Plutope Privacy Policy.

This Privacy Policy describes how Plutope Pvt Ltd. ("Company", "we", "our", or "us") collects, uses, shares, and stores personal information of users of its website, www.plutope.com. It applies to the sites, applications, products and services (collectively, "Services") on or in which it is posted, linked, or referenced.

We value your right to privacy and the security of your personal information. We never disclose personal information to other parties except when necessary to supply our services and goods to you, comply with legal obligations, improve Plutope, safeguard our rights, or carry out a business transfer. For questions, contact legal@plutope.com.

You consent to the use, disclosure, and practices described in this Privacy Policy by using Plutope, including by:

• Signing up for the Plutope App Services;
• Using the Plutope App or App Services;
• Receiving the Terms, or notice of the Terms, including in connection with any transaction with Plutope, whether by email, in the Plutope App, via our website, or by any other means not inconsistent with the electronic delivery provisions;
• Giving Plutope a written or electronic signature, clicking "I accept" or "I agree" to be bound as applicable; or
• Installing, using, updating, or otherwise interacting with your Plutope App.

Upon taking any of the foregoing actions, you shall be deemed to have entered into a binding agreement with us.

We do not collect any Personal information except for your contact information, such as your phone number or email address (depending on how you contact us), which is only collected when you communicate with us for support, or if you report a bug or other error related to Plutope, or when you interact with us through social media. When you use our Services, we process PUBLIC wallet addresses that you generate through Plutope Wallet.

We may use the limited information that we collect to improve your experience on our platform and to provide you with our services, in accordance with our terms of use, privacy policy, and anti-money laundering policy. Some ways we may use your Personal Information are to: send you information; respond to your comments, questions, or issues related to bugs or errors related to the Plutope wallet; communicate changes in your Platform Account settings; or send you periodic emails relating to company news, related product or service information.

We may share aggregated information to the extent necessary with members of our related or group companies, including affiliates and potential third parties, for the purpose of showcasing the performance of the company. These service providers may also share with us aggregated Non-Personal Information that they have independently developed or acquired. We may provide your Personal Information to our employees, contractors, agents, service providers, and designees ("Agents") to enable them to perform certain services for us, including improvement of website-related services and features.

If we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, your Personal Information could be one of the assets transferred. We will also share personal information outside of Plutope where we have a reasonable belief it is necessary to comply with applicable law, regulation, legal process, or enforceable governmental request; to cooperate with law enforcement; to enforce our Terms of Use; or to protect the rights, property, or safety of Plutope, our employees, our users, or others.

Secure wallet creation. When you initiate the process of creating a wallet on the Plutope application, a cryptographic key pair is generated directly on the blockchain. No personal information is collected during wallet creation. The entire procedure is conducted under your control, providing you with full ownership and autonomy over your wallet.

Private key generation and storage. Upon wallet creation, your private key is generated and stored exclusively on your device. Plutope does not have access to your private keys or any associated recovery information. Your sensitive information remains within your possession and is not accessible by any external parties, including Plutope.

We do not store, use, or access any user information in any form. We may transfer personal data to our service providers or third parties in connection with Plutope's operation of its business, as certain features rely on various third-party products and services ("Third Party Services"). If circumstances change and it becomes necessary to utilise user data for additional purposes, we will obtain your explicit consent. We will not sell or lease your personal data to any third party for commercial gain.

When you use third-party services (for example, when you connect your Plutope account with your bank account) or websites linked through our Services, the providers of those services may receive information about you that Plutope, you, or others share with them. Their own terms and privacy policies will govern your use of those services.

You have complete control over the data you store on the blockchain through the Plutope application. You may manage, update, and remove your data in accordance with the established blockchain protocols. Subject to applicable law, you are entitled to: request access to the personal information we process about you; request rectification of your personal data; object to the processing of your personal data; request erasure (note: wallet addresses created through the Plutope application cannot be deleted from the blockchain); or request restriction of processing. To make a request, contact us at hey@plutope.com. We may ask you to verify your identity.

