Privacy Policy

Privacy for a self-custody wallet.

This Policy explains how Borealis Technologies LLC, the provider of DinDin, processes personal data for self-custody wallet software and optional partner integrations.

Effective May 3, 2026 Controller: Borealis Technologies LLC Contact: privacy@dindin.tech

Short version: DinDin does not custody your digital assets, does not receive your seed phrase or private keys, and cannot recover your wallet. Buy, sell, KYC, AML, Pix/payment and settlement services are provided by independent partners when you choose to use them.

1. Scope

This Policy applies to the DinDin website, mobile application, APIs and support channels. It does not replace the privacy policies, terms or notices of partners that provide regulated on/off-ramp, KYC, payment, pricing, execution, settlement or related support services.

2. Data DinDin does not receive

DinDin is designed as a self-custody wallet. Your seed phrase, private keys, PIN and biometric credentials remain on your device or within the secure environment of your operating system. DinDin does not receive, transmit, store or recover those materials.

If you lose your seed phrase or lose access to your device without your own backup, DinDin cannot restore your wallet or move your assets.

3. Data we may process

We process only data needed to operate, secure and support the wallet experience and integrations you choose:

  • user ID, device ID, platform, device name, sessions, authentication tokens and security preferences;
  • public wallet addresses, networks, derivation index, wallet labels and backup confirmation status;
  • on-chain balances and history from blockchains or infrastructure providers, plus portfolio estimates and prices;
  • transaction metadata, hashes, statuses, event logs, security logs, IP address and technical information needed for abuse prevention and support;
  • push tokens, notification preferences, locale and basic device data for notifications you enable;
  • support content such as category, subject, description and transaction references;
  • partner metadata such as provider selected, order ID, mirrored KYC status, transaction status, partner payment instructions and minimum data needed to route, submit or track partner flows initiated by you.

4. Partners and KYC data

When you choose buy, sell, Pix/payment, quote, KYC or settlement services, those services are provided by an independent partner. The partner may collect name, tax ID, date of birth, email, phone, documents, selfie, banking details, Pix key, source-of-funds information and other data required by its rules and applicable law.

DinDin may transmit or mirror limited data for routing, submission, status display, support and technical reconciliation. DinDin does not use this data to custody assets, settle payments, make its own KYC/AML decisions or act as financial counterparty.

5. Purposes and legal bases

We process data to provide the requested service, authenticate sessions, register public wallets, show estimated portfolios, send notifications, answer support requests, prevent fraud and abuse, comply with law, preserve rights and maintain operational records.

Where the Brazilian LGPD or similar laws apply, our legal bases may include contract performance, legal obligation, regular exercise of rights, fraud prevention, legitimate interests and consent for specific flows.

6. Sharing

We may share data with cloud, blockchain infrastructure, notification, security, support and on/off-ramp partner providers, and with authorities when required by law. We may also share data in a corporate reorganization, merger, acquisition or asset sale with appropriate protections.

7. Retention and security

We keep data as long as needed to provide the service, comply with legal obligations, prevent abuse, resolve disputes and preserve operational records. Security logs, transaction records and support data may be retained longer where required by law, regulation or legal defense needs.

We use proportional technical and organizational safeguards, including encryption, access controls, environment separation and data minimization. No system is absolutely secure, and you must protect your device, seed phrase, PIN and backups.

8. Your rights

Depending on applicable law, you may request confirmation of processing, access, correction, portability, anonymization, blocking, deletion, information about sharing, review of automated decisions where applicable, objection and withdrawal of consent.

For rights related to DinDin, contact privacy@dindin.tech. For data controlled by partners, contact the relevant partner directly; we can help identify the appropriate channel when possible.

9. International transfers

Borealis Technologies LLC is a United States company, and our providers may operate in different countries. When we transfer data internationally, we use reasonable measures to protect it under applicable law.

10. Changes and contact

We may update this Policy to reflect product, partner, legal or operational changes. The current version will remain available on this page.

Contacts: privacy@dindin.tech for privacy, legal@dindin.tech for legal matters and support@dindin.tech for support.