Privacy Policy

We collect information in three ways:

Information you provide. This includes account details (such as your name, email address, and profile information), public account identifiers (such as wallet addresses you connect to the Service), the groups you create or join, content you submit (proposals, comments, votes, file uploads), and communications you send to us, such as support requests.

Information collected automatically. We collect technical and usage information when you interact with the Service, including device and browser identifiers, IP address, language and region settings, pages viewed, features used, referral sources, and approximate location derived from your IP address. We use cookies and similar technologies to operate the Service, remember your preferences, secure your sessions, and measure performance. You can manage cookies through your browser; disabling some cookies may affect how the Service works for you.

Information from third parties. Where you choose to connect a third-party service (for example, a payment processor or a fiat-to-crypto conversion provider), we may receive limited information from that provider necessary to deliver the Service to you, such as a transaction status or confirmation reference. We do not receive or store identity documents, government-issued ID numbers, full payment card numbers, or bank account details collected by those providers.

We use information to operate and improve the Service, including to: provide and maintain platform features; authenticate you and protect your account; process transactions; communicate with you about the Service, support issues, and policy changes; detect, prevent, and address fraud, abuse, security incidents, and violations of our Terms; and comply with legal obligations.

We do not sell your personal information.

Some information you submit through the Service is intended to be public or is recorded on a public blockchain. Public information includes group profiles, member rosters where applicable, proposals, and votes. Blockchain transactions, including treasury activity, are recorded on a public ledger and are not under our control. We cannot delete, modify, or anonymize information that has been recorded on a public blockchain.

We share information only as described below.

Service providers. We engage third-party providers to deliver the Service — including hosting, data storage, identity and authentication, analytics, error monitoring, customer support tools, payment processing, and fiat-to-crypto and crypto-to-fiat conversion (such as Coinbase and MoonPay). These providers process information on our behalf or directly with you under their own privacy policies.

Legal and safety. We may disclose information when we believe in good faith that disclosure is necessary to comply with a law, regulation, court order, or legal process; to enforce our Terms; to protect the rights, property, or safety of EnDAO, our users, or the public; or in connection with a corporate transaction such as a merger, acquisition, or sale of assets.

With your direction. We share information when you direct us to, such as when you publish content publicly through the Service or when you connect a third-party tool to your account.

We retain personal information for as long as your account is active and for a reasonable period afterward to comply with legal obligations, resolve disputes, enforce our agreements, and maintain operational records. Public and on-chain information persists according to the platforms on which it is recorded and is not within our control.

We implement administrative, technical, and physical safeguards designed to protect your information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of credentials you use to access the Service and for promptly notifying us of any suspected unauthorized access.

Depending on where you live, you may have rights to access, correct, delete, port, or restrict our use of your personal information, and to object to certain processing. You can exercise applicable rights by contacting us at legal@endao.ai. We may need to verify your identity before responding and may decline requests where permitted by law. We will not retaliate against you for exercising your rights.

You can also manage certain preferences directly in your account settings, such as opting out of non-essential email communications.

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13, and if we learn we have collected such information without verifiable parental consent, we will delete it.

For supervised use by minors (see our Terms of Service), the adult account holder — whether a parent, legal guardian, educator, school, mentor, sponsor, or other responsible adult — is the controller of personal information about minor participants under their supervision and is responsible for obtaining any parental, school, or institutional consents required by applicable law, including COPPA, FERPA, and analogous laws. EnDAO processes such information as a service provider acting on the account holder’s instructions.

We are based in the United States and process information there and in other countries where our service providers operate. Where required by law, we use appropriate safeguards for international transfers, including standard contractual clauses or equivalent mechanisms.

California residents. Under the California Consumer Privacy Act (CCPA), as amended by the CPRA, you have rights to know, delete, correct, and limit certain uses of your personal information, and the right to opt out of the “sale” or “sharing” of personal information. We do not sell or share personal information for cross-context behavioral advertising. Contact legal@endao.ai to exercise these rights.

EEA, UK, and Switzerland residents. Where the GDPR or analogous laws apply, we process information based on one or more lawful bases: your consent, performance of a contract with you, compliance with our legal obligations, and our legitimate interests in operating, securing, and improving the Service. You have rights to access, correct, delete, restrict, or port your data, and to object to certain processing. You may also lodge a complaint with your local supervisory authority.

We may update this Policy from time to time. If we make material changes, we will provide reasonable notice, such as updating the Effective Date and posting the revised Policy. Your continued use of the Service after changes take effect constitutes acceptance of the revised Policy.

For questions about this Policy or to exercise your rights, contact us at legal@endao.ai.