Topox Privacy Policy

1. Who We Are

Topox is presented as a non-custodial DEX interface for accessing decentralised perpetual trading through selected infrastructure partners.

Topox may use specialised third-party providers, including decentralised trading infrastructure partners, wallet connection providers, embedded wallet or email-login infrastructure, blockchain network providers, analytics providers, hosting providers, security tools and support tools to operate and improve the website and interface.

For privacy-related requests, please contact us through the official contact channel listed on the Topox website or interface.

2. Information We Collect

We aim to collect only the information that is reasonably necessary to operate, secure and improve the Topox website and interface. The information we collect depends on how you access or use the website, interface and related features.

2.1 Wallet and Blockchain Data

When you connect a Web3 wallet, we may process your public wallet address, connected network, transaction history related to Topox, deposits, withdrawals, trades, order activity, balances, timestamps, blockchain transaction hashes and other public on-chain data associated with your use of the interface.

Blockchain data is generally public and may be visible to anyone through blockchain explorers. Topox does not control public blockchain records and cannot delete or modify data recorded on public blockchains.

2.2 Account and Email Login Data

If you use email-based login, we may collect and process your email address, login identifiers, authentication events, account activity, security events and related technical information needed to provide access to your account.

If a social login or embedded wallet option is available, the relevant authentication provider may send us limited identifiers required to create or access your account. We do not receive your social account password.

2.3 Web3Auth or Similar Embedded Wallet Infrastructure

Topox may use Web3Auth or similar embedded wallet infrastructure to enable email-based, social-login or simplified wallet access. This type of infrastructure can help users access Web3 functionality without manually managing a traditional seed phrase in the same way as a standard browser wallet.

When this login method is used, your email or login identifier may be processed to create, recover or access a non-custodial wallet experience. Topox does not ask for, store or control your private keys or seed phrase.

2.4 Device, Technical and Usage Data

When you use Topox, we may automatically collect technical and usage data such as IP address, browser type, device type, operating system, referring pages, approximate location inferred from your IP address, language settings, pages viewed, buttons clicked, session information, error logs and interface interaction data.

2.5 Cookies and Analytics Data

Topox uses cookies and similar technologies to operate the website and interface, remember preferences, maintain security and understand how users interact with Topox. We use Google Analytics to help measure traffic, page views, user flows, device information, approximate location, referral sources and usage behaviour.

Google Analytics does not provide Topox with private keys, seed phrases, wallet signatures or sensitive wallet credentials.

2.6 Communications and Support Data

If you contact us for support, feedback, partnership requests or other enquiries, we may collect the information you choose to provide, including your email address, message content, attachments, support history and relevant account or wallet information needed to handle your request.

3. How We Collect Information

• Directly from you when you connect a wallet, use email login, submit forms, request support or interact with account features.
• Automatically through cookies, analytics tools, server logs, security tools, interface logs and similar technologies.
• From public blockchains when you initiate transactions, deposits, withdrawals, trades or other on-chain activity.
• From third-party operational providers that help us operate login, wallet, security, analytics, hosting, infrastructure, support and trading-related features.

4. How We Use Information

We use information for the following purposes:

• To operate the Topox website, non-custodial DEX interface and account features.
• To enable wallet connection, email login, embedded wallet access and authentication.
• To display balances, market activity, order status, trade history, deposits, withdrawals and account activity.
• To support trading functionality, order management, settlement display, risk controls and interface performance.
• To protect the website, interface and users against fraud, bots, unauthorised access, abuse, security threats and unlawful activity.
• To monitor technical performance, diagnose bugs and improve the user experience.
• To provide customer support and respond to user requests.
• To send service-related notices, security alerts and operational updates.
• To comply with applicable legal, regulatory, compliance or risk management obligations.
• To analyse aggregated or anonymised usage trends and improve Topox over time.

5. Legal Bases for Processing

Where data protection laws such as the GDPR or UK GDPR apply, we rely on one or more of the following legal bases:

• Performance of a contract: Providing access to the website, interface, account features, wallet connection, trading functionality and support.
• Legitimate interests: Security, fraud prevention, interface improvement, analytics, debugging, abuse prevention and operational monitoring.
• Consent: Non-essential cookies, optional analytics choices and optional marketing communications where applicable.
• Legal obligation: Compliance with applicable laws, lawful requests, sanctions, anti-fraud, anti-abuse or regulatory requirements where applicable.

6. Cookies and Google Analytics

Topox uses cookies and similar technologies for essential website and interface operation, security, preferences, analytics and performance measurement.

6.1 Essential Cookies

Essential cookies are required for core functionality such as maintaining sessions, securing the interface, remembering basic preferences and supporting account or wallet interaction. Topox may not work properly without these cookies.

6.2 Analytics Cookies

We use Google Analytics to understand how users reach and use Topox. This may include page views, traffic sources, device type, browser type, approximate location, session duration, page interactions and general user behaviour.

Analytics helps us improve page structure, performance, navigation and user experience. Where required, we will seek consent before placing non-essential analytics cookies.

6.3 No Sale of Personal Data

We do not sell personal information. We do not use cookies to collect private keys, seed phrases or wallet credentials.

6.4 Your Cookie Choices

You can control cookies through your browser settings and, where available, through the cookie preference tools provided on the Topox website. Blocking some cookies may affect interface functionality.

7. Wallet Connection, Email Login and Non-Custodial Access

7.1 Using a Self-Custody Wallet

If you connect a self-custody wallet, such as a browser wallet or WalletConnect-compatible wallet, your public wallet address becomes the main identifier used to interact with Topox. Topox does not ask for your private keys or seed phrase.

