Privacy Policy

Welcome to Cyborg Sentience, operated by Cyborg Studios ("we," "us," or "our"). We are committed to protecting your privacy and personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, smart contracts, and services (collectively, the "Platform"). Please read this policy carefully.

IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, PLEASE DO NOT USE THE PLATFORM.

For the purposes of the GDPR, the data controller is:

If you have any questions or concerns about how we handle your personal data, please contact our Data Protection Officer at the email address above.

3.1 Information You Provide

We may collect the following information that you voluntarily provide:

• Wallet Address: Your Ethereum wallet address when you connect to the Platform
• Email Address: If you subscribe to our newsletter or contact us
• Contact Information: Name, email, or other details you provide when contacting support
• Discord/Social Media: Usernames if you join our community channels
• Survey Responses: Feedback or opinions you provide in surveys or feedback forms

3.2 Information Automatically Collected

When you use the Platform, we automatically collect certain technical information:

• Device Information: Browser type, device type, operating system, screen resolution
• Usage Data: Pages visited, time spent on pages, clicks, navigation paths
• IP Address: Your Internet Protocol address (anonymized where possible)
• Cookies: Data stored by cookies and similar tracking technologies (see Section 6)
• Referral Information: Website or link that referred you to our Platform

3.3 Blockchain Data

We may collect publicly available blockchain data:

• Wallet Addresses: Ethereum addresses that interact with our smart contracts
• Transaction Hashes: Records of NFT minting, burning, and transfer transactions
• Token Holdings: NFTs owned by specific wallet addresses
• On-Chain Activity: Publicly visible blockchain interactions

Note: Blockchain data is public and permanent by design. We do not control the blockchain and cannot delete on-chain data.

3.4 Information We Do NOT Collect

We do NOT collect or have access to:

• Your private keys or seed phrases
• Your wallet passwords or credentials
• Financial information (credit card numbers, bank accounts)
• Government-issued identification documents (unless required by law)

We process your personal data for the following purposes and legal bases under GDPR:

4.1 Contract Performance (Art. 6(1)(b) GDPR)

• Facilitate NFT minting, burning, and evolution transactions
• Enable wallet connection and blockchain interactions
• Process your requests and provide customer support
• Verify eligibility for bonus rewards

4.2 Legitimate Interests (Art. 6(1)(f) GDPR)

• Improve and optimize the Platform's functionality and user experience
• Analyze usage patterns and trends to enhance our services
• Detect and prevent fraud, security threats, or technical issues
• Administer and protect our business operations
• Display relevant NFT collections and marketplace information

4.3 Consent (Art. 6(1)(a) GDPR)

• Send you marketing communications and newsletters (you may withdraw consent anytime)
• Use cookies and tracking technologies (see Cookie Policy)
• Display personalized content or recommendations

4.4 Legal Obligation (Art. 6(1)(c) GDPR)

• Comply with applicable laws and regulations
• Respond to lawful requests from authorities
• Maintain records for tax and accounting purposes
• Enforce our Terms of Service

We may share your information with the following third parties:

5.1 Service Providers

We use trusted third-party service providers to support our operations:

• Hosting Services: Website hosting and server infrastructure
• IPFS Storage: Pinata or similar services for decentralized metadata storage
• Analytics: Google Analytics or similar tools (anonymized where possible)
• Email Services: Newsletter and communication platforms
• Customer Support: Help desk and ticketing systems

All service providers are contractually required to protect your data and use it only for specified purposes.

5.2 Blockchain Networks

When you interact with our smart contracts, your wallet address and transaction details are permanently recorded on the Ethereum blockchain, which is public and accessible to anyone. This includes:

• NFT minting, burning, and transfer transactions
• Wallet addresses and token balances
• Transaction timestamps and gas fees

5.3 Legal Compliance

We may disclose your information if required by law or in response to:

• Valid legal processes (subpoenas, court orders, warrants)
• Government or regulatory requests
• Protection of our rights, property, or safety
• Prevention of fraud or illegal activity

5.4 Business Transfers

If we are involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. You will be notified of any such change.

5.5 We Do NOT Sell Your Data

We do NOT sell, rent, or trade your personal information to third parties for their marketing purposes.

We use cookies and similar tracking technologies to improve your experience on the Platform.

