StrategyPerformanceSecurityRisksFAQLearn MoreExplore Data
LoginRegister
Loading crypto prices...
Back to XAI CRYPTO

Legal Center

Review our policies and legal documentation for the XAI CRYPTO platform.

TermsPrivacyRiskAML/KYCCookies

Privacy Policy

Last updated: March 2026

1. Introduction

XAI CRYPTO ("Company," "we," "us," or "our") is committed to protecting the privacy of our users ("User," "you," or "your"). This Privacy Policy describes how we collect, use, store, share, and protect your personal information when you access or use our platform, websites, APIs, and related services (collectively, the "Services").

By using the Services, you consent to the data practices described in this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our Services immediately.

2. Information We Collect

2.1 Information You Provide

  • Account Registration Data: Full legal name, email address, phone number, date of birth, country of residence, and username
  • Identity Verification (KYC) Data: Government-issued identification documents, proof of address, selfie or biometric verification data, social security number or tax identification number where required
  • Financial Information: Cryptocurrency wallet addresses, transaction histories, deposit and withdrawal records, and payment method details
  • Communications: Messages sent through customer support, feedback, survey responses, and any other communications with our team

2.2 Information Collected Automatically

  • Device Information: IP address, browser type and version, operating system, device identifiers, and screen resolution
  • Usage Data: Pages visited, features used, click patterns, time spent on pages, trading activity logs, and navigation paths
  • Cookies and Tracking Technologies: We use cookies, web beacons, pixel tags, and similar technologies as described in our Cookie Policy
  • Log Data: Server logs recording access times, error logs, API call records, and security event logs

2.3 Blockchain Data

Due to the nature of blockchain technology, certain transaction data is publicly available on distributed ledgers. We may collect and analyze on-chain data including wallet addresses, transaction amounts, timestamps, and smart contract interactions associated with your account. This data is inherently public and cannot be deleted from the blockchain.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To create and manage your account, process transactions, execute trades, and provide the core functionality of the Platform
  • Identity Verification: To comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations and to prevent fraud
  • Security: To detect, prevent, and respond to fraud, unauthorized access, and other malicious activity
  • Communications: To send you service-related notices, security alerts, transaction confirmations, and, where you have opted in, promotional materials
  • Analytics and Improvement: To analyze usage patterns, improve our algorithms, enhance user experience, and develop new features
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests
  • Risk Management: To assess and manage trading risks, monitor portfolio performance, and calibrate AI trading models

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with the following categories of recipients:

  • Service Providers: Third-party vendors who assist us in operating the Platform, including cloud hosting providers, KYC verification services, analytics providers, and customer support tools
  • Exchange Partners: Cryptocurrency exchanges where trades are executed on your behalf, limited to the data necessary for trade execution
  • Legal and Regulatory Authorities: When required by law, subpoena, court order, or governmental request, or when we believe disclosure is necessary to protect our rights, safety, or the rights of others
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction
  • With Your Consent: We may share your information with third parties when you have given explicit consent

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our Services. After account closure, we may retain certain data for the following periods:

  • Transaction Records: Retained for a minimum of five (5) years to comply with financial regulations and AML requirements
  • KYC Documentation: Retained for a minimum of five (5) years after account closure, or longer as required by applicable law
  • Communication Records: Retained for up to three (3) years for customer service quality and dispute resolution purposes
  • Log and Analytics Data: Retained for up to two (2) years for security and analytical purposes

6. Data Security

We implement industry-standard technical and organizational security measures to protect your personal data, including:

  • AES-256 encryption for data at rest and TLS 1.3 for data in transit
  • Multi-factor authentication (MFA) for account access
  • Regular penetration testing and security audits by independent third parties
  • Access controls limiting employee access to personal data on a need-to-know basis
  • Cold storage of cryptocurrency assets with multi-signature authorization
  • Real-time intrusion detection and monitoring systems
  • Secure development practices including code reviews and vulnerability scanning

While we take commercially reasonable measures to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of your personal data, subject to legal retention obligations
  • Right to Restrict Processing: Request limitation of how we process your data in certain circumstances
  • Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format
  • Right to Object: Object to the processing of your data for direct marketing or legitimate interest purposes
  • Right to Withdraw Consent: Withdraw previously given consent at any time, without affecting the lawfulness of processing based on consent before withdrawal

To exercise any of these rights, please contact us at privacy@xai.platform. We will respond to your request within thirty (30) days.

8. GDPR Compliance

For users in the European Economic Area (EEA), the United Kingdom, and Switzerland, we process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable national data protection laws. Our legal bases for processing include:

  • Contract Performance: Processing necessary to deliver the Services you have requested
  • Legal Obligation: Processing required to comply with applicable laws and regulations, including AML and KYC requirements
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as fraud prevention and platform security, balanced against your privacy rights
  • Consent: Processing based on your explicit consent, such as for marketing communications

If you are an EEA resident, you have the right to lodge a complaint with your local data protection supervisory authority if you believe our data processing activities violate your rights under the GDPR.

9. International Data Transfers

Your personal data may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or rely on adequacy decisions or other legally recognized transfer mechanisms to ensure your data receives adequate protection.

10. Children's Privacy

The Platform is not intended for individuals under the age of eighteen (18). We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from a person under 18, we will take immediate steps to delete that information from our systems.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on the Platform and, where appropriate, by sending you an email notification. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection team at privacy@xai.platform.