You remain responsible for securing your wallet, device, browser, passwords, recovery methods and any connected accounts. Transactions signed from your wallet may be treated as authorised by you.

7.2 Using Email Login or Embedded Wallet Access

If you use email login or an embedded wallet option, Topox or its operational providers may process your email address and authentication identifiers to create or access a non-custodial wallet experience.

You should secure the email account or social account used for login, including by using strong passwords and multi-factor authentication where possible.

7.3 Non-Custodial Access

Topox is designed as a non-custodial DEX access layer for decentralised trading. Users connect through supported wallets or embedded wallet flows while retaining control over their assets. Topox does not ask for your seed phrase and does not store or control your private keys.

8. Trading Infrastructure and Third-Party Providers

Topox may rely on selected third-party decentralised trading infrastructure and related providers to support markets, order books, market data, order routing, balances, trading history, deposits, withdrawals, settlement information, wallet authentication and related interface features.

Depending on the feature used, third-party providers may process wallet addresses, order details, transaction data, device data, authentication data or technical information necessary to support the relevant feature. We aim to share only the information reasonably necessary for these integrations to function.

Third-party infrastructure may include specialised trading infrastructure partners, wallet connection tools, embedded wallet providers, authentication providers, RPC nodes, blockchain indexers, cloud hosting providers, analytics providers, security providers and customer support tools.

9. Sharing and Disclosure

We may share information in the following situations:

• Operational providers: With providers that help operate hosting, analytics, login, wallet, trading infrastructure, support, security and interface functionality.
• Trading and blockchain infrastructure: With infrastructure providers needed to process wallet activity, orders, balances, deposits, withdrawals, market data and settlement-related information.
• Security and fraud prevention: With tools or providers that help detect abuse, bots, attacks, sanctions risk, fraud or unlawful activity.
• Legal and compliance: Where required by applicable law, legal process, regulatory request, risk management obligation or to protect the rights, safety and integrity of Topox, users, infrastructure partners or the broader ecosystem.
• Asset or operational transfers: If the Topox website, interface, software, domain, data systems or related operational assets are transferred, reorganised, financed or integrated with another project, information may be transferred where reasonably necessary, subject to appropriate safeguards.
• Aggregated or anonymised data: We may share data that cannot reasonably identify you, such as aggregated usage statistics or interface activity insights.

We do not sell your personal information to advertisers or data brokers.

10. Data Security

We use administrative, technical and organisational safeguards designed to protect information against unauthorised access, misuse, loss, alteration and disclosure. These measures may include encryption in transit, access controls, monitoring, security logging, infrastructure controls and provider due diligence.

No online interface, blockchain application or data transmission method can be guaranteed to be completely secure. You are responsible for securing your wallet, device, browser, email account and login credentials. Topox will never ask you to provide a seed phrase or private key.

11. Data Retention

We retain information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including interface operation, security, support, legal compliance, dispute resolution and legitimate business needs.

• Account and email login data may be retained while your account remains active or as needed for security, support and legal purposes.
• Wallet and transaction references may be retained to display interface activity, maintain records, handle support requests and comply with legal or risk management requirements.
• Public blockchain data is recorded on public networks and cannot be deleted or altered by Topox.
• Analytics data may be retained in aggregated, anonymised or limited technical form to improve interface performance and user experience.
• Support communications may be retained as needed to handle your request and maintain appropriate records.

When information is no longer needed, we will delete, anonymise or isolate it where technically and legally feasible.

12. Your Privacy Rights

Depending on your location and applicable law, you may have rights regarding your personal information. These may include the right to request access, correction, deletion, restriction, objection, portability or withdrawal of consent where processing is based on consent.

To exercise your rights, contact us through the official contact channel listed on the Topox website or interface. We may need to verify your request before responding.

Please note that some information, such as public blockchain records, cannot be deleted or changed by Topox. We also may retain certain information where required for legal, security, compliance or legitimate operational reasons.

13. Children’s Privacy

Topox is not intended for children or minors. You must be at least 18 years old, or the age of majority in your jurisdiction if higher, to use Topox.

We do not knowingly collect personal information from children. If we become aware that a child has provided personal information, we will take reasonable steps to delete it where legally and technically possible.

14. International Transfers

Topox may be accessed from different jurisdictions, and information may be processed in countries other than your country of residence. This may include processing by infrastructure providers, analytics providers, wallet or login providers, security tools, support tools and blockchain network providers.

Where required by applicable law, we use appropriate safeguards for international transfers, such as contractual protections, provider security reviews or other recognised legal mechanisms.

15. Marketing and Service Communications

If you provide your email address, we may send service-related communications such as account notices, security alerts, important updates, operational messages and support responses.

We may also send optional marketing or product updates where permitted by law or where you have provided consent. You may opt out of marketing communications at any time. Even if you opt out of marketing, you may still receive important service-related messages.

16. Restricted Jurisdictions and Compliance

Topox may restrict access to certain features, users, wallets, jurisdictions or activities where required by law, compliance requirements, sanctions rules, infrastructure-provider restrictions, risk controls or interface policies.

We may process technical data, wallet data, location indicators or compliance signals to help enforce these restrictions and protect Topox from misuse.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, features, infrastructure, legal requirements or operational needs. When we update this Privacy Policy, we will update the “Last Updated” date at the top of the page.

If we make material changes, we may provide additional notice through the website interface, email or another appropriate method.