Privacy Policy

Mutuum ("we," "us," "our," or "Company") operates the website https://mutuum.co.uk and provides decentralized cryptocurrency exchange services. We are committed to protecting your privacy and ensuring transparency in how we collect, use, and safeguard your personal information.

This Privacy Policy explains our practices regarding data collection, usage, disclosure, and protection when you access our platform, use our services, or interact with our website. By using Mutuum, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Information You Provide Directly

When you interact with Mutuum, you may voluntarily provide us with certain information:

• Contact Information: Name, email address, and phone number when you contact our support team or subscribe to newsletters
• Communication Data: Messages, inquiries, and feedback you submit through our contact forms or customer support channels
• Account Information: Wallet addresses and transaction preferences you configure on our platform
• Identity Verification Data: If you opt for enhanced features requiring KYC (Know Your Customer), we may collect government-issued identification, proof of address, and biometric data

1.2 Information Collected Automatically

When you visit our website or use our services, we automatically collect certain technical information:

• Device Information: IP address, browser type and version, operating system, device identifiers, and hardware specifications
• Usage Data: Pages viewed, features accessed, time spent on the platform, referral sources, and navigation patterns
• Blockchain Data: Public blockchain information including wallet addresses, transaction hashes, token balances, and smart contract interactions
• Cookies and Similar Technologies: Data collected through cookies, web beacons, and similar tracking technologies (see Section 6 for details)
• Analytics Data: Aggregated statistics about platform usage, trading volumes, and user behavior patterns

1.3 Information from Third Parties

We may receive information about you from third-party sources:

• Wallet Providers: Information from cryptocurrency wallet services you use to connect to our platform
• Blockchain Networks: Publicly available transaction data from blockchain networks
• Analytics Providers: Aggregated usage statistics from web analytics services
• Verification Services: Identity verification results from KYC/AML service providers

2. How We Use Your Information

We use the collected information for the following legitimate purposes:

2.1 Service Provision and Platform Operation

• Facilitate cryptocurrency trading and swapping through our decentralized exchange platform
• Process and execute your transactions on blockchain networks
• Maintain and optimize platform functionality and performance
• Provide customer support and respond to your inquiries
• Troubleshoot technical issues and resolve disputes

2.2 Security and Fraud Prevention

• Detect, prevent, and investigate fraudulent activities, security breaches, and unauthorized access
• Monitor for suspicious transactions and potential money laundering activities
• Verify user identity where required by law or platform policies
• Enforce our Terms & Conditions and other policies
• Protect the rights, property, and safety of Mutuum, our users, and third parties

2.3 Communication and Marketing

• Send important platform updates, security alerts, and service announcements
• Provide educational content about DeFi trading and cryptocurrency markets
• Deliver newsletters and promotional materials (with your consent)
• Conduct surveys and gather feedback to improve our services
• Respond to your comments, questions, and support requests

2.4 Analytics and Improvement

• Analyze usage patterns and user behavior to enhance platform functionality
• Develop new features and services based on user needs
• Conduct research and data analysis for business intelligence
• Create aggregated, anonymized statistics about platform usage
• Optimize user interface and improve user experience

2.5 Legal Compliance and Risk Management

• Comply with applicable laws, regulations, and legal processes
• Fulfill Know Your Customer (KYC) and Anti-Money Laundering (AML) obligations
• Respond to lawful requests from government authorities and law enforcement
• Maintain records required by financial regulations
• Assess and manage operational and legal risks

3. How We Share Your Information

We respect your privacy and limit information sharing to specific circumstances:

3.1 Service Providers and Business Partners

We engage trusted third-party service providers who assist in platform operations:

• Cloud Hosting Providers: For secure data storage and platform infrastructure
• Analytics Services: Google Analytics and similar platforms for usage analysis
• Customer Support Tools: Help desk and communication platforms
• KYC/AML Providers: Identity verification and compliance screening services
• Payment Processors: For processing fiat currency transactions
• Security Services: Fraud detection and prevention providers

These service providers are contractually obligated to protect your information and use it only for specified purposes.

3.2 Legal Requirements and Law Enforcement

We may disclose your information when legally required or necessary to:

• Comply with court orders, subpoenas, or legal processes
• Respond to lawful requests from government authorities, regulators, or law enforcement
• Enforce our Terms & Conditions and protect our legal rights
• Investigate and prevent illegal activities, fraud, or security threats
• Protect the safety and rights of Mutuum, our users, or the public

3.3 Business Transfers

If Mutuum undergoes a merger, acquisition, reorganization, asset sale, or similar transaction, your information may be transferred as part of that business deal. We will notify you via email or prominent website notice before your information becomes subject to a different privacy policy.

3.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing, such as when you opt into partner promotions or third-party integrations.

3.5 Public Blockchain Information

Please note that blockchain transactions are inherently public. Any information you include in blockchain transactions (wallet addresses, transaction amounts, smart contract interactions) becomes permanently recorded on public blockchains and cannot be deleted or modified.

4. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

4.1 Retention Periods

• Account Data: Retained for the duration of your platform usage plus 7 years after account closure for legal compliance
• Transaction Records: Retained for 7 years to comply with financial regulations and tax requirements
• Communication Logs: Retained for 3 years for quality assurance and dispute resolution
• Marketing Data: Retained until you unsubscribe or opt out of communications
• Website Cookies: Retained according to our Cookie Policy (typically 1-12 months)
• KYC/AML Data: Retained for 7 years after relationship termination as required by law

4.2 Data Deletion

After the applicable retention period expires, we securely delete or anonymize your personal information. However, some information may remain in backup systems for a limited additional period. Blockchain data cannot be deleted due to the immutable nature of distributed ledger technology.

5. Data Security

We implement robust security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction:

5.1 Technical Security Measures

• Encryption: All sensitive data is encrypted both in transit (using TLS/SSL) and at rest using industry-standard encryption protocols
• Secure Infrastructure: Our servers are hosted in secure data centers with physical security controls and redundant systems
• Access Controls: Strict authentication and authorization mechanisms limit employee access to personal data on a need-to-know basis
• Firewalls and Intrusion Detection: Advanced security systems monitor and protect against unauthorized access attempts
• Regular Security Audits: Independent third-party security firms conduct periodic assessments of our systems
• Smart Contract Audits: Our blockchain smart contracts are audited by reputable security firms

5.2 Organizational Security Measures

• Employee training on data protection and privacy best practices
• Confidentiality agreements with all personnel handling personal data
• Incident response procedures for data breaches or security events
• Regular security awareness programs and updates
• Vendor management program ensuring third-party compliance

5.3 Your Security Responsibilities

While we implement comprehensive security measures, you also play a crucial role in protecting your information:

• Use strong, unique passwords and enable two-factor authentication when available
• Never share your wallet private keys or seed phrases with anyone
• Keep your devices and software updated with the latest security patches
• Be cautious of phishing attempts and verify you're on the official Mutuum website
• Report suspicious activity or security concerns immediately to our support team

6. Cookies and Tracking Technologies

Mutuum uses cookies and similar technologies to enhance your experience, analyze platform usage, and deliver personalized content.

6.1 Types of Cookies We Use

• Essential Cookies: Required for platform functionality, including session management and security features. These cannot be disabled without affecting platform operation.
• Analytics Cookies: Help us understand how users interact with our platform through services like Google Analytics. These collect aggregated usage statistics.
• Functional Cookies: Remember your preferences and settings to provide personalized experiences.
• Marketing Cookies: Track your interaction with promotional content and enable targeted advertising (with your consent).

6.2 Third-Party Cookies

We use the following third-party services that may set cookies:

• Google Analytics: For website traffic analysis and user behavior insights
• Facebook Pixel: For advertising optimization and conversion tracking
• Social Media Plugins: To enable content sharing and social features

6.3 Managing Cookie Preferences

You can control cookies through our cookie consent banner and your browser settings. Note that disabling certain cookies may limit platform functionality. Most browsers allow you to:

• View and delete existing cookies
• Block third-party cookies
• Block all cookies (may affect platform functionality)
• Receive notification before cookies are set

7. Your Privacy Rights

Depending on your jurisdiction, you may have certain rights regarding your personal information:

7.1 General Rights

• Right to Access: Request a copy of the personal information we hold about you
• Right to Rectification: Correct inaccurate or incomplete personal information
• Right to Deletion: Request deletion of your personal data (subject to legal retention requirements)
• Right to Restriction: Limit how we process your personal information in certain circumstances
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw previously given consent for data processing

7.2 UK/EEA-Specific Rights (GDPR)

If you are located in the United Kingdom or European Economic Area, you have additional rights under GDPR, including the right to lodge a complaint with your local data protection authority.

7.3 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in Section 12. We will respond to your request within 30 days. Note that we may need to verify your identity before processing certain requests.

8. International Data Transfers

Mutuum operates globally, and your information may be transferred to, stored, and processed in countries other than your country of residence. These countries may have different data protection laws than your jurisdiction.

When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions recognizing equivalent data protection
• Binding corporate rules and privacy frameworks
• Explicit consent for specific transfers when required

9. Children's Privacy

Mutuum is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. Upon verification, we will promptly delete such information from our systems.

10. Third-Party Links and Services

Our platform may contain links to third-party websites, applications, or services not operated by Mutuum. This Privacy Policy does not apply to third-party sites. We encourage you to review the privacy policies of any third-party services you access through our platform. We are not responsible for the privacy practices or content of external sites.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes through:

• Prominent notice on our website homepage
• Email notification to registered users
• In-platform notifications
• Updated "Last Modified" date at the top of this policy

Your continued use of Mutuum after changes become effective constitutes acceptance of the revised Privacy Policy. We encourage you to review this policy periodically to stay informed about how we protect your information.

12. Contact Information