Educhain ITO

PRIVACY POLICY

Last updated: 05/09/2025

XINTEL CORPORATION LIMITED (“company”, “we”, “our”) recognizes the importance of personal data and is committed to strictly complying with applicable data protection and privacy laws. We apply reasonable technical, administrative and organizational measures to protect your personal data from unauthorized access, loss, misuse, unauthorized disclosure or alteration.

Scope and validity
This Privacy Policy sets forth how the Company's collection, use, storage, disclosure and processing of personal data when you access, register for an account or use any of the Company's services, including but not limited to the website, mobile applications, extensions or platforms DApp.

User Consent
By continuing to access or use the Company's services, you acknowledge that you have read, understood and agree to be bound by this Privacy Policy.
If you do not agree, you must immediately leave the website, uninstall the application/extension and/or stop using all Company services.
The company will not be responsible for any loss, damage or claim arising from your continued use of the service when you do not agree to this Policy.

Relationship to Terms of Service
All terms used in this Policy have the same meanings as in Terms of Service of the Company, unless otherwise provided in this Policy. In the event of a conflict, Terms of Service will be given priority.

1. Commitment to Protecting User Information

The Company is committed to protecting users' personal data by applying the following principles: security – transparency – control throughout the process of collecting, storing, processing and using data on the platform.

Security: The Company implements reasonable technical, managerial and organizational measures (including encryption, access authorization, system monitoring, etc.) to prevent unauthorized access, disclosure, alteration or destruction of personal data.
Transparent: Users are clearly informed about the purpose, scope and manner in which personal data is processed, as well as the third parties (if any) with whom the Company may share data in accordance with legal regulations.
Control: Users have the right to access, correct, update or request deletion of their personal data according to the mechanism announced by the Company and in accordance with current legal regulations.

Besides:

Data Sharing: The Company only shares personal data with (i) relevant service providers necessary to operate the platform; (ii) competent state agencies when legally required; or (iii) other cases with the explicit consent of the user.
Storage period: Personal data will only be retained for as long as necessary to serve the stated purpose, unless longer retention is required or permitted by law.
Disclaimer: The Company does not absolutely guarantee that personal data will always be safe from any risks arising from force majeure events, cyber attacks, technical errors or causes beyond reasonable control. In all cases, the Company will make every effort to minimize the impact and promptly notify users in accordance with the law.

User Rights and Obligations

User Rights

Request the Company to provide information about how your personal data is being collected, stored and processed.
Request the Company to correct, update or delete personal data that is inaccurate, incomplete or no longer necessary for the purposes of processing.
Withdraw consent to the Company's processing of personal data (where processing is based on consent), provided that the withdrawal does not affect the lawfulness of previous processing activities.
Complain or request the Company to resolve related to personal data protection according to the published mechanism.

User Obligations

Provide complete, accurate and honest information when registering and using the Company's services; be responsible for the accuracy of the data provided.
Do not share, disclose or provide account information, passwords, seed phrases, e-wallets or any other security data to third parties without authorization.
Take proactive steps to protect personal data, including using trusted devices, keeping security software up to date, and being alert to phishing threats.
Take full legal responsibility for any damage, risk or dispute arising from the user disclosing his/her own personal data or that of a third party without permission.

2. Information Collected

When using the Company platform (including applications, websites, DApps or extensions), we may collect and process the following types of data:

a. Personally identifiable information (provided by the user):

Full name, date of birth, gender, nationality.
Email address, phone number, contact address.
Login information (account name, password), avatar, personal profile.
Payment information (if any): bank account number, e-wallet, transaction method.

b. Technical information and usage behavior:

IP address, device type, operating system, browser, time zone, language.
Cookies, online identifiers and system log information.
Service usage behavior: pages visited, features used, uptime, login frequency.

c. Information related to transactions and rewards:

Transaction history, rented nodes, bonus points or commissions from the affiliate system.
Blockchain data related to the wallet (wallet address, seed phrase never retained by the Company).

d. Information from third parties (if any)

Information shared by partners or service providers (e.g. payment gateways, identity authentication units).
Public information from social networks or other platforms when users link their accounts with the Company.

3. Purpose of Information Use

The Company collects and processes your personal data for the following lawful purposes:

Service provision and operation

Authenticate and manage user accounts.
Reward distribution (nodes, reward points, commission).
Process transactions, orders or service related requests.

Customer Support & Contact Information

Send system announcements, policy updates, or service changes.
Account recovery support, troubleshooting and complaint resolution.
Respond to user requests or inquiries.

Product innovation & experience optimization

Analyze user behavior, usage habits and feedback.
Research, develop and improve platform features, interface and performance.
Ensure safety, detect fraud and prevent security risks.

Affiliate/referral system management

Track user referral activity.
Verify conditions, calculate and pay commissions accurately.

Compliance with legal & regulatory obligations

Store, process and provide data upon legal request of competent state agencies.
Fulfill obligations related to anti-money laundering, financial fraud or electronic transaction regulations (where applicable).

