1. Introduction and Scope
This Privacy Policy describes how Levito.app (the “Service,” “we,” “us,” or “our”) collects, uses, and shares information in connection with your access and use of the Levito.app website and services (the “Service”). We are committed to respecting the privacy of our users. By using the Service, you consent to the data practices described in this policy.2. Information We Collect
We collect information necessary to provide, maintain, and secure the Service. As we operate a centralized service layer, we collect certain operational data in addition to blockchain activity.2.1 Information You Provide Directly (Account Data)
We collect information you provide when you create an account, log in, or contact us:- Identity Data: Email address, username, and hashed password.
- Communications: Records of correspondence if you contact our support team.
2.2 Operational and Usage Data
When you access the Service, our servers automatically record information, which may include:- Identifiers: Internet Protocol (IP) address, device identifiers, and session IDs.
- Usage Data: Browser type, operating system, pages viewed, time spent on pages, referral source, and the date/time of access.
- Security Logs: Records of login attempts, application crashes, and security events.
2.3 Financial and Blockchain Data
We record data related to your transactions and funds necessary for the Service’s operation:- Wallet Data: Public blockchain addresses (external and internal temporary wallet addresses).
- Transaction Data: Transaction IDs (TxIDs), amounts, time stamps, and trading history recorded on our system.
2.4 Future Data Collection (KYC/AML)
The Service reserves the right, at any time, to implement Know Your Customer (KYC) and Anti-Money Laundering (AML) checks. If implemented, we will collect personally identifiable information (PII) and documentation, including:- Full legal name, date of birth, nationality.
- Physical address.
- Government-issued identification documents (e.g., Passport, National ID).
3. How We Use the Information
We use the collected information for the following specific purposes:| Category | Purpose | Legal Basis/Requirement |
|---|---|---|
| Service Provision | To facilitate leveraged trading, provide funding mechanisms, and operate temporary custodial wallets. | Necessary to fulfill the contract with the user. |
| Security & Integrity | To detect, prevent, and respond to fraud, abuse, illegal activity, and maintain the security of the secret key server. | Legitimate interest and legal obligation to secure the service. |
| Service Improvement | To monitor usage, identify trends, and improve the performance and features of our platform. | Legitimate interest. |
| Compliance | To comply with legal or regulatory obligations. | Legal obligation. |
4. Information Sharing and Disclosure
We only share your information with trusted third parties necessary to operate the Service, or when legally required.4.1 Service Providers
We rely on third-party service providers (e.g., cloud hosting, database services, analytics tools) to perform services on our behalf. These providers are only given access to the information necessary to perform their functions and are contractually bound to keep the information confidential.4.2 Legal Obligations
We may disclose your information if we believe it is required by law, regulation, subpoena, or to cooperate with government authorities.4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.5. Data Security and Retention
5.1 Security Measures
We implement technical and organizational measures to protect your data, including Transport Layer Security (TLS/SSL) for all communication, hashing of user passwords, and restricted access controls for all operational data.5.2 Private Key Security (Specific Disclosure)
We ensure the private keys for temporary custodial wallets are encrypted and isolated on a secret server, accessible only via highly restricted and auditable internal processes.5.3 Data Retention
We retain account data for as long as your account is active.6. International Data Transfer
As the Service may serve global users and utilize cloud hosting infrastructure, your data may be stored or processed in countries other than your own. By using the Service, you consent to the transfer of your data to countries where we or our service providers operate.7. Your Privacy Rights (General)
We respect your rights regarding your data. Subject to legal exceptions, you may have the right to:- Access: Request copies of the data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Erasure (Right to be Forgotten): Request the deletion of your data (subject to our legal retention obligations).
- Objection: Object to our processing of your data for certain purposes.