AntalphaAntalpha

Antalpha AI Privacy Policy

Provided by Antalpha Platform Technologies Limited

Effective Date: May 18, 2026

This Privacy Policy explains how Antalpha Platform Technologies Limited ("Antalpha", "we", "our", or "us") collects, uses, discloses, retains, and protects personal data when you use our Services.

For purposes of this Privacy Policy, "personal data" means information that identifies, relates to, describes, or can reasonably be linked to an identified or identifiable person.

1. Personal Data We Collect

1.1 Information You Provide

We may collect:

  • Account information: name, username, email address, password hash, authentication factors, profile image, display name, account status, linked identity provider information, organization affiliation, and preferences.
  • Communications: support requests, feedback, survey responses, social messages, and other communications with us.
  • User Content: prompts, chat messages, files, instructions, tool parameters, transaction descriptions, wallet addresses, market queries, strategy requests, and other content you submit.
  • Connected-service data: information you choose to connect or provide, such as wallet addresses, public blockchain addresses, exchange API configuration, CEX account identifiers, OAuth identifiers, or other integrations.
  • Transaction and signing workflow data: transaction previews, unsigned transaction payloads, signed payload status, order parameters, execution IDs, signing link metadata, rejection or confirmation events, and status updates. We do not ask for, and you must not provide, private keys or seed phrases.
  • Payment and billing information: if applicable, billing details, subscription status, invoices, payment method metadata, transaction history, and tax information.
  • Identity or compliance information: where required, information used to verify eligibility, detect abuse, comply with legal obligations, or enforce restrictions.

1.2 Information We Receive from Use of the Services

We may collect:

  • Log data: IP address, request time, endpoint, browser type, device type, operating system, user agent, referrer, error logs, and diagnostic events.
  • Usage data: features used, tool calls, session identifiers, conversation IDs, execution IDs, feedback, latency, rate-limit events, model usage, token usage, and interaction history.
  • Device and approximate location data: device identifiers, browser settings, language, time zone, and approximate location inferred from IP address.
  • Cookies and similar technologies: session cookies, authentication cookies, preference cookies, analytics identifiers, and security technologies.
  • Security and fraud data: abuse signals, suspicious activity indicators, access patterns, blocked requests, and audit logs.

1.3 Information from Third Parties and Public Sources

We may receive information from:

  • public blockchains, blockchain explorers, RPC providers, wallet-risk providers, exchange APIs, market venues, DeFi protocols, prediction markets, and data vendors;
  • AI model providers, search providers, infrastructure providers, analytics providers, and security partners;
  • public internet sources and public datasets;
  • organizations or administrators that manage an account or workspace you join.

Public blockchain data may be public, permanent, and not erasable by Antalpha.

2. How We Use Personal Data

We use personal data to:

  • provide, operate, maintain, secure, and troubleshoot the Services;
  • authenticate users, manage sessions, enable MFA, prevent unauthorized access, and support account recovery;
  • process prompts, route requests, call AI models, invoke MCP tools, generate responses, and stream results;
  • prepare transaction previews, signing pages, order workflows, transfer workflows, swap workflows, and execution status updates;
  • provide wallet, market, exchange, DeFi, risk, smart-money, social, macro, and blockchain analytics;
  • remember user preferences, conversation context, session summaries, and product settings where enabled;
  • monitor abuse, apply rate limits, detect fraud, protect users, and enforce our Terms;
  • improve, test, debug, and develop the Services, including by using aggregated, de-identified, or privacy-protective analytics;
  • communicate with you about updates, security alerts, support, product changes, and administrative notices;
  • comply with legal obligations, sanctions, export controls, tax, accounting, dispute resolution, law enforcement, and regulatory requirements.

Where we use third-party AI model providers or data processors, your Content and related metadata may be sent to those providers as needed to provide the Services, subject to our provider settings and agreements.

3. Training and Product Improvement

We may use aggregated, de-identified, or otherwise privacy-protective information to understand and improve the Services. If we offer settings that control whether your Content is used to improve Antalpha models or systems, you may manage those settings in the product or by contacting us.

