Saify Privacy Policy
Last Updated: September 24, 2025
This Privacy Policy describes the personal information that Saify (“we”, “us”, or “our”) collects, uses, discloses, and otherwise processes about individuals (“you”, “your”) in connection with our services, including the Saify mobile application, Saify website, and Saify Store (collectively, the “Services”). This policy also explains the rights and choices you have regarding your personal information.
This policy applies to all users of our Services, regardless of location. However, we have included specific provisions for users in certain jurisdictions to ensure compliance with relevant data protection laws.
Table of contents
- Personal Information We Collect
- How We Use Your Information
- How We Disclose Your Information
- International Data Transfers
- Your Privacy Choices and Rights
- Children’s Information
- Third-Party Websites and Wallets
- Security of Your Information
- Retention of Personal Information
- Supplemental Notice for U.S. Residents
- Supplemental Notice For EU/UK Residents
- Contact Us
- Changes to This Privacy Policy
1. Personal Information We Collect
The categories of personal information we collect depend on how you interact with our Services and the requirements of applicable law. We collect information you provide directly to us, information we collect automatically when you use our Services, and information from third parties.
A. Information You Provide to Us
When you use our Services, you may provide us with the following information:
- Contact Information and Identifiers: Your mobile phone number (used for SMS authentication during wallet backup), email address (required for credit card payments), account name, and handle name.
- Wallet Information: Your wallet address, WalletConnect Session ID, and Chain ID, which are necessary for wallet connections and transactions.
- Transaction Information: Information related to your NFT purchases and sales, including the NFT name, transaction history, purchase date, purchase price, and associated wallet addresses.
- Payment-Related Information(user-submitted): When you make a purchase, you provide information related to your chosen payment method and contact details for transactional notices (e.g., email for receipts). Payment card numbers and security codes are entered into and processed by our payment processor; we do not receive or store your full PAN or CVV.
- Inquiry Information: Information you provide when you contact us for customer service, including your email address and a history of your communications.
B. Information Collected Automatically
When you use our Services, we automatically collect certain information for functionality, security, and service improvement. This includes:
- Technical and Device Information: Your device model, operating system, version, mobile carrier, settings, IP address, and browser language. We also use push notification IDs to send you notifications.
- Blockchain Data: Information recorded on public blockchains, such as transaction data, wallet addresses, NFT ownership, and smart contract interactions, is publicly visible and decentralized. Since blockchain networks are not controlled, altered, or managed by any single entity, including us, data recorded on them cannot be modified or deleted. This principle applies to all blockchain-related aspects of our Services.
C. Information Collected from Other Sources
We may obtain information about you from other sources, including third-party service providers. For example:
- Payment Processors: We may receive transaction results, limited card metadata, fraud-prevention signals, and other information necessary to complete payments, issue refunds, and prevent abuse. We do not receive or store your full payment card number or security code.
- In-App Purchases (via platform providers). For in-app purchases, we receive platform-issued receipts, purchase tokens, and other transaction identifiers to verify purchases, process refunds, and detect fraud. Platform providers may not supply contact information (e.g., purchaser email) to us; the exact information we receive depends on each platform’s policies and technical specifications.
- Analytics Providers: We receive data from third-party analytics providers regarding your usage of our Services.
D. Sensitive Personal Information
We do not intentionally collect, use, or store sensitive personal information from you, such as information related to racial or ethnic origin, political opinions, religious beliefs, or health. Please do not provide us with such information.
2. How We Use Your Information
| Purposes | Legal basis of processing |
|---|---|
| To provide and enhance our services, including developing new features and introducing updates. |
|
| To process payments (including payments processed by payment processors and platform providers for in-app purchases), and to process refunds and detect fraudulent activity. |
|
| To verify and authenticate user accounts, including wallet connections, and to ensure account security. |
|
| To detect, investigate, and prevent fraud, unauthorized access, and violations of our Terms of Service. |
|
| To customize and enhance the user experience, including personalized content and localized features. |
|
| To analyze service usage and generate statistical insights for business improvements. |
|
| To provide targeted advertising or promotional content relevant to user interests. |
|
| To deliver customer support by managing communication histories and resolving user inquiries. |
|
| To maintain blockchain-related functionalities, including processing wallet addresses, NFT transactions, and NFT ownership. |
|
| To comply with legal obligations, including responding to legal requests or maintaining records for tax purposes. |
|
| To resolve problems in the operation of the Service. |
|
3. How We Disclose Your Information
We may disclose your information to the following categories of third parties for a variety of business purposes, as permitted by law and contract.
- Service Providers: We share your personal information with third-party service providers who assist us in providing our Services, such as IT support, hosting, customer service, and payment processing.
- Payment Processors and Platforms: We disclose payment-related information to payment agents and platform providers (including app store operators) to the extent necessary for processing transactions, handling refunds, and preventing fraud.
