LiquidMeshPrivacy Policy
How we collect, use, and protect your personal information.
Last Updated: April 23, 2026
1. Introduction
This Privacy Policy ("Policy") describes how Liquid Mesh Co., Ltd ("LiquidMesh", "we", "us", or "our"), a limited liability company incorporated under the laws of Seychelles (company registration number 246845, registered office at 306 Victoria House, Victoria, Mahe, Seychelles), collects, uses, stores, shares, and protects your personal information when you access or use the LiquidMesh Portal, LiquidMesh API, and related services (collectively, the "Services").
By accessing or using the Services, you acknowledge that you have read, understood, and agree to the collection and processing of your information as described in this Policy. If you do not agree with this Policy, you must immediately cease using the Services.
This Policy should be read in conjunction with our Terms of Use. Capitalized terms not defined herein shall have the meanings set forth in the Terms of Use.
2. Data Controller
The data controller responsible for the processing of your personal data is:
Liquid Mesh Co., Ltd
- Registered Address: 306 Victoria House, Victoria, Mahe, Seychelles
- Company Registration Number: 246845
- Privacy Contact: privacy@liquidmesh.io
3. Personal Data We Collect
We collect the following categories of personal data in connection with your use of the Services:
3.1 Data Collected Through GitHub OAuth
When you register or log in via GitHub OAuth, we receive the following information from GitHub:
| Data Type | Description |
|---|---|
| