一、引言

金贯银行-WEB3（以下简称"本平台"或"我们"）高度重视用户的隐私保护。本《隐私政策》（以下简称"本政策"）旨在向您说明我们如何收集、使用、存储、共享和保护您的个人信息。请您在使用本平台服务前仔细阅读本政策的全部内容。

本平台由以太坊基金会（Ethereum Foundation）授权运营，基于去中心化架构设计。我们承诺遵循数据最小化原则，仅在必要范围内收集和处理您的信息。

二、信息收集范围

2.1 我们收集的信息

由于本平台为去中心化应用（DApp），我们不收集传统意义上的个人身份信息（如姓名、身份证号、电话号码、电子邮箱等）。我们仅收集以下与区块链交互相关的信息：

2.2 我们不收集的信息

作为去中心化平台，我们明确不收集以下信息：

• 您的真实姓名、身份证号、护照号等法定身份标识
• 您的银行账户信息、信用卡信息
• 您的钱包私钥、助记词或密码
• 您的生物识别信息（如指纹、面部识别数据）
• 您的精确地理位置信息

三、信息使用方式

3.1 核心服务用途

我们使用收集的信息主要用于以下目的：

• 身份识别：通过钱包地址识别用户，关联用户的质押、收益和邀请数据
• 服务提供：执行质押、解除质押、收益计算和提取等核心功能
• 安全保障：检测和防范欺诈、洗钱、网络攻击等安全风险
• 合规义务：满足适用的法律法规和监管要求

3.2 数据分析用途

我们可能对收集的数据进行匿名化或聚合处理后，用于以下分析目的：

• 平台运营数据统计（如总质押量、活跃用户数等）
• 用户行为分析，以优化产品功能和用户体验
• 市场趋势研究和行业报告生成

所有用于分析的数据均经过脱敏处理，无法追溯到特定个人。

四、区块链技术下的数据特性

4.1 链上数据的不可篡改性

您通过本平台进行的所有交易（包括质押、解除质押、收益提取等）均记录在 BNB Chain 区块链上。区块链技术的特性决定了：

• 链上交易记录是公开、透明且不可篡改的
• 任何拥有您钱包地址的人都可以在区块链浏览器上查询到相关交易
• 我们无法删除或修改已上链的交易记录

4.2 去中心化存储

部分平台数据可能通过 IPFS（星际文件系统）进行去中心化存储。这意味着：

• 数据分布在多个节点上，不存在单一的数据控制方
• 数据一旦上传至 IPFS，即使我们删除本地副本，网络中仍可能存在缓存副本
• IPFS 的内容寻址机制确保数据的完整性和可追溯性

五、信息共享与披露

5.1 信息共享原则

我们严格遵循数据最小化原则，不会将您的信息出售、出租或以其他方式提供给第三方用于营销目的。在以下情况下，我们可能会共享您的信息：

5.2 第三方服务提供商

我们可能委托第三方服务提供商协助运营平台，这些提供商包括：

• 区块链基础设施提供商：提供节点服务、区块链数据查询等
• 安全审计机构：对智能合约进行安全审计（如 CertiK、慢雾科技）
• 分析服务提供商：提供网站流量分析和用户行为分析
• 云服务提供商：提供服务器托管和数据存储服务

所有第三方服务提供商均需遵守不低于本政策标准的隐私保护义务，且仅能在授权范围内使用您的信息。

5.3 法律合规披露

在以下情况下，我们可能会根据适用法律、法规或政府要求披露您的信息：

• 响应法院命令、传票或其他法律程序
• 配合执法机关、监管机构或政府部门的调查
• 保护本平台、用户或公众的合法权益
• 执行本平台的《使用条款》或其他协议

5.4 业务转让

如本平台发生合并、收购、资产转让或破产清算等情形，您的信息可能作为业务资产的一部分被转移。在此情况下，我们将确保接收方继续遵守本政策中的隐私保护承诺，并提前通知您。

六、数据安全

6.1 安全措施

我们采用业界标准的安全措施保护您的信息，包括但不限于：

• 使用 HTTPS/TLS 加密传输所有数据
• 部署 Web 应用防火墙（WAF）和 DDoS 防护
• 定期进行安全漏洞扫描和渗透测试
• 实施严格的访问控制和权限管理
• 智能合约通过第三方安全审计

6.2 用户安全责任

尽管我们采取了合理的安全措施，但您也需要承担以下安全责任：

• 妥善保管您的钱包私钥和助记词，切勿泄露给任何人
• 定期检查钱包授权，及时撤销不再使用的合约授权
• 警惕钓鱼网站和诈骗信息，仅通过官方渠道访问本平台
• 使用硬件钱包等更安全的存储方案管理大额资产

七、Cookie 与类似技术

7.1 Cookie 使用

本平台使用 Cookie 和类似技术来改善用户体验和提供个性化服务。我们使用的 Cookie 包括：

• 必要 Cookie：确保平台基本功能正常运行，如语言偏好设置、会话管理
• 分析 Cookie：帮助我们了解用户如何使用平台，以便优化产品
• 功能 Cookie：记住您的偏好设置，提供更个性化的体验

7.2 Cookie 管理

您可以通过浏览器设置管理 Cookie，包括拒绝所有 Cookie 或在发送 Cookie 时收到通知。但请注意，禁用 Cookie 可能会影响您使用本平台的某些功能。

八、用户权利

根据适用的数据保护法律，您享有以下权利：

• 知情权：了解我们收集、使用和共享您信息的情况
• 访问权：请求访问我们持有的关于您的信息
• 更正权：请求更正不准确或不完整的信息
• 删除权：在特定情况下请求删除您的信息（注意：链上数据无法删除）
• 限制处理权：在特定情况下限制我们对您信息的处理
• 数据可携带权：以结构化、通用格式获取您的信息
• 反对权：反对我们基于合法利益处理您的信息

如需行使上述权利，请通过本政策末尾提供的联系方式与我们联系。我们将在收到请求后的 30 天内予以响应。

九、未成年人保护

本平台不面向 18 周岁以下的未成年人提供服务。如果我们发现收集了未成年人的信息，我们将立即采取措施删除相关信息。如果您是未成年人的监护人，发现未成年人使用本平台服务，请联系我们。

十、政策更新

我们可能会根据法律法规变化、技术发展或业务需要更新本政策。更新后的政策将在平台官方网站公示，公示期为 7 天。重大变更将通过平台公告或钱包通知等方式告知用户。您继续使用本平台服务，视为您已接受更新后的政策。

1. Introduction

Jinguan Bank-WEB3 (hereinafter referred to as "the Platform" or "we") attaches great importance to user privacy protection. This Privacy Policy (hereinafter referred to as "this Policy") aims to explain how we collect, use, store, share, and protect your personal information. Please read the entire content of this Policy carefully before using the Platform's services.

This Platform is authorized by the Ethereum Foundation and designed based on a decentralized architecture. We commit to following the principle of data minimization, collecting and processing your information only to the extent necessary.

2. Information Collection Scope

2.1 Information We Collect

Since this Platform is a decentralized application (DApp), we do not collect traditional personal identity information (such as name, ID number, phone number, email address, etc.). We only collect the following information related to blockchain interaction:

2.2 Information We Do Not Collect

As a decentralized platform, we explicitly do not collect the following information:

• Your real name, ID number, passport number, or other legal identity identifiers
• Your bank account information, credit card information
• Your wallet private keys, seed phrases, or passwords
• Your biometric information (such as fingerprints, facial recognition data)
• Your precise geographic location information

3. Information Usage

3.1 Core Service Purposes

We use the collected information mainly for the following purposes:

• Identity Recognition: Identify users through wallet addresses and associate staking, reward, and invitation data
• Service Provision: Execute core functions such as staking, unstaking, reward calculation, and withdrawal
• Security Protection: Detect and prevent fraud, money laundering, cyber attacks, and other security risks
• Compliance Obligations: Meet applicable laws, regulations, and regulatory requirements

3.2 Data Analysis Purposes

We may use anonymized or aggregated data for the following analysis purposes:

• Platform operation statistics (such as total staking amount, active user count, etc.)
• User behavior analysis to optimize product features and user experience
• Market trend research and industry report generation

All data used for analysis has been desensitized and cannot be traced back to specific individuals.