- Legal and Regulatory Authorities: We may disclose your information to comply with a subpoena, court order, or other legal process, or to protect our rights, property, or safety, or that of our users or the public.
- Affiliates: We may share your information with our company affiliates to provide and improve our Services.
4. International Data Transfers
Due to the global nature of our Services, the personal information we collect may be transferred, stored, and processed in countries outside of your country of residence, including Japan. The data protection laws in these countries may be different from those in your country.
We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy and applicable laws. For data transfers from the EEA and UK, we rely on appropriate mechanisms such as the European Commission’s Standard Contractual Clauses (SCCs).
5. Your Privacy Choices and Rights
Depending on your location and applicable law, you may have the following rights regarding your personal information:
- Right to Access: You can request a copy of the personal information we hold about you.
- Right to Rectification: You can ask us to correct or complete any inaccurate or incomplete personal information we have about you.
- Right to Erasure (Right to Be Forgotten): You can request the deletion of your personal information, subject to certain exceptions.
- Right to Object: You can object to our processing of your personal information where it is based on our legitimate interests.
- Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format.
- Right to Withdraw Consent: If we process your information based on your consent, you can withdraw that consent at any time.
To exercise any of these rights, please contact us using the information provided in the “Contact Us” section below. We will respond to your request in accordance with applicable law.
6. Children’s Information
Our Services are intended for users aged 13 and above. Where local law sets a higher threshold or requires parental/guardian consent, we will implement age‑gating and obtain verifiable parental/guardian consent as required before processing a child’s personal data. We do not knowingly collect or store personal information from children. However, we do collect information, including personal information, from all users of the Services. If you believe we may have unintentionally collected personal information from your child, please contact us as set forth below.
7. Third-Party Websites and Wallets
Our Services may contain links to third-party websites or applications, and you must use a third-party wallet to interact with certain features. These services are not controlled by us. We are not responsible for the privacy practices or content of these third-party services. Your interactions with them are governed by their respective privacy policies. We are not responsible for the security of your third-party personal digital wallet.
8. Security of Your Information
We take reasonable technical and organizational measures to help protect your personal information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. However, no transmission over the internet can be guaranteed as 100% secure. Therefore, while we strive to protect your personal information, we cannot ensure or warrant its absolute security.
9. Retention of Personal Information
We store the personal information we collect as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected. We will retain your information for other legitimate business purposes, such as resolving disputes, establishing legal defenses, conducting audits, pursuing legitimate business purposes, enforcing our agreements, and complying with applicable laws. We will generally retain your personal data throughout the lifecycle of the Services you are involved in.
10. Supplemental Notice for U.S. Residents
This Supplemental Notice applies only to our processing of personal information about residents of the United States. This section is provided to comply with the privacy laws of various U.S. states, including the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act of 2020 (CPRA).
Categories of Personal Information Collected
U.S. residents have the right to know what categories of personal information we’ve collected and for what business purpose we’ve disclosed it. The table below outlines this for the preceding 12 months.
We don’t collect, use, or disclose any sensitive personal information.
| Category of Personal Information Collected by Us | Category of Third Parties Information is Disclosed to for a Business Purpose |
|---|---|
| Identifiers. Examples: User ID, Wallet address, IP address, Device Identification Number, Email address, Wallet address (if applicable), Purchase token, Receipt/Transaction ID |
|
| Commercial information Examples: Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies, Product ID, Purchase date, Transaction ID, Subscription status |
|
| Internet or other similar network activity Examples: Browsing history, search history, information on a consumer’s interaction with an internet website, application, or advertisement |
|
| Inferences Examples: In-service Preferences and Behavior Patterns |
|
”Sales” or “Sharing” of Personal Information
We do not sell or share your personal information, as those terms are defined under the CCPA/CPRA, and we have not done so in the preceding 12 months.
Additional Privacy Rights for U.S. Residents
You may exercise the following rights by contacting us or a representative or data protection officer. If you request to exercise the above rights, please contact us as set forth in the “Contact Us” section below.
- Non-Discrimination. U.S. residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by each state Privacy Law.
- Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact us as set forth in the “Contact Us” section below.
- Verification. To protect your privacy, we will take the following steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Appeal. If we decline to take action on a privacy request, you may have the right to appeal. Instructions for submitting an appeal will be provided in our response.
If you are a U.S. resident and would like to exercise any of your rights under respective State Privacy Laws, please contact us as set forth in the “Contact Us” section below.. We will process such requests in accordance with applicable laws.
California Shine the Light
We are exempted from the requirement to grant such a request because we do not disclose personal information of customers for third parties’ direct marketing purposes unless a customer directs us.
Privacy Rights for California Minors in the Digital World
If you are under 18, you have the right to request the permanent deletion of the reviews of products you posted on our service. Please note that when you post reviews, they can be collected, stored, or shared by others, and we cannot delete such information held by others. If you request to exercise the above rights, please contact us as set forth in the “Contact Us” section below.