Other purposes (if any)

Only to be performed when there is express consent of the user or as permitted by law.

4. Security and Storage

Security Infrastructure: The company stores user data on highly secure servers, located in internationally certified data centers.
Data encryption: Sensitive information (including passwords, OTPs, seed phrases or financial data) is encrypted using industry standard algorithms to minimize the risk of unauthorized access.
System protection: The platform deploys SSL/TLS protocol, firewall system, intrusion detection & prevention mechanism (IDS/IPS) and many other security control layers.
Minimum storage principle: The Company only retains personal data for the period necessary to fulfill the stated purpose, or for the period required by law. After this period, the data will be securely deleted or anonymized.
Limitation of Liability: Despite the advanced security measures implemented by the Company, cannot be absolutely guaranteed data will be safe from any incidents arising from cyber attacks, force majeure events or factors beyond reasonable control.

5. Sharing with Third Parties

Company Do not sell, rent or trade users' personal data to any third party for commercial purposes. Data sharing (if any) will only take place in the following cases:

As required by law: When there is a legal request, order of a court or competent state agency as prescribed by law.
Technical Service Provider Partner: Third parties that assist the Company in operating the platform (e.g. cloud storage, email delivery, SMS OTP, security systems). These partners are required to complyPrivacy Policyand data may only be used within the scope of the relevant service.
In case of merger, sale or restructuring of business: Personal data may be transferred as part of the assets, but the Company will ensure that users are informed and that personal rights continue to be protected.
Protect legitimate rights: When necessary to protect the rights, property or safety of the Company, its users or the public from fraud, abuse, system attacks or violations of the law.

6. User Rights and Obligations Regarding Personal Data

6.1 Users have rights under current laws on personal data protection, including but not limited to:

Right to information: Users have the right to know about their personal data being collected, processed, the purpose and scope of use.
Access Rights: Request the Company to provide a copy or details of your personal data that the system is storing/processing.
Right to edit/update: Request to correct or supplement inaccurate or incomplete personal data.
Right to data erasure: Request deletion or destruction of personal data where it is no longer necessary for the purposes of processing or as required by law.
Right to restriction of processing: Users may request the Company to suspend or limit data processing in certain cases.
Right to object: Object to the processing of personal data if you consider that it affects your rights and legitimate interests.
Right to withdraw consent: Users may withdraw the consent granted to the Company in processing personal data, unless otherwise provided by law.
Right to complain/accuse: Submit a complaint to the Company or competent state agency when discovering that personal data is collected and processed illegally.

Implementation mechanism: Users can exercise the above rights by contacting the Company via official support channels (email, system ticket, or other published forms). The Company is responsible for responding within the statutory time limit and in accordance with the legal procedures.

All requests can be sent to: [email protected]

6.2 User obligations regarding personal data

When using the Company's platform, the user is responsible for complying with the following obligations regarding personal data:

Providing honest information: Users commit that the personal data provided to the Company is accurate, complete and legal.
No impersonation or forgery: It is strictly forbidden to use other people's personal data without lawful consent.
Security of access information: Users are solely responsible for the security of their login information, password, seed phrase or other access information related to their account/e-wallet.
Timely notification: In case of detecting unauthorized access, data leakage or information security violation, the user must immediately notify the Company for coordination in handling.
Compliance with the law: Users are obliged not to use personal data (their own or others') to commit illegal acts, commit fraud, disseminate information illegally or violate the privacy of third parties.
Liability for Consequences: The User shall be solely liable for any damages, losses or claims arising from the provision of false, falsified personal data or in violation of legal regulations.

6.3 The Company will make every effort to protect the personal data of users. However, we not responsible in the following cases:

User self-disclosure: Users publicly share or provide personal information, seed phrases, passwords to third parties beyond the Company's control.
User's negligent behavior: Data is leaked or lost due to users not complying with security measures (e.g. sharing devices, not locking the screen, downloading malicious applications).
Unauthorized third party: Data is illegally exploited by hackers, malware or third parties without direct fault from the Company's system.
Force Majeure: Natural disasters, war, epidemics, Internet interruptions, or incidents beyond the Company's reasonable control.
Legal requirements: Disclosure of data upon legal request of competent state agencies as prescribed by law.

In the cases above, The Company will assist the user within a reasonable scope to minimize risks and damages, but not liable for compensation in any form.

7. Policy Changes

The Company reserves the right, at its sole discretion, to modify, supplement or update This Privacy Policy may be revised from time to time to reflect changes in law, technology, or business operations.

Any material changes will be notified by the Company public announcement through one or more official channels (e.g. email, website/app announcement, or via DApp system).

The changes will be effective at the time of publication, unless the Company specifies a different effective date.

It is the user's responsibility to regularly check for updates. Continued use of the service after the policy has been updated will be deemed to indicate that the user has read, understood and agreed to be bound by such changes.

8. Contact Information

If you have any questions or requests regarding the Privacy Policy, please contact us via:

📧 Email: [email protected]

🌐 Website: https://educhain.tech/