6.1 Types of Cookies We Use

• Essential Cookies: Required for the Platform to function (e.g., wallet connection state, session management)
• Analytics Cookies: Help us understand how visitors use the Platform (e.g., Google Analytics)
• Functionality Cookies: Remember your preferences and settings
• Marketing Cookies: Track your activity for advertising purposes (requires consent)

6.2 Managing Cookies

You can control cookies through:

• Browser settings (disable or delete cookies)
• Cookie consent banner (accept/reject non-essential cookies)
• Opt-out tools provided by third-party analytics services

Note: Disabling essential cookies may affect Platform functionality (e.g., wallet connection may not work properly).

6.3 Third-Party Tracking

Third-party services (e.g., Google Analytics, social media widgets) may use their own cookies. We do not control these third-party cookies. Please review their privacy policies for more information.

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

• Wallet Connection Data: Session-based, deleted when you disconnect or close browser
• Email Addresses: Retained until you unsubscribe or request deletion
• Support Tickets: Retained for 3 years for customer service purposes
• Analytics Data: Anonymized after 26 months (Google Analytics default)
• Blockchain Data: Permanent (we cannot delete on-chain data)

After the retention period expires, we will securely delete or anonymize your personal data.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration:

• Encryption: HTTPS/TLS encryption for data in transit
• Access Controls: Restricted access to personal data (need-to-know basis)
• Secure Storage: Data stored on secure servers with regular backups
• Security Monitoring: Regular security audits and vulnerability assessments
• Incident Response: Procedures for detecting and responding to data breaches

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for securing your wallet and private keys.

In the event of a data breach affecting your personal data, we will notify you and relevant authorities as required by GDPR (within 72 hours of discovery).

If you are a resident of the European Union, you have the following rights regarding your personal data:

9.1 Right of Access (Art. 15 GDPR)

You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data.

9.2 Right to Rectification (Art. 16 GDPR)

You have the right to request correction of inaccurate or incomplete personal data.

9.3 Right to Erasure / "Right to be Forgotten" (Art. 17 GDPR)

You have the right to request deletion of your personal data in certain circumstances. Note: Blockchain data is permanent and cannot be deleted.

9.4 Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request that we restrict processing of your personal data in certain situations.

9.5 Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.

9.6 Right to Object (Art. 21 GDPR)

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

9.7 Right to Withdraw Consent (Art. 7(3) GDPR)

Where processing is based on consent, you have the right to withdraw your consent at any time (without affecting the lawfulness of processing before withdrawal).

9.8 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority (supervisory authority) if you believe we have violated your data protection rights.

9.9 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within 30 days. We may require verification of your identity before processing your request.

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), including countries that may not provide the same level of data protection as your home country.

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place:

• EU Standard Contractual Clauses (SCCs) with service providers
• Adequacy decisions by the European Commission
• Certification schemes (e.g., EU-U.S. Data Privacy Framework, if applicable)
• Your explicit consent (where required)

For more information about international transfers and safeguards, please contact our Data Protection Officer.

The Platform is not intended for children under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal data from children.

If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information as soon as possible.

If you believe we have collected information from a child, please contact us at privacy@cyborgstudios.io.

The Platform may contain links to third-party websites, services, or applications (e.g., OpenSea, Discord, Twitter, IPFS gateways). We are not responsible for the privacy practices of these third parties.

When you leave our Platform, we encourage you to review the privacy policies of any third-party sites you visit. This Privacy Policy applies only to information collected by our Platform.

Examples of third-party services you may interact with:

• NFT marketplaces (OpenSea, Rarible, LooksRare)
• Wallet providers (MetaMask, WalletConnect)
• Social media platforms (Twitter/X, Discord, Telegram)
• Blockchain explorers (Etherscan)
• IPFS gateways (Pinata, Infura)

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Post a notice on our website or Platform
• Send an email notification to registered users (if applicable)
• Obtain your consent if required by law

We encourage you to review this Privacy Policy periodically. Your continued use of the Platform after changes are posted constitutes acceptance of the updated Privacy Policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 30 days. For GDPR-related requests, please include "GDPR Request" in your subject line.

If you are not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with your local supervisory authority:

• EU Residents: Find your local data protection authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en
• UK Residents: Information Commissioner's Office (ICO) at https://ico.org.uk/

You may also have the right to bring legal proceedings before the courts of your EU member state of residence.