Notice Regarding Loyalty Points Program
We operate a loyalty-points program that automatically awards points to all users based on certain in-app activities (e.g., logging in, applying a theme, or using Saify-issued NFTs). Points have no cash value, cannot be redeemed or exchanged, and currently serve no purpose other than accumulation.
We estimate in good faith that the value of the personal information collected for this program is less than US$ 0.01 per qualifying action. For the complete rules and conditions of the points program, please see our Terms of Service.
A full Notice of Financial Incentive is currently unavailable; this paragraph is provided to comply with U.S. privacy laws, including California’s CCPA/CPRA.
11. Supplemental Notice For EU/UK Residents
This Supplemental GDPR Privacy Notice only applies to our processing of personal data that is subject to the General Data Protection Regulation (Regulation (EU) 2016/679 of 27 April 2016) and equivalent laws of the United Kingdom of Great Britain and Northern Ireland (the “UK”)(“GDPR”). This Privacy Notice is applicable only to personal data concerning data subjects (“you” or “your”) in the member states of the European Union and three EEA/EFTA states - Iceland, Liechtenstein, Norway (collectively, the “EU”) and the UK.
For purposes of this notice, the terms defined under the GDPR have the meanings ascribed to them under the GDPR.
We are responsible for your personal data as a data controller. If you have any questions or would like to uphold your rights, please contact us here.
No obligation to provide your personal data
You have no obligation to provide your personal data to us either under applicable law or a contract. Once you make an order for our services , we may require your personal data based on the contract with you, in which case your failure to provide personal data we require may prevent us from providing you with the services.
Profiling
We do not make decisions based solely on automated processing (including profiling) that produce legal effects or similarly significantly affect you. Our automated safety systems may algorithmically detect patterns and, where necessary, apply temporary, precautionary restrictions (e.g., content visibility limits or temporary account holds) to protect users and the Service.
Any final decision to suspend or terminate an account requires meaningful human review. You may request human intervention, express your point of view, obtain an explanation of the decision, and contest any restriction or enforcement action, as permitted by applicable law. Please use the contact channels provided in the “Contact Us” section, or the in-app appeal flow; we will review and respond within a reasonable time.
We process limited signals for these safety purposes under our legitimate interests (e.g., maintaining a safe and secure community, preventing fraud/abuse, and enforcing our Terms) and apply appropriate safeguards, including proportionality, data minimisation, and retention limits for related logs.
Additional Privacy Rights for EU/UK Residents
You may exercise the following rights by contacting us or a representative or data protection officer. If you request to exercise the following rights, please contact us as set forth in the “Contact Us” section below.
- Right to erasure
- You may obtain the erasure of your personal data, subject to certain exceptions under the GDPR, where: (i) such personal data is no longer necessary in relation to the purposes for which we collected and processed it; (ii) you withdraw your consent to our processing solely based upon your consent; (iii) you object to our processing and there are no overriding legitimate grounds for such processing; (iv) our processing is unlawful; (v) your personal data has to be erased in compliance with a legal obligation.
- Right to restriction of processing
- You may obtain restriction of processing of your personal data, subject to certain exceptions under the GDPR, where: (i) you contest the accuracy of your personal data: (ii) our processing is unlawful and you select to restrict our processing instead of requesting erasure of your personal data: (iii) you request us to establish, exercise or defense legal claims that need your personal data no longer necessary for the purposes of our processing; or (iv) you exercise the right to object to our processing and wait for verification on where we have overriding legitimate grounds.
- Right to data portability
- You may receive your personal data or direct us to transmit your personal data to a third party you designate, provided that we process such personal data based upon your consent or as the performance of a contract with you.
- Right to object
- You may object to the processing of your personal data where our processing is based upon the exercise of our official authority or our legitimate interests, including “profiling” or for direct marketing purposes.
- Right to withdrawal of your consent
- You may withdraw your consent at any time to process the personal data that we have collected about you.
- Right to complain
- You may lodge a complaint with the supervisory authority, in particular, in the member state of the EU or the UK where you have a habitual residence or place of work or where the alleged infringement of GDPR took place.
12. Contact Us
If you have any questions, comments, or concerns about our privacy practices or this Privacy Policy, or to exercise your rights, please contact us at:
Saify Privacy Department
Contact: [email protected]
For EEA and UK Residents: You can contact our European representative and Data Protection Officer at the following addresses. Additionally, you may also file a complaint with the supervisory authorities in Europe or the UK.
- European Representative Classmethod (Europe) GmbH
- Mail: Krausenstr 9 -10, 10117 Berlin, Germany
- Email: [email protected]
- Data Protection Officer
- Email: [email protected]
13. Changes to This Privacy Policy
We may revise this Privacy Policy at our discretion. If we make any material changes, we will notify you by posting the revised policy on our Services. By continuing to use our Services after the new policy becomes effective, you agree to its terms.