Privacy Policy

1. Introduction

This Privacy Policy ("Policy") explains how Bluepine Technology Foundation and its affiliates ("AESC," "we," "us," or "our") collect, use, disclose, and protect information in connection with the AESC network, the website located at aescnet.com (the "Site"), and any related services, tools, APIs, documentation, testnet environments, and applications (collectively, the "Services").

This Policy applies to all visitors, users, and others who access or use our Services. By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree with any part of this Policy, you must discontinue use of the Services immediately.

We are committed to protecting your privacy and handling your personal data in a transparent and responsible manner. This Policy is designed to comply with applicable data protection regulations, including the General Data Protection Regulation (GDPR), the Swiss Federal Act on Data Protection (FADP), and other relevant privacy legislation.

2. Data Controller

The data controller responsible for the processing of your personal data is:

For any questions regarding this Privacy Policy or your personal data, you may contact us at the address above.

3. Information We Collect

3.1 Information You Provide Directly

We may collect information that you voluntarily provide when interacting with our Services, including:

• Contact information (name, email address, organization) when you subscribe to newsletters, submit contact or partnership inquiry forms, or register for events
• Wallet addresses and on-chain identifiers when you connect a wallet to interact with the AESC network or testnet
• Communications you send to us, including support requests, feedback, bug reports, and correspondence
• KYC/KYB documentation (government-issued identification, business registration documents, proof of address) if you participate in validator programs, regulated token distributions, or compliance-gated activities on the network
• Survey responses and feedback provided through community programs, testnet campaigns, or research initiatives
• Social media handles and usernames if you connect third-party accounts or participate in community campaigns

3.2 Information Collected Automatically

When you access our Services, we may automatically collect certain information, including:

• Device information (hardware model, operating system and version, browser type and version, screen resolution, language preferences)
• Network information (IP address, approximate geographic location derived from IP, internet service provider)
• Usage data (pages visited, time spent on pages, navigation paths, clicks, scroll depth, referring URLs, exit pages)
• Performance data (page load times, errors encountered, crash reports)
• Cookies, web beacons, pixel tags, and similar tracking technologies (see Section 8 for details)

3.3 Blockchain Data

Certain information related to the AESC network is inherently public by design. Transactions broadcast to the AESC blockchain are permanently recorded and publicly accessible. This includes, but is not limited to:

• Wallet addresses (public keys) and their associated transaction history
• Transaction hashes, timestamps, amounts, and gas fees
• Smart contract interactions, deployment addresses, and function calls
• Token balances, transfers, and approval records
• Validator addresses, staking amounts, and governance votes

This data is recorded on a distributed public ledger and is accessible to anyone. We do not control this data once it is submitted to the blockchain, and it is not subject to modification or deletion requests. You should carefully consider what information you submit to public blockchains.

3.4 Information from Third Parties

We may receive information about you from third parties, including:

• Identity verification providers for KYC/KYB compliance purposes
• Analytics providers who help us understand usage patterns
• Partners and integrators who refer users to our Services
• Publicly available blockchain data and analytics platforms

4. How We Use Your Information

We process your personal data for the following purposes:

4.1 Service Provision and Operation

• To provide, maintain, improve, and develop the Services
• To process testnet participation, airdrop eligibility, and campaign rewards
• To facilitate validator onboarding and node operations
• To enable wallet connections and on-chain interactions

4.2 Communication

• To send administrative messages, security alerts, and technical updates
• To respond to your inquiries, support requests, and feedback
• To distribute newsletters and ecosystem updates (where you have opted in)
• To notify you of material changes to our Services, terms, or policies

4.3 Legal and Compliance

• To comply with applicable laws, regulations, and legal processes, including anti-money laundering (AML) and know-your-customer (KYC) requirements
• To enforce our terms, policies, and agreements
• To respond to lawful requests from regulatory and governmental authorities
• To establish, exercise, or defend legal claims

4.4 Security and Fraud Prevention

• To detect, investigate, and prevent fraudulent, unauthorized, or malicious activity
• To monitor for and address security threats, vulnerabilities, and technical issues
• To protect the rights, property, and safety of AESC, our users, and the public

4.5 Analytics and Improvement

• To analyze usage patterns, trends, and user behavior to improve the user experience
• To conduct research and development for new features and services
• To create aggregated, anonymized, or de-identified data for statistical analysis

5. Legal Basis for Processing

We process your personal data on the following legal bases, as applicable:

• Consent: Where you have given explicit consent for specific processing activities (e.g., receiving marketing communications)
• Contract: Where processing is necessary to perform a contract with you or take steps at your request before entering into a contract
• Legal obligation: Where processing is necessary to comply with applicable laws and regulations (e.g., AML/KYC requirements)
• Legitimate interests: Where processing is necessary for our legitimate interests (e.g., maintaining security, improving services, analytics), provided such interests are not overridden by your fundamental rights and freedoms

6. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share information in the following limited circumstances:

