Privacy Policy

Peach Technology, Inc., a Delaware corporation ("Peach," "Company," "we," "us," or "our"), values your privacy. This Privacy Policy (the "Policy") describes how we collect, use, disclose, retain, and protect your personal information in connection with the Peach mobile application and all related services (collectively, the "Services").

This Policy is incorporated into our Terms of Service by reference. By using the Services, you acknowledge that you have read and understood this Policy.

The Services are non-custodial. Peach does not have access to, and does not collect or store, your Private Keys, seed phrases, or recovery phrases.

1. Personal Information We Collect

1.1 Information You Provide to Us

Account Information. When you create an account, we collect information associated with your chosen authentication method:

• Email OTP: your email address.
• Apple Sign-In: the user identifier issued by Apple and your email address. If you elect to use Apple's "Hide My Email" feature, we receive only the Apple-generated relay email, not your actual email address.
• Google Sign-In: the user identifier issued by Google, your email address, and your profile name.

Communications Data. When you contact our support channels (by email, in-app messaging, or otherwise), we collect the content of your communications along with associated metadata (such as timestamps and any attachments).

1.2 Information Collected Automatically

Device Data.

• Device type and model, operating system and version;
• Unique device identifiers (such as IDFV on iOS or Android ID);
• App version, language settings, and time zone;
• IP address and approximate location inferred from IP (city or country level).

Usage Data.

• Screens viewed, features used, actions taken, and the sequence of such actions;
• Access times, session duration, and app launch frequency;
• Error logs, crash reports, and performance diagnostics.

Blockchain Data. When you interact with blockchain networks through the Services, we may process the following information publicly recorded on the blockchain:

• your wallet address;
• transaction hashes and transaction history;
• token balances and protocol interactions;
• any other information publicly recorded on the blockchain.

This blockchain information is inherently public and can be accessed by anyone. It is not privately collected by Peach.

1.3 Information We Do NOT Collect

We do not collect, store, or have the ability to access:

• Your Private Keys, seed phrases, or recovery phrases. These are managed within Turnkey's infrastructure on your device, and Peach has no technical means of accessing them.
• Government-issued identification numbers (such as passport numbers, national ID numbers, or social security numbers).
• Biometric information (such as fingerprints or facial recognition data). On-device biometric authentication is processed at the operating system level and is not transmitted to Peach.
• Sensitive categories such as health information, religion, political views, or sexual orientation.
• Traditional financial account information (such as bank account numbers or credit card numbers), other than your publicly available blockchain wallet address. Note: if we integrate third-party fiat on-ramp services in the future, those providers may collect such information separately under their own privacy policies.

2. How We Collect Personal Information

We collect personal information through the following methods:

• Information you directly provide when creating an account or using the Services;
• Information automatically collected through cookies, SDKs, and server logs as you use the Services;
• Information transmitted to us by third-party authentication providers (Apple, Google) with your consent; and
• Public blockchain data queried from public networks in relation to your wallet address.

3. How We Use Your Personal Information

We use your personal information for the following purposes:

3.1 Provision and Operation of the Services

• Creating, maintaining, and managing your user account;
• Provisioning your Wallet and connecting you to blockchain networks;
• Providing the token swap, DeFi yield deposit, and perpetual futures trading interfaces;
• Bundling transactions and sponsoring Gas Fees;
• Displaying your transaction history and Wallet activity.

3.2 Communications

• Sending service-related announcements, security alerts, and updates;
• Responding to your support inquiries and feedback;
• Notifying you of material changes to our Terms, this Policy, or other important matters.

3.3 Service Improvement and Analytics

• Analyzing user behavior patterns and usage of features;
• Diagnosing errors, performance issues, and crashes;
• Improving the performance, stability, and usability of the Services;
• Developing new features.

3.4 Safety, Security, and Fraud Prevention

• Detecting, preventing, and responding to unauthorized access, abuse, or misuse of the Services;
• Preventing access from Restricted Persons or Restricted Territories;
• Protecting the integrity and security of the Services;
• Protecting users and responding to disputes.