Plutope is committed to safeguarding the privacy and data protection rights of our users and ensuring compliance with the General Data Protection Regulation (GDPR) and all relevant privacy guidelines. Our compliance is built around the following principles:

• Data collection and usage. We collect and process personal data only for specified and legitimate purposes outlined in this Privacy Policy.
• Consent. We obtain explicit consent before processing personal data; users may withdraw consent at any time.
• Data accuracy. We take reasonable steps to keep personal data accurate, complete, and up-to-date.
• Data retention. Personal data is retained only as long as necessary to fulfil its purpose and comply with legal obligations.
• Data security. We implement appropriate technical and organisational measures and review them regularly.
• Data sharing. We do not share personal data with third parties unless authorised by the user or required by law.
• Data subject rights. We respect access, rectification, erasure, restriction, and portability rights.
• Incident response. We have established procedures to identify and mitigate breaches and inform affected users in accordance with legal requirements.
• Privacy training. Our employees receive regular privacy training.
• Compliance monitoring. We regularly assess our privacy practices.

We retain your information as needed to provide our Services, comply with legal obligations, or protect our or others' interests. Retention requirements vary by country; we maintain internal retention policies based on how information needs to be used, including whether we are required to hold the information to comply with AML/KYC or other financial regulatory obligations. Our third-party identity verification service providers retain this information for as long as set out in their applicable notices/policies. We delete information that is no longer needed when you close your account, or when you request deletion.

Third-party integrations. Plutope offers you the option to integrate third-party services through smart contracts or decentralised applications (DApps). When you choose to integrate such services, data sharing is governed by the logic embedded within the respective smart contracts. We do not control or manage the data-sharing terms established by these third-party contracts — review them before integrating.

Public blockchain data. Certain data, such as transaction details and wallet addresses, is inherently part of the public blockchain and accessible to anyone with access to the network. Exercise caution before sharing sensitive or personally identifiable information on-chain.

Smart contracts and DApps. Interactions with smart contracts and DApps execute code directly on the blockchain. Review the terms, conditions, and policies associated with any contract before proceeding.

Plutope employs a blockchain-based infrastructure for data storage and recognises your right to interact with blockchain transactions pseudonymously. The security of user information is tied to the robustness and cryptographic principles of the underlying blockchain. All transactions, including buy/sell, transfer, and swapping, are carried out directly on the blockchain. Our application serves as a secure gateway between you and the network, ensuring transactions execute transparently without intermediaries having access to your transaction data. The non-custodial wallet provided by Plutope operates on the principle of user-controlled private keys: you are solely responsible for the generation, safeguarding, and confidentiality of your unique private key. Plutope does not have access to, store, or have knowledge of user private keys.

Decentralised systems offer increased privacy and control but may involve technical complexities and security risks. As a user, consider the following:

• Technical complexities. Key management, smart-contract interactions, and protocol intricacies involve a learning curve.
• Security risks. New risks and attack vectors can emerge. Follow best practices for safeguarding keys.
• Irreversible transactions. Blockchain transactions are typically irreversible — confirm details carefully.

We conduct routine code audits performed either by our core team or by independent third-party security experts. When integrating with third-party services, we undertake thorough audits and evaluations of their security practices. All data transmitted between your device and our servers is encrypted using industry-standard protocols. We offer multiple layers of authentication, including biometric options such as Face ID and Fingerprint recognition. We periodically conduct security audits of our platform and invite users to report suspicious activity or vulnerabilities.

Our Services are not targeted towards children, and our users must be at least eighteen (18) years old to use our services. The Sites and Services are not directed to persons under the age of 13, and we do not knowingly request or collect any information about persons under the age of 13. If you learn that a child under 13 has provided us with personal information, please email hey@plutope.com so we can take appropriate action.

In the event of any legal breach of this Privacy Policy or unauthorised access to user information, or for any legal inquiries, contact us promptly at legal@plutope.com.

For any other queries or concerns regarding this Privacy Policy, email hey@plutope.com or write to: 1094 - P, Sector - 46, Gurgaon, Haryana - 122001.