Umia Privacy Policy

1. Introduction

This Privacy Policy describes how UMIA, acting through its administrative and legal entity UMIA Governance SPC (collectively, "UMIA," "we," "us," or "our"), collects, uses, discloses, and protects personal data in connection with our online interfaces and activities.

This Privacy Policy applies to information collected through:

• the UMIA's informational website located at www.umia.finance
• governance interfaces, proposal portals, or voting platforms operated by or on behalf of UMIA
• community communication channels administered by the UMIA, including forums or messaging platforms
• analytics and technical tools associated with use of the foregoing (collectively, the "Services")

This Privacy Policy does not apply to:

• third-party websites, applications, or services not operated by UMIA
• public blockchain networks or protocols not controlled by the UMIA
• activities conducted entirely outside the Services

2. Important Notice Regarding Blockchain Technology

When you interact with the Services, certain information may be recorded on public blockchains or otherwise made publicly available by design. This may include, without limitation:

• wallet addresses and public blockchain identifiers
• transaction hashes and related metadata
• governance activity, including proposal submissions, votes, vote weights, delegations, and other participation records
• timestamps and protocol-level interaction data

Governance mechanisms are a core component of decentralized autonomous organizations (or "DAOs") like UMIA. As a result, participation in DAO governance typically involves public attribution of actions to wallet addresses, and such information may be visible to third parties through blockchain explorers, governance dashboards, or other publicly accessible tools.

UMIA does not control public blockchain networks and cannot modify, obscure, anonymize, or delete information recorded onchain. Any personal data that is written to a public blockchain or otherwise disclosed through governance activity may remain permanently accessible and may be processed by third parties outside UMIA's control.

This Privacy Policy applies only to personal data collected and processed offchain through the Services and does not apply to information that is publicly available on blockchain networks or other decentralized systems.

3. Personal Data We Collect

We may collect the following categories of personal data, depending on how you interact with the Services.

(a) Information You Provide Voluntarily

• email address or other contact information you choose to provide
• communications submitted through forms, email, or community platforms
• forum usernames, profile information, or other content you voluntarily disclose

(b) Blockchain-Related Information

• public wallet addresses
• transaction hashes and related publicly available blockchain data
• governance participation records, including proposals, votes, delegations, vote weight, and related metadata associated with wallet addresses

UMIA does not control how public blockchain data is recorded, displayed, or indexed. UMIA does not associate wallet addresses with real-world identities unless such information is voluntarily provided by you.

(c) Automatically Collected Information

When you access the Services, we may automatically collect:

• IP address
• browser type and version
• operating system
• device identifiers
• pages viewed and interaction data
• referring URLs and timestamps

(d) Aggregated or De-Identified Information

We may create aggregated or de-identified information for analytical and operational purposes. Such information does not identify, and cannot reasonably be used to identify, an individual.

4. Information We Do Not Collect

UMIA does not intentionally collect:

• government-issued identification numbers
• Social Security numbers
• payment card information
• bank account information
• biometric identifiers
• precise geolocation data
• health or medical information

The Services are non-custodial and do not process user funds or perform identity verification unless expressly stated otherwise.

5. How We Use Personal Data

We use personal data for the following purposes:

• to operate, maintain, and improve the Services
• to facilitate governance participation and proposal administration
• to respond to inquiries and communications
• to monitor, analyze, and improve system performance and security
• to prevent fraud, abuse, and unauthorized activity
• to comply with applicable legal and regulatory obligations

UMIA does not use personal data for targeted advertising.

6. Cookies and Analytics

The Services may use cookies or similar technologies to:

• enable core functionality
• analyze traffic and usage trends
• improve user experience and system performance

You may disable cookies through your browser settings. Certain features of the Services may not function properly if cookies are disabled.

7. How We Share Information

We may disclose personal data:

• to service providers that support hosting, analytics, security, communications, or infrastructure
• to professional advisors, including legal and accounting firms
• to comply with applicable law, regulation, subpoena, or legal process
• to protect the rights, safety, and integrity of UMIA, contributors, users, or others

8. Data Retention

We retain personal data only for as long as reasonably necessary to:

• fulfill the purposes described in this Privacy Policy
• comply with applicable legal obligations
• resolve disputes
• enforce agreements

Public blockchain data is retained indefinitely by the applicable blockchain networks and is not subject to the DAO's retention controls.

9. Your Privacy Rights

Depending on your jurisdiction, you may have certain rights with respect to personal data processed by UMIA, including the right to:

• request access to personal data we maintain about you
• request correction of inaccurate personal data
• request deletion of certain personal data
• opt out of certain data processing activities, where applicable

These rights may not apply to:

• publicly available blockchain data
• information that UMIA does not control
• information required for legal or regulatory compliance
• data necessary to maintain the security or functionality of the Services

Requests may be submitted using the contact information provided below.

10. Children's Information

The Services are not intended for individuals under the age of 18. UMIA does not knowingly collect personal data from children.

11. Data Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal data against unauthorized access, disclosure, alteration, or destruction. These safeguards are intended to reflect the nature of the Services and the limited categories of personal data processed.

However, no system, network, or method of electronic transmission is completely secure. While we seek to protect personal data, we cannot guarantee its absolute security, particularly where information is transmitted over the internet or interacts with decentralized networks beyond UMIA's control.

12. Global Data Processing

The Services rely on globally distributed infrastructure and service providers. As a result, personal data processed in connection with the Services may be transferred to, stored in, or accessed from jurisdictions with data protection laws that may differ from those of your home jurisdiction. By accessing the Services, you acknowledge that such cross-border processing may occur.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last Updated" date above reflects the effective date of the current version. Continued use of the Services after an update constitutes acceptance of the revised Privacy Policy.

14. Contact Information

For questions or privacy-related requests, please contact:

UMIA