search

Privacy Policy

hashtag
YieldFi Privacy Policy

Effective Date: 13 January, 2026 Controller: Block Labs Limited ("YieldFi", "we", "us", "our") Website: https://yield.fiarrow-up-right

hashtag
I. General

YieldFi takes data protection, privacy, and information security seriously. The careful, transparent, and responsible handling of personal data is a core part of our operations and reflects our commitment to user trust, regulatory compliance, and institutional standards.

This Privacy Policy explains in detail how we collect, use, process, store, disclose, and protect personal data when you:

  • Visit or use our website (yield.fi and related domains),

  • Interact with our applications, interfaces, APIs, SDKs, or documentation,

  • Onboard or complete identity verification,

  • Communicate with us via email, forms, or community channels, or

  • Otherwise interact with YieldFi and its services.

This policy is designed to align with the principles of the EU General Data Protection Regulation ("GDPR"), including transparency, purpose limitation, data minimisation, and security, and may also be relevant under other privacy frameworks depending on your jurisdiction.

You can use certain parts of our website without providing personal data. However, some services (e.g., onboarding, compliance checks, or communication features) necessarily require the processing of personal data.

hashtag
II. Data Controller and Contact Details

The data controller responsible for processing your personal data is:

Block Labs Limited (operating as YieldFi) British Virgin Islands Email: [email protected]envelope Website: https://yield.fiarrow-up-right

For any questions relating to privacy, data protection, or to exercise your rights, you can contact us at the email address above. We will make reasonable efforts to respond within applicable legal timeframes.

hashtag
III. Definition of Personal Data

"Personal data" means any information that relates to an identified or identifiable natural person. This may include, depending on context:

  • Name and contact details (e.g., email address),

  • Online identifiers (e.g., IP address),

  • Identity verification data,

  • Wallet addresses where linked to an identifiable individual,

  • Communication content,

  • Technical identifiers and usage data.

Anonymous data or data that has been irreversibly anonymised is not considered personal data.

hashtag
IV. Cookies and Technical Data Collection

hashtag
1. Cookies

We use cookies and similar technologies to ensure website functionality, enhance security, and improve user experience.

Cookies are small text files stored on your device by your browser. They may include:

  • Strictly necessary cookies (required for basic functionality and security),

  • Session cookies (temporary cookies deleted when you close your browser),

  • Preference cookies (to remember settings, where applicable),

  • Analytics or performance cookies (where enabled).

You can control or disable cookies through your browser settings. Please note that disabling certain cookies may affect functionality or access to some features.

hashtag
2. Server Log Data

When you access our website, our servers may automatically collect certain technical information, including:

  • Browser type and version

  • Operating system

  • Referrer URL

  • Pages accessed

  • Date and time of access

  • IP address

This data is processed primarily for:

  • Ensuring the security and stability of the website,

  • Detecting abuse or malicious activity,

  • Diagnosing technical issues,

  • Improving performance and user experience.

We do not use this information to directly identify you. The legal basis for this processing is our legitimate interest in operating a secure and reliable service.

hashtag
V. User Onboarding and Account-Related Data

Certain services offered by YieldFi (such as access to minting, redemption, or compliance-gated functionality) may require onboarding.

During onboarding, we may collect and process the following categories of data ("Customer Data"):

  • Full name

  • Email address

  • Country of residence

  • Wallet address(es)

  • Account-related metadata (e.g., timestamps of activity)

We process this data to:

  • Provide access to our services,

  • Maintain system integrity and prevent misuse,

  • Communicate with you regarding your use of the service,

  • Meet contractual and operational obligations.

The legal basis for processing is typically the performance of a contract and our legitimate business interests.

We retain onboarding data for as long as your account or relationship with YieldFi remains active, unless a longer retention period is required by law.

hashtag
VI. Identity Verification (KYC / Compliance Processing)

In certain cases, we are required (by law, regulation, risk policy, or commercial partner requirements) to perform identity verification and compliance checks.

Where applicable, identity verification may be conducted through third-party KYC / compliance service providers. Depending on jurisdiction and risk context, this may involve processing of:

  • Full legal name

  • Date and place of birth

  • Nationality

  • Residential address

  • Verification result (e.g., approved / rejected)

  • Government-issued ID details (passport or national ID)

  • Proof of address

  • Tax identification numbers

  • Source of funds or source of wealth information (where required)

We process this data for the purposes of:

  • Complying with applicable AML/CFT and sanctions laws,

  • Protecting the platform against fraud and abuse,

  • Meeting obligations to partners or service providers,

  • Enabling contractual access to services.

Where possible, we seek to minimise the amount of personal data processed and rely on verification outcomes rather than raw documents.

hashtag
VII. Communications and Newsletter

If you contact us (e.g., via email, forms, or support channels), we process the information you provide, such as:

  • Your name

  • Email address

  • Message content

  • Any additional information you voluntarily provide

We use this data solely to respond to your request, provide support, or communicate regarding services.

If you choose to subscribe to updates or newsletters, we may send you product updates, educational materials, or company news. You can unsubscribe at any time using the link in the communication or by contacting us.

Legal basis for processing in this context is consent and/or legitimate interest in maintaining communications.

hashtag
VIII. Social Media and Community Platforms

YieldFi maintains a presence on external platforms such as X (Twitter), Telegram, Discord, and similar services.

When you interact with us via these platforms:

  • Your data is primarily processed by the platform provider under their own privacy policy,

  • We may see public interactions (e.g., messages, replies, reactions),

  • We may receive anonymised or aggregated analytics about engagement.

We do not control how third-party platforms process your personal data. We encourage you to review their respective privacy policies.

hashtag
IX. Disclosure of Data to Third Parties

We may share personal data with carefully selected third-party service providers who assist us in operating our services, including:

  • Cloud infrastructure and hosting providers

  • IT and cybersecurity providers

  • Compliance and KYC service providers

  • Communication and support tools

  • Analytics providers

These providers act as processors on our behalf and are contractually required to:

  • Process data only according to our instructions,

  • Apply appropriate confidentiality and security safeguards,

  • Not use the data for their own independent purposes.

We may also disclose personal data where required to do so by law, regulation, court order, or where necessary to protect our rights, enforce agreements, or prevent harm.

Where data is transferred internationally, we take reasonable measures to ensure appropriate safeguards are in place.

hashtag
X. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, including:

  • Providing and maintaining services

  • Complying with legal or regulatory obligations

  • Resolving disputes

  • Enforcing agreements

  • Maintaining security and audit trails

When data is no longer required, it is deleted, anonymised, or securely archived in accordance with applicable law.

hashtag
XI. Your Rights

Depending on your jurisdiction, you may have the following rights in relation to your personal data:

  • Right to access your personal data

  • Right to correct inaccurate or incomplete data

  • Right to request deletion (subject to legal retention obligations)

  • Right to restrict certain processing

  • Right to data portability

  • Right to object to processing based on legitimate interests

You can exercise these rights by contacting us at [email protected]envelope. We may request verification of identity before fulfilling requests.

hashtag
XII. Security Measures

We implement technical and organisational security measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

These measures may include:

  • Access controls

  • Encryption where appropriate

  • Segmentation of systems

  • Monitoring and logging

  • Vendor risk assessments

However, no system is entirely secure. You acknowledge that transmission of data over the internet involves inherent risks.

hashtag
XIII. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our operations. Updated versions will be published on our website with a revised effective date.

We encourage you to review this policy periodically.

hashtag
XIV. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us at:

Email: [email protected]envelope

PreviousTerms & ConditionsNextInvestment Disclaimer

Last updated