• Service Providers: We engage trusted third-party service providers who perform services on our behalf, including hosting and cloud infrastructure, analytics, email delivery, customer support, and compliance services. These providers are contractually bound to process your data only for the purposes we specify and in accordance with this Policy.
• Compliance Partners: KYC/KYB data may be shared with regulated identity verification service providers and compliance platforms for the purpose of meeting legal and regulatory requirements.
• Legal Requirements: We may disclose your information when required by law, regulation, subpoena, court order, or other governmental or regulatory request. We will attempt to notify you before disclosing your information unless prohibited by law.
• Safety and Security: We may share information when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of AESC, our users, or the general public, including to prevent fraud or other illegal activity.
• Business Transfers: In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.
• Aggregated and De-identified Data: We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you, without restriction.

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Policy, comply with our legal obligations, resolve disputes, enforce our agreements, and maintain accurate records. The specific retention period depends on the nature of the data and the purpose of processing:

• Account and contact information: Retained for the duration of your relationship with us and for a reasonable period afterward to address any follow-up queries
• KYC/KYB documentation: Retained for the period required by applicable anti-money laundering regulations (typically 5–7 years after the end of the business relationship)
• Usage and analytics data: Retained in identifiable form for up to 24 months, after which it is aggregated or anonymized
• Communication records: Retained for up to 3 years for record-keeping and dispute resolution purposes
• Blockchain data: On-chain data is immutable and persists on the blockchain indefinitely by design. This data cannot be modified or deleted.

When personal data is no longer required, we will securely delete or anonymize it in accordance with our data retention policies and applicable legal requirements.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate, improve, and analyze our Services. These technologies include:

• Strictly necessary cookies: Essential for the operation of the Site, enabling basic functions like page navigation, secure access, and session management. These cookies cannot be disabled.
• Analytics cookies: Help us understand how visitors interact with the Site by collecting information about pages visited, time spent, and navigation patterns. This data is aggregated and anonymized where possible.
• Performance cookies: Used to measure and improve the Site's performance, including load times and error tracking.
• Preference cookies: Enable the Site to remember your choices and preferences (e.g., language, region) to provide a more personalized experience.

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or alert you when cookies are being sent. Please note that disabling cookies may affect the functionality of certain features of the Site.

We may also use web beacons, pixel tags, and similar technologies to track engagement with our email communications and understand how users interact with our content.

9. Data Security

We implement industry-standard technical and organizational security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/SSL) and at rest
• Access controls and role-based permissions for personnel who handle personal data
• Regular security assessments, vulnerability scanning, and penetration testing
• Incident response procedures and breach notification protocols
• Employee training on data protection and security best practices
• Secure data backup and recovery procedures

However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the security of your wallet private keys, passwords, and any credentials used to access the Services.

10. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right of access: Request a copy of your personal data that we hold
• Right to rectification: Request correction of inaccurate or incomplete personal data
• Right to erasure: Request deletion of your personal data, subject to legal retention obligations
• Right to restrict processing: Request that we limit the processing of your personal data in certain circumstances
• Right to data portability: Request a copy of your data in a structured, commonly used, machine-readable format
• Right to object: Object to processing based on legitimate interests or for direct marketing purposes
• Right to withdraw consent: Withdraw previously given consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal
• Right to lodge a complaint: File a complaint with a supervisory authority if you believe your rights have been violated

To exercise any of these rights, contact us at info@aescnet.com. We will respond to your request within 30 days, or longer if permitted by applicable law, and may request additional information to verify your identity.

Important: On-chain data (blockchain transactions, wallet addresses, smart contract interactions) cannot be modified or deleted due to the immutable nature of blockchain technology. These rights apply only to off-chain personal data under our control.

11. International Data Transfers

Your information may be transferred to and processed in jurisdictions other than where you reside. These jurisdictions may have different data protection laws than your country. We take appropriate safeguards to ensure your information is protected in accordance with this Policy and applicable data protection laws, including:

• Standard contractual clauses approved by relevant authorities
• Data processing agreements with appropriate security and confidentiality obligations
• Transfers to jurisdictions recognized as providing adequate data protection

12. Children's Privacy

The Services are not directed to individuals under the age of 18 (or the age of majority in your jurisdiction, whichever is higher). We do not knowingly collect, solicit, or maintain personal information from children. If we become aware that we have collected personal information from a child without parental or guardian consent, we will take steps to delete that information promptly. If you believe that a child has provided us with personal information, please contact us at info@aescnet.com.

13. Third-Party Links and Services

The Services may contain links to third-party websites, applications, protocols, or services that are not operated or controlled by us. This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services before providing them with personal information. We are not responsible for the privacy practices, content, or security of third-party services.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Post the revised Policy on the Site
• Notify you through the Site or other appropriate channels for material changes

Your continued use of the Services after the effective date of any changes constitutes your acceptance of the revised Policy. We encourage you to periodically review this page.

15. Contact

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us at: