Privacy Policy

This Privacy Policy describes how Leigon Ltd, a British Virgin Islands company ("Raiku", "we", "us" or "our"), collects, uses, discloses and otherwise processes personal data in connection with the website at raiku.com and any related sub-domains, content, tools, features and functionality we make available through it (the "Services"). This Privacy Policy forms part of, and should be read together with, our Terms of Use and Risk Disclosure.

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this Privacy Policy, you must not access or use the Services.
‍

1. Scope

This Privacy Policy applies only to personal data we collect through or in connection with the Services. It does not apply to any other website, application, protocol, smart contract or service, including without limitation Sanctum, any stake pool, any validator, any wallet provider, any decentralised finance application, or any other third-party service (together, "Third-Party Services"). Third-Party Services are governed by the privacy policies of their respective operators, which you should review separately before interacting with them.

You should also be aware that transactions on public blockchains are, by their nature, public, permanent and immutable. Any data you record on a public blockchain, including wallet addresses and transaction details, is outside our control and is not covered by this Privacy Policy.
‍

2. Information we collect

We collect the following categories of information in connection with the Services:

2.1 Information you provide to us

• contact information, such as your name and email address, if you subscribe to our newsletter, complete a contact form, submit feedback or otherwise communicate with us;
• any other information you choose to provide to us, including in the body of any communication with us.

2.2 Information collected automatically

• technical and device information, including internet protocol (IP) address, device type, operating system, browser type and version, screen resolution and device identifiers;
• usage information, including the pages of the Services you access, the time and duration of your visit, referring and exit pages, and the actions you take on the Services;
• approximate geolocation information derived from your IP address, used to determine whether you are accessing the Services from a Restricted Jurisdiction and to improve the Services;
• information collected through cookies, pixels, tags and similar technologies, as described in Section 9 below.

2.3 Wallet address information

• if you voluntarily connect a blockchain wallet to any interface we make available (or that is made available by Sanctum or another Third-Party Service in connection with rkuSOL), we, or the operator of the relevant interface, may receive the public wallet address and the associated on-chain transaction history. Wallet addresses may constitute personal data under applicable law where they can be linked to an identified or identifiable natural person.

3. How we use personal data

We process personal data for the following purposes:
‍

1. to provide, operate, maintain and improve the Services, including to display content to you, process your interactions with the Services, and diagnose and resolve technical issues;
2. to understand how the Services are used and to analyse trends and user behaviour on an aggregated basis;
3. to communicate with you, including to respond to your enquiries, send you administrative messages, and, if you have subscribed, send you newsletters and product updates;
4. to protect the security and integrity of the Services, including to detect, prevent and investigate fraud, abuse, security incidents and unlawful activity;
5. to enforce our Terms of Use and other applicable policies, including to identify Restricted Persons and to restrict access from Restricted Jurisdictions;
6. to comply with applicable laws, regulations, legal processes, governmental requests, and obligations relating to sanctions, anti-money laundering and counter-terrorist financing;
7. and for any other purpose disclosed to you at the time we collect the personal data, or with your consent.
   ‍

4. Legal bases (EEA / UK users)

If you are located in the European Economic Area, the United Kingdom or Switzerland, the legal bases on which we rely to process your personal data are:

1. our legitimate interests in operating, securing, improving and promoting the Services, including preventing fraud and complying with applicable law (Article 6(1)(f) GDPR / UK GDPR);
2. your consent, where we rely on consent to process your personal data, for example in relation to non-essential cookies or newsletter subscriptions (Article 6(1)(a) GDPR / UK GDPR); you may withdraw your consent at any time;
3. performance of a contract with you or to take steps at your request prior to entering into a contract (Article 6(1)(b) GDPR / UK GDPR); and
4. compliance with a legal obligation to which we are subject (Article 6(1)(c) GDPR / UK GDPR).

Where our processing is based on legitimate interests, we have balanced those interests against your rights and freedoms and do not consider our processing to prejudice those rights and freedoms. You may request further information about this balancing exercise by contacting us.
‍

Automated decision-making. We do not use your personal data to make decisions about you that produce legal effects concerning you, or which similarly significantly affect you, on a solely automated basis within the meaning of Article 22 GDPR / UK GDPR. The geolocation-based access controls, sanctions screening and wallet-screening measures referred to in Section 3 are operational compliance measures designed to enforce the eligibility restrictions set out in our Terms of Use; they are not adjudicative determinations of your legal rights. If any such measure results in your access to the Services being restricted and you wish to seek human review of that outcome, you may contact us at the address in Section 13.
‍

5. Sharing and disclosure

We may share personal data in the following circumstances:

1. with service providers and processors who perform services on our behalf (including hosting, content delivery, analytics, customer support, communications, security and fraud prevention), subject to appropriate contractual safeguards;
2. with our professional advisers (including lawyers, accountants and auditors) where necessary for the establishment, exercise or defence of legal claims or for the provision of professional advice;
3. with our affiliates and group companies for the purposes described in this Privacy Policy;
4. with governmental, regulatory or law enforcement authorities where we believe in good faith that disclosure is necessary to comply with applicable law, to respond to a valid legal process, to enforce our Terms of Use, or to protect the rights, property or safety of Raiku, our users or the public;
5. in connection with, or during negotiations concerning, any merger, acquisition, reorganisation, financing, sale of assets, bankruptcy or similar corporate transaction involving Raiku, subject to customary confidentiality protections; and
6. with your consent or at your direction.

We do not sell personal data in exchange for monetary consideration.
‍

6. International transfers

Raiku is established in the British Virgin Islands. Personal data we collect may be transferred to, and processed in, jurisdictions other than your country of residence, including the British Virgin Islands, the Cayman Islands, the United States, the United Kingdom and other jurisdictions in which we, our affiliates or our service providers operate. Those jurisdictions may have data protection laws that differ from those of your country of residence. Where required by applicable law, we implement appropriate safeguards for such international transfers, including (for transfers out of the EEA or the UK) standard contractual clauses adopted by the European Commission or the UK Information Commissioner, or another lawful transfer mechanism.

‍
7. Retention

We retain personal data for as long as is necessary for the purposes for which it was collected, or as required to comply with our legal and regulatory obligations, to establish, exercise or defend legal claims, or to enforce our agreements. The retention period depends on the nature of the personal data and the purposes for which it is processed. When personal data is no longer needed, we will securely delete, anonymise or aggregate it.
‍

8. Your rights

Depending on your jurisdiction, you may have the following rights in respect of your personal data:

1. to request access to, and a copy of, your personal data;
2. to request correction of inaccurate or incomplete personal data;
3. to request erasure of your personal data in certain circumstances;
4. to object to, or request restriction of, certain processing activities;
5. to request portability of certain personal data you have provided to us, in a structured, commonly used and machine-readable format;
6. to withdraw any consent you have given us, without affecting the lawfulness of processing prior to withdrawal; and
7. to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work or place of the alleged infringement (for EEA users), or the UK Information Commissioner's Office (for UK users).

To exercise any of these rights, please contact us at legal@raiku.com. We may need to verify your identity before responding to your request. We will respond within the period required by applicable law.
‍

9. Cookies and similar technologies

We use cookies and similar technologies (such as pixels, tags and local storage) to operate and improve the Services and, subject to your consent where required, to analyse usage and personalise content. A separate Cookie Notice on the Services describes the cookies we use, their purposes and how you can manage your preferences. Where required by law, we obtain your consent to the use of non-essential cookies through a cookie banner displayed on first visit to the Services.
‍

10. Security

We implement appropriate technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. However, no system or transmission of data over the internet can be guaranteed to be completely secure. You are responsible for the security of any device you use to access the Services, and of any wallet, private key, seed phrase or credential you use in connection with rkuSOL or any Third-Party Service.
‍

11. Children

The Services are not directed at, and are not intended for use by, individuals under the age of 18. We do not knowingly collect personal data from any individual under the age of 18. If you believe we have inadvertently collected personal data from an individual under the age of 18, please contact us at legal@raiku.com and we will take steps to delete that information.
‍

12. Changes to this Privacy Policy

We may amend this Privacy Policy from time to time. The amended Privacy Policy will be posted on the Services with an updated "Last Updated" date. Material changes will be notified to you by a prominent notice on the Services or, where we hold an email address for you, by email. Your continued use of the Services following any such amendment constitutes your acceptance of the amended Privacy Policy.
‍

13. Contact

If you have any questions, comments or requests in relation to this Privacy Policy or our processing of your personal data, please contact us at legal@raiku.com. The data controller responsible for your personal data is Leigon Ltd, a company incorporated in the British Virgin Islands with company number 2208336 and registered address at Commerce House, Wickhams Cay 1, P.O. Box 3140, Road Town, Tortola, British Virgin Islands, VG1110.