3.5 Legal Compliance

• Complying with applicable laws, regulations, and record-keeping obligations;
• Responding to lawful requests from courts, law enforcement, or regulators;
• Protecting the rights, property, and safety of Peach, our users, and the public;
• Establishing, exercising, or defending legal claims.

4. Disclosure of Personal Information

We do not sell your personal information. We share your personal information only in the limited circumstances described below.

4.1 With Your Consent

Where you have given us explicit consent, we may share your information in accordance with the scope of such consent.

4.2 Compliance with Law and Lawful Requests

We may disclose your personal information if required by applicable law, subpoena, court order, or other lawful request from a government authority, or if we believe in good faith that such disclosure is necessary to:

• comply with applicable law or legal process;
• protect the rights, property, or safety of Peach, our users, or the public;
• detect, prevent, or respond to fraud, security incidents, or unlawful activity.

4.3 Business Transfers

In connection with any merger, acquisition, reorganization, sale of assets, financing, or similar transaction involving Peach, personal information may be transferred to or assumed by the successor entity. We will provide notice of any such transfer through the App or other appropriate means.

5. Service Providers and Processors

We engage third-party service providers to perform services on our behalf. We require these providers to protect personal information in accordance with appropriate contractual commitments.

This list may change as our Services evolve; we will update this Policy to reflect material changes.

Note on Third-Party Protocols. When you use the Services to interact with Third-Party Protocols such as Aave, Morpho, or Hyperliquid, your transaction data is transmitted to those protocols' smart contracts and recorded on public blockchains. Those interactions are not processing by Peach or its service providers; they are direct interactions between you and the applicable third party, governed by that third party's own policies.

6. International Data Transfers

Peach is a Delaware corporation, and many of our service providers operate in the United States or in other countries. As a result, your personal information may be transferred to, stored in, and processed in the United States and other jurisdictions whose data protection laws may differ from those of your jurisdiction of residence.

When we transfer personal information internationally, we implement appropriate safeguards, including contractual commitments by our service providers, encrypted transmission (using TLS or equivalent), and access controls.

By using the Services, you consent to the international transfer of your personal information as described in this Policy.

If you do not consent to such transfers, you must not use the Services.

7. Retention

7.1. We retain your personal information only for as long as necessary to fulfill the purposes described in this Policy, or as required by applicable law.

7.2. We may retain certain information beyond the period you remain an active user where such retention is:

• required by applicable law (including tax or record-keeping obligations);
• necessary to resolve disputes, respond to inquiries, or defend or establish legal claims; or
• necessary to investigate, prevent, or respond to fraud or security incidents.

7.3. Blockchain Data. Information recorded on a blockchain (including wallet addresses and transaction history) is, by the nature of the technology, permanently public and cannot be deleted by Peach or any other party. This is an inherent feature of blockchain technology. By using the Services, you acknowledge and accept this characteristic.

7.4. Aggregated or Anonymized Data. We may retain and use aggregated, de-identified, or anonymized information indefinitely for statistical, analytical, and service-improvement purposes, as such information does not identify you.

8. Data Security

We implement reasonable technical, administrative, and physical measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction, including:

• encryption of personal information in transit (TLS) and at rest;
• access controls and permission management;
• intrusion detection and logging;
• regular security reviews and employee training.

However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security. Your Wallet's security also depends on the security of your device, your email account, and your social sign-in account, which are your responsibility.

9. Your Rights and Choices

9.1 General Rights

Depending on your jurisdiction of residence, you may have certain rights with respect to your personal information, including:

• the right to access or obtain a copy of the personal information we hold about you;
• the right to request correction of inaccurate or incomplete personal information;
• the right to request deletion of your personal information;
• the right to request restriction of, or to object to, our processing of your personal information;
• the right to data portability (to receive your personal information in a structured, commonly used, machine-readable format);
• the right to withdraw consent where processing is based on consent; and
• the right to lodge a complaint with a competent data protection authority.