We do not use private keys or seed phrases because you should never provide them to us. If you accidentally submit highly sensitive information, contact us promptly and rotate any affected credentials or keys.

4. How We Disclose Personal Data

We may disclose personal data to:

  • vendors and service providers that host, process, secure, analyze, support, or operate the Services;
  • AI model providers, cloud providers, data providers, wallet or blockchain infrastructure providers, exchange or market providers, payment processors, communication tools, analytics providers, and customer-support providers;
  • affiliates and corporate group entities;
  • business account or organization administrators, if you join or use an organization-managed account;
  • third parties you choose to interact with, connect to, authorize, or transact with through the Services;
  • blockchains, protocols, relayers, exchanges, wallets, or market venues when you sign, submit, broadcast, or authorize a transaction or order;
  • legal, regulatory, law enforcement, government, compliance, security, fraud-prevention, or dispute-resolution recipients where we believe disclosure is required or appropriate;
  • parties involved in a merger, acquisition, financing, restructuring, bankruptcy, asset sale, or similar corporate transaction.

We may disclose aggregated or de-identified information that does not reasonably identify you.

5. Retention

We retain personal data only as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, maintain account records, preserve security logs, comply with law, resolve disputes, enforce agreements, maintain financial records, and improve the Services.

Retention periods vary by data type:

  • account data is generally retained while your account remains active;
  • conversation and session data may be retained until you delete it or your account is deleted, subject to legal, security, and backup exceptions;
  • transaction, execution, audit, compliance, and financial records may be retained longer where required for legal, accounting, dispute, security, or fraud-prevention reasons;
  • temporary or cached data may be deleted automatically according to system configuration;
  • public blockchain data cannot be deleted by Antalpha.

6. Your Choices and Rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or port your personal data, withdraw consent, opt out of certain processing, or lodge a complaint with a data protection authority.

You may be able to manage some data through product settings, including account settings, chat deletion, memory or preference settings, cookies, connected services, and API or integration settings.

You may submit privacy requests to: ai@antalpha.com. We may need to verify your identity before responding. Some requests may be limited by law, security needs, fraud prevention, financial recordkeeping, public blockchain immutability, or our inability to identify data without additional information from you.

7. International Transfers

Antalpha is incorporated in the British Virgin Islands, and our affiliates, vendors, infrastructure, and service providers may process personal data in multiple jurisdictions. We take steps designed to protect personal data in accordance with this Privacy Policy and applicable law, including using contractual, technical, and organizational safeguards where appropriate.

8. Security

We use commercially reasonable technical, administrative, and organizational measures designed to protect personal data from unauthorized access, loss, misuse, alteration, and disclosure. These measures may include encryption, access controls, audit logging, rate limits, session controls, MFA support, environment separation, and monitoring.

No internet, blockchain, wallet, exchange, AI, or storage system is perfectly secure. You are responsible for protecting your devices, wallets, credentials, API keys, and recovery materials.

9. Children

The Services are not directed to children. Services involving digital assets, trading, transaction signing, or financial markets are intended for adults only. We do not knowingly collect personal data from children where prohibited by law. If you believe a child has provided personal data to us, contact us at ai@antalpha.com.

10. Regional Notices

Additional regional privacy rights may apply depending on where you live, including in the European Economic Area, United Kingdom, Switzerland, California, other U.S. states, Singapore, Hong Kong, and other jurisdictions. Where required, we will provide additional notices or mechanisms for exercising rights.

For users in jurisdictions with data protection laws that distinguish controllers and processors, Antalpha generally acts as a controller for account, platform, security, and product data. For enterprise or developer arrangements, Antalpha may act as a processor or service provider under a separate agreement.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will publish the updated version and effective date, and provide additional notice where required by law.

12. Contact

Privacy questions or requests may be sent to: ai@antalpha.com

Legal notices may be sent to: legal@antalpha.com

Company: Antalpha Platform Technologies Limited, British Virgin Islands.