4. Data Characteristics Under Blockchain Technology

4.1 Immutability of On-Chain Data

All transactions conducted through the Platform (including staking, unstaking, reward withdrawal, etc.) are recorded on the BNB Chain blockchain. The characteristics of blockchain technology determine that:

• On-chain transaction records are public, transparent, and immutable
• Anyone with your wallet address can query related transactions on blockchain explorers
• We cannot delete or modify transaction records that have been on-chain

4.2 Decentralized Storage

Some platform data may be stored decentrally through IPFS (InterPlanetary File System). This means:

• Data is distributed across multiple nodes, and there is no single data controller
• Once data is uploaded to IPFS, even if we delete local copies, cached copies may still exist in the network
• IPFS's content-addressing mechanism ensures data integrity and traceability

5. Information Sharing and Disclosure

5.1 Information Sharing Principles

We strictly adhere to the principle of data minimization and will not sell, rent, or otherwise provide your information to third parties for marketing purposes. We may share your information in the following circumstances:

5.2 Third-Party Service Providers

We may engage third-party service providers to assist in platform operations, including:

• Blockchain Infrastructure Providers: Providing node services, blockchain data queries, etc.
• Security Audit Institutions: Conducting security audits of smart contracts (such as CertiK, SlowMist)
• Analytics Service Providers: Providing website traffic analysis and user behavior analysis
• Cloud Service Providers: Providing server hosting and data storage services

All third-party service providers must comply with privacy protection obligations no less stringent than those in this Policy and may only use your information within the authorized scope.

5.3 Legal Compliance Disclosure

We may disclose your information in accordance with applicable laws, regulations, or government requirements in the following circumstances:

• Responding to court orders, subpoenas, or other legal processes
• Cooperating with investigations by law enforcement agencies, regulatory bodies, or government departments
• Protecting the legitimate rights and interests of the Platform, users, or the public
• Enforcing the Platform's Terms of Service or other agreements

5.4 Business Transfer

In the event of a merger, acquisition, asset transfer, or bankruptcy liquidation of the Platform, your information may be transferred as part of the business assets. In such cases, we will ensure that the recipient continues to comply with the privacy protection commitments in this Policy and notify you in advance.

6. Data Security

6.1 Security Measures

We adopt industry-standard security measures to protect your information, including but not limited to:

• Using HTTPS/TLS to encrypt all data transmission
• Deploying Web Application Firewalls (WAF) and DDoS protection
• Conducting regular security vulnerability scans and penetration tests
• Implementing strict access control and permission management
• Smart contracts undergo third-party security audits

6.2 User Security Responsibility

Although we have taken reasonable security measures, you also need to bear the following security responsibilities:

• Properly safeguard your wallet private keys and seed phrases, and never disclose them to anyone
• Regularly check wallet authorizations and promptly revoke unused contract authorizations
• Be vigilant against phishing websites and scam information, and only access the Platform through official channels
• Use hardware wallets or other more secure storage solutions for large assets

7. Cookies and Similar Technologies

7.1 Cookie Usage

The Platform uses cookies and similar technologies to improve user experience and provide personalized services. The cookies we use include:

• Necessary Cookies: Ensure basic platform functions operate normally, such as language preference settings, session management
• Analytics Cookies: Help us understand how users use the platform to optimize products
• Functional Cookies: Remember your preference settings to provide a more personalized experience

7.2 Cookie Management

You can manage cookies through browser settings, including rejecting all cookies or receiving notifications when cookies are sent. However, please note that disabling cookies may affect certain functions of the Platform.

8. User Rights

Under applicable data protection laws, you have the following rights:

• Right to Know: Understand how we collect, use, and share your information
• Right to Access: Request access to information we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete information
• Right to Erasure: Request deletion of your information in specific circumstances (note: on-chain data cannot be deleted)
• Right to Restrict Processing: Restrict our processing of your information in specific circumstances
• Right to Data Portability: Obtain your information in a structured, commonly used format
• Right to Object: Object to our processing of your information based on legitimate interests

To exercise the above rights, please contact us through the contact information provided at the end of this Policy. We will respond within 30 days of receiving the request.

9. Minor Protection

This Platform does not provide services to minors under 18 years of age. If we discover that we have collected information from minors, we will immediately take measures to delete the relevant information. If you are a minor's guardian and discover that a minor is using the Platform's services, please contact us.

10. Policy Updates

We may update this Policy in accordance with changes in laws and regulations, technological developments, or business needs. The updated policy will be posted on the Platform's official website for a public notice period of 7 days. Major changes will be notified to users through platform announcements or wallet notifications. Your continued use of the Platform's services is deemed as acceptance of the updated policy.