Certified under the authority of YLDLOCK LTD — Cayman Islands
Original Issue Date: 27 April 2022 | Last Updated: 18 August 2025
This Privacy Policy describes how YLDLOCK LTD (“YLDLOCK”, “we”, “us”, or “our”) collects, processes, stores, and protects personal information in accordance with the Cayman Islands Data Protection Act (2021 Revision), the Virtual Asset (Service Providers) Act (2022 Revision), and applicable Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) Regulations. YLDLOCK adheres to Cayman Islands Monetary Authority (CIMA) supervision and aligns its practices with GDPR-equivalent international data standards.
YLDLOCK LTD, an exempted company registered in the Cayman Islands, acts as the data controller for all information processed under this Policy. Questions or concerns regarding this Policy may be directed to the YLDLOCK Compliance Department via secure communication channels.
We may collect the following categories of information to comply with regulatory, operational, and technical requirements: (a) identification data, such as name, date of birth, nationality, and address; (b) verification data collected through Know Your Customer (KYC) procedures; (c) transactional data associated with digital asset transfers, staking, or swaps; (d) device, browser, and network information for security monitoring; and (e) communication records related to compliance inquiries.
YLDLOCK processes personal data to verify identity, enable transactions, fulfill regulatory requirements, and maintain service security. Data may be used for AML/CTF screening, fraud prevention, and technical troubleshooting. We process data only where a lawful basis exists under the Data Protection Act (2021 Revision).
Our processing of personal data is grounded in one or more of the following legal bases: (a) compliance with legal obligations under CIMA or other regulatory authorities; (b) contractual necessity to provide digital asset services; (c) legitimate interests in fraud prevention and cybersecurity; and (d) user consent where explicitly required.
Under the AML Regulations (2021 Revision), YLDLOCK is obligated to collect, verify, and retain certain user data to detect and prevent financial crimes. Such data may be shared with CIMA or other competent authorities when legally mandated. Users acknowledge that these disclosures are required by law and consent to them as a condition of service use.
Data collected for compliance purposes is retained for no less than five years following the completion of a transaction or the termination of a relationship, in accordance with the Cayman Islands Data Protection Act and CIMA recordkeeping standards. After this period, data is securely deleted or anonymized unless further retention is required by law.
Due to the immutable nature of blockchain technology, transactional records cannot be altered or deleted once validated on-chain. However, YLDLOCK minimizes the inclusion of personal identifiers in blockchain data and uses cryptographic pseudonymization to preserve privacy. All personal data stored off-chain remains subject to erasure and correction rights under the Data Protection Act (2021 Revision).
YLDLOCK implements multi-layer encryption (AES-256, SHA-3) and secure data segregation across all storage systems. Access is restricted to authorized personnel under the principle of least privilege. Regular penetration testing, monitoring, and incident response measures ensure operational integrity.
Under the Data Protection Act (2021 Revision), users have the right to access, correct, restrict, or erase personal data held by YLDLOCK. Requests must be submitted via secure channels and may require identity verification. Certain requests may be declined if they conflict with AML/CTF or legal recordkeeping obligations.
Where data is transferred outside the Cayman Islands, YLDLOCK ensures equivalent protection through contractual safeguards consistent with GDPR standards. Data shared with regulatory partners or service providers is limited to lawful purposes and governed by confidentiality agreements.
YLDLOCK may use cookies or equivalent technologies to enhance platform functionality and ensure user security. These tools are not used for marketing or profiling and are subject to encryption and privacy-by-design principles.
YLDLOCK does not sell or share user data with commercial third parties. Access is limited to verified service providers, auditors, and legal authorities acting under lawful request. All processors are bound by confidentiality and compliance clauses consistent with Cayman Islands law.
This Privacy Policy may be amended periodically to reflect legislative changes or operational updates. Users will be notified of material changes, and continued use of YLDLOCK services constitutes acceptance of the revised Policy.
Users may contact the YLDLOCK Compliance Department regarding privacy matters or file complaints with the Cayman Islands Ombudsman under the Data Protection Act (2021 Revision). Inquiries should be submitted through secure communication channels.
This Privacy Policy is certified under the authority of YLDLOCK LTD — Cayman Islands, confirming adherence to CIMA oversight, the Virtual Asset (Service Providers) Act (2022 Revision), the Data Protection Act (2021 Revision), and global FATF standards.