Privacy Policy

1.1 Blockchain and Wallet Data

When you connect your wallet to and interact with the Services, we may collect: public wallet addresses, transaction data (token types, amounts, source/destination chains, swap routes, transaction hashes, and status), and on-chain activity related to transactions routed through the Services.

This data is publicly available on the relevant Blockchain networks. We do not collect private keys, seed phrases, or wallet passwords. The Services are entirely non-custodial.

1.2 Automatically Collected Technical Data

When you visit our website or use the Services, we automatically collect: IP address (anonymized where feasible), device information (browser type, OS, device type), usage data (pages visited, features used, time on pages, referring URLs), and performance data (page load times, error logs).

1.3 Cookie Data

We use cookies and similar tracking technologies to operate and improve the Services. Our cookie practices are detailed in Section 5. You may accept or reject non-essential cookies through our cookie consent banner.

1.4 Information You Provide Voluntarily

If you contact us through support channels, submit a bug report, or otherwise communicate with us, we may collect your email address (if provided), the content of your communications, and any attachments.

3.1 Service Delivery

To process and route your Digital Asset transactions, display transaction history and status, provide quotes and route comparisons, and maintain the reliability, performance, and security of the Services.

3.2 Analytics and Improvement

To analyze usage patterns, identify technical issues, develop new features, and generate anonymized aggregated statistics about platform usage.

3.3 Security and Fraud Prevention

To detect, prevent, and respond to fraud, abuse, security threats, and unauthorized access.

3.4 Legal Compliance

To comply with applicable laws and regulations, respond to lawful requests from authorities, and enforce our Terms and Conditions.

3.5 Communications

To respond to support inquiries and provide important service-related notices.

• Contractual necessity: Processing necessary to provide the Services as described in our Terms and Conditions.
• Legitimate interests: Processing necessary for our legitimate business interests, including service improvement, security, and fraud prevention.
• Legal obligation: Processing necessary to comply with applicable laws and regulations.
• Consent: Where you have provided your consent, such as for non-essential cookies. You may withdraw consent at any time.

Our website uses a cookie consent banner that allows you to accept or reject non-essential cookies before they are placed.

You can manage cookie preferences via our cookie consent banner, browser settings, or third-party analytics opt-out mechanisms.

We do not sell, rent, or trade your personal information to third parties.

We may share your information only in the following circumstances:

• Blockchain networks: Transaction data is inherently broadcast to public, immutable ledgers.
• Third-Party Protocols: Necessary transaction data is transmitted to DEXs and bridges for routing.
• Service providers: Trusted providers who assist in operating the Services, subject to confidentiality.
• Legal requirements: When required by law, regulation, or governmental request.
• Protection of rights: To protect Company, user, or public safety.
• Business transfers: In the event of a merger, acquisition, or sale of assets.

After retention periods, data is securely deleted or irreversibly anonymized. Blockchain data cannot be deleted as it is part of the immutable public ledger.

We implement appropriate technical and organizational security measures including: encryption in transit (TLS/SSL), encryption at rest for sensitive data, access controls on a need-to-know basis, regular security assessments and penetration testing, secure development practices, and incident response procedures.

While we implement commercially reasonable security measures, no method of transmission or storage is 100% secure. In the event of a data breach affecting your personal information, we will notify you and relevant authorities in accordance with applicable law.

The Company is based in Dubai, UAE. Your information may be processed and stored in the UAE and in other jurisdictions where our service providers operate. We take appropriate steps to ensure adequate protection, including through contractual safeguards.

Depending on your jurisdiction, you may have the following rights:

• Access and Portability: Request a copy of your personal information in a machine-readable format.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion, subject to legal retention requirements and Blockchain immutability.
• Restriction and Objection: Request restriction of or object to processing in certain circumstances.
• Withdrawal of Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at support@hypermid.io. We will respond within thirty (30) days.

The Services are not directed to individuals under eighteen (18). We do not knowingly collect personal information from children. If we become aware of such collection, we will delete it promptly.

The Services may contain links to third-party websites and services not operated by us. This Policy does not apply to those services. We encourage you to review their privacy policies.

We may update this Policy from time to time. Updated versions will be posted with a revised “Last Updated” date. Your continued use of the Services constitutes acceptance of the updated Policy.

This Policy is designed to comply with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (“UAE PDPL”) and its implementing regulations.