9.2 How to Exercise Your Rights

You may exercise your rights by:

• using the "Delete Account" option in the App under Settings > Legal & Privacy;
• emailing us at support@peach.technology; or
• any other method permitted by applicable law.

9.3 Verification

We may require reasonable information to verify your identity before responding to a request. We may decline requests that are unverifiable, manifestly unfounded, or excessive.

9.4 Limitations

Certain rights may be limited by applicable law. For example:

• information that we are required to retain by law (such as tax records) may not be deleted on request;
• blockchain-recorded information cannot technically be deleted; and
• requests that would adversely affect the rights of other users or Peach's legitimate interests may be denied.

We will respond to valid requests within the period prescribed by applicable law.

10. European Users (EEA / UK / Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation ("GDPR"), the UK GDPR, or the Swiss Federal Act on Data Protection may apply to our processing of your personal information.

10.1 Controller

Peach Technology, Inc. is the controller of personal information collected through the Services.

10.2 Legal Bases for Processing

We process your personal information on the following legal bases:

• Performance of a contract: to provide the Services in accordance with our Terms.
• Legitimate interests: for analytics, service improvement, security, fraud prevention, and business operations, where such interests are not overridden by your rights.
• Compliance with legal obligations: to comply with applicable law.
• Consent: where required by law (for example, for certain optional analytics or communications).

10.3 Your Rights

You have the rights described in Section 9.1 above. In addition, you have the right to lodge a complaint with your local data protection authority. A list of EU data protection authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en.

10.4 International Transfers

As described in Section 6, your personal information may be transferred outside the EEA/UK/Switzerland. Where required, we rely on appropriate transfer mechanisms (such as the European Commission's Standard Contractual Clauses) to safeguard such transfers.

11. California Residents

To the extent the California Consumer Privacy Act ("CCPA") applies to you, you have the following rights:

• the right to know what personal information we collect, use, and disclose;
• the right to request deletion of your personal information;
• the right to correct inaccurate personal information;
• the right to opt out of the "sale" or "sharing" of personal information (we do not sell personal information for monetary consideration, and we do not engage in cross-context behavioral advertising that would constitute "sharing" under the CCPA); and
• the right to non-discrimination for exercising these rights.

To exercise these rights, please contact us at support@peach.technology.

12. Cookies and Automated Collection

The Services are delivered primarily through a mobile application, and our use of traditional web cookies is therefore limited. We may use the following automated collection technologies:

• Essential technologies: for session management, authentication tokens, and other functions necessary to operate the App.
• Analytics SDKs: mobile analytics tools that collect usage data for diagnostics and service improvement purposes.

We do not use third-party advertising cookies or engage in interest-based advertising.

You may limit certain automated collection through your device's privacy settings (such as "Limit Ad Tracking" or "App Tracking Transparency"). Blocking essential technologies may prevent the Services from functioning properly.

13. Children

The Services are not directed to individuals under 18 years of age, and we do not knowingly collect personal information from children under 18. If the age of majority in your jurisdiction is higher than 18, the applicable higher age limit applies.

If we become aware that we have collected personal information from a child under the applicable age limit, we will promptly delete such information. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@peach.technology.

14. Contact Us

For questions, concerns, or requests regarding this Policy or our privacy practices, please contact us at:

Peach Technology, Inc.

Address: 169 Madison Ave STE 15544 New York, NY, 10016 US
Email: support@peach.technology

15. Changes to this Policy

15.1. We may update this Policy from time to time. We will notify you of material changes through the App, by email, or by other reasonable means, at least seven (7) days before the changes take effect (or at least thirty (30) days in the case of changes materially adverse to users).

15.2. Your continued use of the Services following the effective date of the updated Policy constitutes your acceptance of the changes. If you do not agree, you should discontinue use of the Services and may delete your account.

15.3. The most current version of this Policy is available within the App and on our website.