Docs menu
Privacy Policy
1. Controller and contact details
The controller is alphayields.ai, with a registered office in Portugal.
Legal references: GDPR, Articles 12–13; Articles 37–39 (DPO); Law No. 58/2019.
2. What data we process
We may process: (i) technical browsing data (IP, logs, cookies), (ii) data provided by the user (e.g. email for contact/support), and (iii) public on-chain data where the user interacts with blockchain networks (addresses, hashes and transaction events).
Legal references: GDPR, Article 13(1)(c); Law No. 41/2004, Article 5.
3. Purposes and legal bases
We process data to operate and make the Website/Services available; ensure security and fraud prevention; provide support; collect metrics based on consent where required; comply with legal obligations and respond to authorities; and defend rights in proceedings and disputes.
Legal references: GDPR, Article 6(1)(a), (b), (c) and (f); Article 5; Article 21.
4. Recipients and processors
We may share data with providers (hosting, security, support, analytics), advisers and authorities where legally required, ensuring contracts and confidentiality where applicable.
Legal references: GDPR, Article 28 (processors); Article 13(1)(e).
5. International transfers
Where data are processed outside the EEA, we will apply appropriate transfer mechanisms and supplementary measures where applicable.
Legal references: GDPR, Articles 44–49.
6. Retention periods
We retain data only for the period necessary for the purposes and for compliance with legal obligations. On-chain data may remain publicly accessible for an indefinite period due to the technical design of the blockchain.
Legal references: GDPR, Article 5(1)(e); Article 13(2)(a).
7. Data subject rights
The user may exercise the rights of access, rectification, erasure (where applicable), restriction, objection and portability, as well as withdraw consent. The user may also lodge a complaint with the CNPD.
Legal references: GDPR, Articles 15–22 and 77; Law No. 58/2019.
8. Security and incidents
We apply appropriate technical and organisational measures and, in the event of a personal data breach, we will act in accordance with the law.
Legal references: GDPR, Article 32; Articles 33–34.
9. Minors
The Services are not intended for minors.
Legal references: GDPR, Article 8 (where applicable).
10. Automated processing (security / geoblocking)
There may be automated mechanisms for security and compliance (e.g. abuse detection, VPN/proxy detection, geoblocking). We do not carry out automated decisions producing significant legal effects, unless expressly indicated and legally permitted.
Legal references: GDPR, Article 22; Article 13(2)(f).