This Privacy Notice explains how Fudex DAO, LLC, a Wyoming Corporation ("FUDEX", "we", "us"), collects, uses, shares and protects personal information when you use the FUDEX.IO website, the peer-to-peer exchange, the FUDEX Card, our mobile applications, and any related services (together, the "Services").
Because the Services involve regulated, tokenized book-entry securities, some of the information we handle is collected and processed to satisfy legal obligations — including identity verification (KYC), anti-money-laundering (AML) screening, and ownership recording with our transfer agent, Empire Stock Transfer.
We collect information in three ways: directly from you, automatically through your use of the Services, and from third parties such as identity-verification providers.
| Category | Examples |
|---|---|
| Account & contact | Name, email address, mobile number, password (hashed), one-time verification codes. |
| Identity (KYC) | Date of birth, residential address, country, government ID images, selfie / liveness data, screening results (sanctions, PEP). |
| Financial | Linked bank account details, deposit and withdrawal history, balances, trading and escrow activity, card transactions. |
| Blockchain | Wallet addresses, whitelist status, token balances, on-chain transfer history. |
| Device & usage | IP address, device identifiers, browser type, pages viewed, approximate location, app interactions. |
| Support | Support tickets, correspondence, and call or chat records. |
Settlement on FUDEX.IO occurs on a public blockchain using ERC-3643 permissioned tokens. Your wallet address, whitelist status, and transfer history are recorded on-chain and visible to anyone. On-chain records are immutable — they cannot be altered or deleted by FUDEX or anyone else, and deletion rights under privacy laws cannot be applied to them.
We minimize what goes on-chain: no name, contact detail, or document ever touches the chain. The link between your wallet address and your verified identity is held off-chain by FUDEX and the transfer agent.
We keep personal information for as long as your account is active and as long as required afterwards. Because tokenized securities are regulated instruments, laws require us to retain KYC records, transaction history and registry data for a minimum period (typically five to seven years after account closure, depending on jurisdiction). When retention periods end, we delete or irreversibly anonymize the data.
No system is perfectly secure. If a breach affecting your personal information occurs, we will notify you and the relevant authorities as required by law.
Depending on where you live, you may have rights to access, correct, delete, or receive a copy of your personal information, and to object to or restrict certain processing. You can exercise most of these from your Account page or by contacting us (Section 13).
We will not discriminate against you for exercising any privacy right.
We are based in the United States and process data there. If you use the Services from elsewhere, your information will be transferred to the U.S. and protected using safeguards recognized by applicable law, such as standard contractual clauses with our processors.
The Services are not directed to anyone under 18, and we do not knowingly collect personal information from children. Identity verification prevents minors from opening accounts; if we learn we hold a child's data, we delete it.
We may update this notice as the Services or the law change. We will post the new version here with an updated date, and for material changes we will notify you by email or in-app before they take effect.
Questions, requests or complaints about privacy can be raised with our privacy team:
If you are unsatisfied with our response, you may also lodge a complaint with your local data-protection authority.