Privacy Policy

EliteMC ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our property tokenization platform.

[PLACEHOLDER: Add company legal name, registration details, and data controller information]

1.1 Personal Information

We collect personal information that you provide directly to us, including:

• Account Information: Full name, email address, password
• KYC Information: Government-issued ID, proof of address, date of birth, nationality
• Financial Information: Bank account details, transaction history, MUR balance
• Blockchain Information: Polkadot wallet addresses, transaction hashes
• Communication: Messages, support tickets, feedback

1.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on platform
• Device Information: IP address, browser type, operating system
• Cookies: Session cookies, authentication tokens, preferences

[PLACEHOLDER: Add specific data collection methods, third-party analytics tools, and cookie details]

We use the collected information for the following purposes:

• Service Provision: Create and manage your account, process transactions, manage property tokens
• Compliance: Verify your identity (KYC/AML), comply with legal obligations, prevent fraud
• Communication: Send transaction confirmations, distribution notifications, account updates
• Improvement: Analyze usage patterns, improve platform functionality, develop new features
• Security: Protect against unauthorized access, detect and prevent security incidents

[PLACEHOLDER: Add specific legal bases for processing under GDPR (consent, contract, legitimate interest, legal obligation)]

3.1 Storage Infrastructure

Your data is stored using:

• Supabase (PostgreSQL): User accounts, balances, transactions, KYC data
• Supabase Storage: Uploaded documents (deposit proofs, KYC documents)
• Polkadot Blockchain: Property token ownership, on-chain transactions (public and immutable)

3.2 Security Measures

• Encryption in transit (HTTPS/TLS) and at rest
• Role-based access control (RLS) in database
• Secure authentication with password hashing
• Regular security audits and monitoring
• Admin action audit logging

[PLACEHOLDER: Add specific data center locations, certifications (ISO 27001, SOC 2), backup procedures, and incident response plan]

We may share your information with:

• Service Providers: Supabase (database/auth), blockchain infrastructure providers
• Legal Authorities: When required by law, court order, or regulatory request
• Blockchain Networks: Wallet addresses and transactions are publicly visible on Polkadot
• Business Transfers: In case of merger, acquisition, or sale of assets

We do NOT sell your personal information to third parties.

[PLACEHOLDER: Add specific third-party services, data processing agreements, and international transfers]

Property tokens are managed on the Polkadot blockchain. You acknowledge that:

• Blockchain data is public and immutable
• Your wallet address and token balances are visible to anyone
• Blockchain transactions cannot be deleted or modified
• We cannot remove your data from the blockchain

We recommend using separate wallet addresses to maintain pseudonymity.

[PLACEHOLDER: Add specific blockchain privacy implications and GDPR compatibility considerations]

Under applicable data protection laws (including GDPR), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data (subject to legal retention requirements)
• Restriction: Limit how we process your data
• Portability: Receive your data in a machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for processing at any time

To exercise these rights, contact us at [PLACEHOLDER: Add privacy contact email].

Note: Some data (blockchain transactions, regulatory records) cannot be deleted due to legal obligations or technical limitations.

[PLACEHOLDER: Add specific procedures for rights requests, response timelines, and supervisory authority contact]

We retain your information for as long as necessary to:

• Provide our services and maintain your account
• Comply with legal and regulatory obligations (e.g., AML records for 5-7 years)
• Resolve disputes and enforce agreements
• Maintain audit logs and transaction history

After account closure, we may retain certain data for legal compliance and archival purposes.

[PLACEHOLDER: Add specific retention periods by data type and regulatory requirements]

We use cookies and similar technologies for:

• Essential Cookies: Authentication, security, session management
• Functional Cookies: Remember preferences and settings
• Analytics Cookies: Understand usage patterns and improve service

You can control cookies through your browser settings, but disabling essential cookies may affect platform functionality.

[PLACEHOLDER: Add cookie consent banner implementation, specific cookie list, and opt-out procedures]

Our platform integrates with third-party services:

• Supabase: Database, authentication, file storage
• Polkadot Network: Blockchain infrastructure
• Blockchain Explorers: View on-chain transactions (e.g., Polkadot.js Apps)

These services have their own privacy policies. We are not responsible for their data practices.

[PLACEHOLDER: Add links to third-party privacy policies and data processing agreements]

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

[PLACEHOLDER: Add specific age verification procedures and regional requirements]

Your data may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by regulatory authorities
• Privacy Shield frameworks (where applicable)

[PLACEHOLDER: Add specific data transfer mechanisms, destination countries, and safeguards]

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Material changes will be communicated via email or platform notification.

[PLACEHOLDER: Add notification procedures for material changes]