Privacy Policy

Last Updated: April 11, 2026

This Privacy Policy describes how VANE DEFI, LLC, a Wyoming limited liability company ("VANE," "we," "us," or "our"), collects, uses, discloses, and protects information in connection with your access to and use of the website located at vane.pro (the "Site"), the VANE application, and all related services (collectively, the "Interface").

By accessing or using the Interface, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, do not access or use the Interface.

1. Our Approach to Privacy

VANE is designed around the principle that users should retain control over their assets and their data. We collect only the information necessary to provide, secure, and improve the Interface. We do not sell your personal information. We do not serve advertisements. Where possible, we minimize the collection of personally identifiable information and rely on pseudonymous identifiers such as blockchain wallet addresses.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us, including:

(a) Authentication information — when you create an account through the Interface, you may authenticate using an email address, social login (e.g., Google, Apple), phone number, or other method supported by our wallet infrastructure provider, Privy.io ("Privy"). The specific information collected depends on the authentication method you choose;

(b) Contact information — if you reach out to us for support, feedback, or inquiries (e.g., email address, message content);

(c) Waitlist or newsletter information — if you elect to join a waitlist or subscribe to communications (e.g., email address);

(d) Strategy configuration data — the parameters and preferences you set for automated strategies, portfolio allocations, and other features within the Interface; and

(e) Any other information you choose to provide to us directly.

2.2 Information Collected Automatically

When you access or use the Interface, we may automatically collect certain technical information, including:

(a) Wallet address — your public blockchain wallet address associated with your embedded wallet and any external wallets you connect to the Interface. Wallet addresses are pseudonymous, publicly visible on-chain identifiers;

(b) Transaction data — records of transactions initiated through the Interface, including transaction type, amounts, tokens involved, Protocol used, timestamps, and transaction status. Note that completed transactions are also publicly recorded on the Solana blockchain;

(c) Device and browser information — device type, operating system, browser type and version, screen resolution, and language preferences;

(d) Usage data — pages visited, features used, click patterns, time spent on pages, referral URLs, and navigation paths within the Interface;

(e) Network information — internet protocol (IP) address, approximate geographic location derived from IP address, and connection type;

(f) Performance data — error logs, crash reports, page load times, and system performance metrics; and

(g) Cookie and similar technology data — as described in Section 6 below.

2.3 Information from Third Parties

We may receive information from third-party service providers, including:

(a) Privy — authentication status, wallet creation events, and related metadata necessary to manage your embedded wallet. The information Privy shares with us depends on your authentication method. We encourage you to review Privy's privacy policy independently;

(b) Analytics providers — aggregated usage data and performance metrics;

(c) Blockchain data providers — publicly available on-chain transaction data, token balances, and position information associated with wallet addresses; and

(d) Security and compliance services — risk scoring, sanctions screening, and fraud detection information.

2.4 Blockchain Data

Blockchain transactions are publicly visible and permanently recorded on the Solana blockchain. Transaction data — including wallet addresses, transaction amounts, token types, and timestamps — is inherently public and cannot be deleted or modified. This Privacy Policy does not apply to data that is publicly available on the blockchain. Your use of the Interface will result in transaction data being recorded on the blockchain that is beyond our ability to control, modify, or delete.

3. How We Use Information

We use the information we collect for the following purposes:

3.1 Providing and Operating the Interface

(a) Creating and managing your account and embedded wallet through Privy;

(b) Displaying your portfolio information, wallet balances, positions, and transaction history;

(d) Executing automated strategies and portfolio management operations according to your configured parameters;

(e) Processing and routing transactions to third-party Protocols;

(f) Providing customer support and responding to your inquiries; and

(g) Sending service-related communications, including security alerts, system updates, and changes to our Terms of Use or this Privacy Policy.

3.2 Improving the Interface

(a) Understanding how users interact with the Interface to improve user experience and functionality;

(b) Diagnosing technical issues, debugging, and performing maintenance;

(d) Conducting aggregated, anonymized research and analysis.

3.3 Security and Fraud Prevention

(a) Detecting, investigating, and preventing fraudulent, unauthorized, or illegal activity;

(b) Screening wallet addresses against applicable sanctions lists and restricted territory databases;

(d) Protecting the security and integrity of the Interface and our systems; and

(e) Enforcing our Terms of Use.

3.4 Marketing Communications

We may send you marketing or promotional communications where you have opted in or where permitted by applicable law. You may opt out of marketing communications at any time by using the unsubscribe link in any marketing email or by contacting us at socials@vane.pro.

3.5 Legal and Compliance

(a) Complying with applicable laws, regulations, legal processes, or governmental requests;

(b) Establishing, exercising, or defending legal claims; and

4. How We Share Information

We do not sell your personal information. We may share information in the following limited circumstances:

4.1 Privy

We share information with Privy as necessary to create and manage your embedded wallet, authenticate your identity, and execute transactions. Privy processes this information in accordance with its own privacy policy and terms of service.

4.2 Service Providers

We may share information with third-party service providers that perform services on our behalf, including hosting, analytics, customer support, security monitoring, and compliance screening. These service providers are contractually obligated to use your information only as necessary to provide services to us and in accordance with this Privacy Policy.

4.3 Blockchain Networks and Protocols

When you initiate transactions through the Interface, transaction data is broadcast to the Solana blockchain and the relevant third-party Protocols. Once submitted, this data becomes publicly visible on-chain and is beyond our control.

