not directly linked to your real-world identity unless you
choose to reveal that linkage.
- Limited Off-Chain Data Collection: Our primary interface is the blockchain. We aim to
minimize the collection of personal data off-chain. Where collection occurs, it is done with purpose,
transparency, and in accordance with applicable law.
3. Information We May Process
A. Information from Blockchain Interactions (On-Chain Data):
- Public Wallet Addresses: The blockchain address you use to interact with LXX DAO smart
contracts (e.g., to acquire LXX tokens via the bonding curve, to vote, to delegate).
- Transaction Data: Details of your interactions, including amounts, timestamps, and the
functions called within our smart contracts. This is publicly visible on blockchain explorers.
- Voting History: Your governance participation, including votes cast on mandates and
proposals, is recorded on-chain.
B. Information You Provide Directly (Off-Chain Data):
- Communication Data: If you contact us via email, social media, or community channels
(e.g., Discord, Telegram), we process the contents of your messages and your contact details.
- Contributor/KYC Data: If you apply to contribute to a Governance Unit (GU) in a
capacity that requires identification (as per our KYC Policy), the Compliance GU may collect necessary
personal information such as name, government ID, proof of address, and professional details. This is
processed under strict controls.
- Website Usage Data: Our website may collect standard log data (IP address, browser
type, pages visited) and use cookies for essential functionality and analytics. We aim to use
privacy-preserving tools where possible.
4. Purposes and Legal Bases for Processing
We process information for the following purposes and under the corresponding legal bases:
| Purpose |
Legal Basis (Where GDPR applies) |
| To execute blockchain transactions and smart contract operations (e.g., token minting/burning,
governance execution). |
Contractual Necessity: To perform the services inherent to the DAO's protocol.
|
| To facilitate on-chain governance and voting. |
Legitimate Interest: To enable the decentralized governance model fundamental
to the DAO's operation. |
| To ensure security, integrity, and prevent abuse (e.g., monitoring for Sybil attacks, fraud).
|
Legitimate Interest: To protect the DAO and its members. |
| To comply with legal obligations (e.g., AML/CFT checks for GU contributors). |
Legal Obligation. |
| To respond to your inquiries and provide support. |
Legitimate Interest or your Consent. |
| To analyze and improve our website and community tools. |
Legitimate Interest or your Consent (for non-essential
cookies/analytics). |
5. How We Share Information
- Publicly, via the Blockchain: As stated, all on-chain data is inherently shared with
the global network of blockchain participants and is publicly accessible.
- With Service Providers: We may use trusted third-party providers for specific functions
(e.g., hosting, communication platforms, KYC verification for contributors). These providers are bound
by contractual obligations to protect your data.
- To Comply with Law: We may disclose information if required by law, regulation, legal
process, or governmental request.
- Within the DAO Structure: Information may be shared between Governance Units (GUs) on a
need-to-know basis to fulfill the DAO's operational mandates (e.g., the Compliance GU may verify a
contributor's status for the Venture GU).
We do not sell your personal data.
6. International Data Transfers
As a global, internet-native entity, data may be processed in countries outside your home jurisdiction. When
transferring personal data from the European Economic Area (EEA) to countries not deemed to have adequate
data protection, we will implement appropriate safeguards (such as Standard Contractual Clauses) as required
by law.
7. Data Retention
- On-Chain Data: Cannot be altered or deleted due to the immutable nature of the
blockchain. Consider this before transacting.
- Off-Chain Data: We retain personal data only for as long as necessary to fulfill the
purposes for which it was collected, including to satisfy any legal, accounting, or reporting
requirements. Specific retention periods are defined in our internal records.
8. Your Rights (Particularly for EEA/UK Individuals)
Under regulations like the GDPR, you may have rights regarding your personal data, including:
- Right of Access & Portability
- Right to Rectification
- Right to Erasure (Note: This is limited for on-chain data and data we must retain for legal reasons).
- Right to Restrict Processing
- Right to Object
- Right to Withdraw Consent
To exercise these rights, please contact the Compliance GU using the details below. We will respond within
one month and may need to verify your identity. You also have the right to lodge a complaint with your local
data protection authority.
9. Security
We implement appropriate technical and organizational measures to protect the off-chain personal data we
process. However, no system is 100% secure. You are solely responsible for the security of your private keys
and wallet credentials.
10. Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data
from children.
11. Changes to This Policy
We may update this Privacy Policy. The "Last Updated" date at the top will indicate when changes were made.
Material changes will be communicated through our official channels (website, governance forum). Your
continued participation after changes constitutes acceptance.
12. Contact Us
For questions about this Privacy Policy or to exercise your data rights, please contact the designated team:
LXX DAO Compliance Governance Unit (GU)
Email/Contact Form: [Insert Email]
Governance Forum: [Insert Link]
This role is responsible for overseeing data protection matters on behalf of the LXX DAO
collective.
Disclaimer: This Privacy Policy applies to the processing of personal
data for which LXX DAO, in its capacity as a jointly-controlled entity, determines the purposes and means.
It does not cover the practices of third-party websites, wallets, or exchanges you may use to interact with
the blockchain. You should review their privacy policies separately.