This Privacy Policy explains how OnChainMake collects, uses, stores, shares and protects personal, company, technical, operational and platform data during the controlled-access pilot.
The policy applies to visitors, access requesters, invited users, buyers, makers, administrators and other users of onchainmake.com, app.onchainmake.com and related pilot services.
During the pilot, OnChainMake may process data for access review, onboarding, technical validation, capacity slot publication, order intake, milestone workflows, verifier-ready escrow logic, compliance review, support, security, analytics and legal obligations.
We may collect the following categories of data:
We use data to operate the website and pilot application; review and approve access requests; create and manage accounts; onboard buyers and makers; manage company profiles and memberships; support KYB, KYC, billing, wallet and compliance workflows; publish and manage capacity slots; support order intake and technical review; structure milestones and verifier-ready workflows; support escrow-related workflows; prevent fraud, abuse, unauthorised access and security incidents; maintain audit trails; provide support and administrative review; improve product design and user experience; communicate pilot updates; and comply with legal, tax, regulatory, security and contractual obligations.
Where applicable, we process personal data under one or more of the following legal bases: performance of a contract or pre-contractual steps; legitimate interests in operating, improving and securing the Platform; compliance with legal obligations; consent, where required for cookies, marketing or optional processing; and protection of rights, security, users and the integrity of the pilot.
Users may upload or submit technical files, drawings, specifications or manufacturing-related information. We treat such materials as confidential operational data and use them only for platform operation, technical intake, capacity matching, order review, milestone workflow, support, audit, security or compliance purposes.
Users should not upload information they are not authorised to share. Users remain responsible for removing trade secrets, export-controlled information, personal data or third-party confidential data where sharing is not authorised.
Blockchain networks are public or semi-public systems. Wallet addresses, transaction hashes, contract interactions, token references and on-chain events may be visible to third parties depending on the network used.
We cannot delete or modify data that has been recorded on a public blockchain. During the pilot, some blockchain-related functionality may be simulated, staged, off-chain, disabled or subject to manual review.
We may share data with authorised platform administrators; technical service providers; hosting and cloud providers; authentication providers; analytics and CRM tools; compliance, KYB, KYC, sanctions, billing or payment service providers; blockchain infrastructure providers; professional advisers; regulators, courts, authorities or law enforcement where legally required; and buyers and makers where necessary for an order, reservation, billing, milestone, dispute or operational workflow.
We do not sell personal data.
We retain data for as long as necessary to operate the pilot, manage accounts, maintain audit trails, resolve disputes, comply with legal obligations, support security and prepare for commercial launch or structured deletion.
Different data categories may have different retention periods. For example, account data, compliance audit logs, order records, transaction references and legal records may be retained longer than marketing or analytics data.
We use reasonable technical and organisational measures to protect data, including access controls, authentication, role-based permissions, audit logs, secure infrastructure and operational review.
No system is completely secure. Users are responsible for maintaining secure passwords, secure wallet credentials, secure company access controls and appropriate internal authorisations.
Data may be processed in countries other than the country where a User is located. Where required, we use appropriate safeguards for international transfers.
Depending on applicable law, Users may have rights to access, correct, delete, restrict, object to or receive a copy of personal data.
Some requests may be limited where data is needed for legal obligations, security, fraud prevention, dispute resolution, audit trails, blockchain records or legitimate platform operation. Requests can be sent to info@onchainmake.com.
We may update this Privacy Policy as the pilot evolves, including to reflect incorporation, commercial launch, new compliance processes, wallet functionality, smart contract activation, CZK integration or changes in law.
The updated version will be posted on the website with a new effective date.