4.4 Legal Requirements

We may disclose information if we believe in good faith that disclosure is reasonably necessary to:

(a) Comply with applicable law, regulation, legal process, or governmental request;

(b) Enforce our Terms of Use or other agreements;

(d) Protect the rights, property, or safety of VANE, our users, or the public.

4.5 Business Transfers

If we are involved in a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will provide notice of any such change in ownership or control of your information.

4.6 With Your Consent

We may share information with your explicit consent or at your direction.

4.7 Aggregated or De-Identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you, without restriction.

5. Data Retention

We retain information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

(a) Account and authentication data is retained for as long as your account remains active and for up to 12 months following account closure or last activity;

(b) Transaction records and usage logs are retained for up to 24 months from the date of the transaction or activity;

(d) Waitlist and newsletter data is retained until you unsubscribe or request deletion; and

(e) Aggregated and anonymized data may be retained indefinitely as it cannot be used to identify you.

On-chain transaction data recorded on the Solana blockchain is permanent and cannot be deleted by us or any party.

6. Cookies and Similar Technologies

6.1 What We Use

We use cookies, local storage, and similar technologies to operate and improve the Interface. These may include:

(a) Strictly necessary cookies — required for the Interface to function, such as authentication session management and security tokens. These cannot be disabled;

(b) Analytics cookies — help us understand how the Interface is used, which features are popular, and where users encounter issues; and

(c) Preference cookies — remember your settings and preferences, such as interface layout, chart configurations, and display options.

6.2 What We Do Not Use

We do not use advertising cookies, tracking pixels for ad targeting, or cross-site tracking technologies. We do not serve advertisements within the Interface.

6.3 Your Choices

Most web browsers allow you to manage cookie preferences through browser settings. You may disable or delete cookies; however, doing so may affect the functionality of the Interface. For more information, consult your browser's help documentation.

7. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect information from unauthorized access, use, alteration, or destruction. These measures include:

(a) Encryption of data in transit using TLS/SSL;

(b) Access controls limiting internal access to information on a need-to-know basis;

(d) Transaction policy controls through Privy's policy engine to constrain signing authority; and

(e) Incident response procedures for identifying and addressing security incidents.

No method of electronic transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee its absolute security. You are responsible for maintaining the security of your authentication credentials, exported private keys, and devices.

8. International Data Transfers

If you access the Interface from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers are located. These countries may have data protection laws that differ from those in your jurisdiction.

Where required by applicable law, we implement appropriate safeguards for cross-border transfers of personal data, including standard contractual clauses or other legally recognized transfer mechanisms.

9. Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal information.

9.1 General Rights

(a) Access — request a copy of the personal information we hold about you;

(b) Correction — request that we correct inaccurate or incomplete information;

(c) Deletion — request that we delete your personal information, subject to legal retention obligations and the permanence of on-chain data;

(d) Restriction — request that we restrict the processing of your personal information in certain circumstances;

(e) Portability — request a copy of your personal information in a structured, commonly used, machine-readable format;

(f) Objection — object to the processing of your personal information for certain purposes, including direct marketing; and

(g) Withdraw consent — where processing is based on consent, withdraw that consent at any time without affecting the lawfulness of prior processing.

9.2 European Economic Area, United Kingdom, and Switzerland

If you are located in the EEA, UK, or Switzerland, you have the rights described above under the General Data Protection Regulation ("GDPR") or the UK GDPR, as applicable. Our legal bases for processing include:

(a) Performance of a contract — to provide the Interface and execute transactions you authorize;

(b) Legitimate interests — to improve the Interface, ensure security, prevent fraud, and conduct analytics, where our interests are not overridden by your rights;

(d) Consent — where you have provided explicit consent for a specific processing purpose.

You also have the right to lodge a complaint with your local data protection authority.

9.3 California Residents

If you are a California resident, you may have additional rights under the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA"), including the right to know what personal information we collect and how it is used, the right to request deletion, and the right to opt out of the "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under the CCPA/CPRA.

9.4 Exercising Your Rights

To exercise any of the rights described above, contact us at socials@vane.pro. We will respond to verified requests within the timeframes required by applicable law. We may verify your identity by requesting that you sign a cryptographic message with your wallet or through other reasonable verification methods.

9.5 Limitations

Certain requests may be limited by legal obligations, legitimate interests, or technical constraints. In particular, we cannot delete transaction data that has been recorded on the Solana blockchain, as this data is publicly maintained by a decentralized network outside our control.

10. Children's Privacy

The Interface is not directed to and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a child under 18 has provided us with personal information, please contact us at socials@vane.pro.

11. Third-Party Links and Services

The Interface may contain links to or integrations with third-party websites, applications, or services, including decentralized protocols, blockchain explorers, wallet providers, and Privy. This Privacy Policy does not apply to any third-party services. We encourage you to review the privacy policies of any third-party services you interact with, including Privy's privacy policy which governs the management of your embedded wallet infrastructure.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will provide notice through the Interface or by other reasonable means prior to the changes taking effect. The "Last Updated" date at the top of this Privacy Policy indicates when the latest revisions were made. Your continued use of the Interface after any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us at:

Email: socials@vane.pro

VANE DEFI, LLC 30 N Gould St, Ste. N Sheridan, Wyoming 82801 United States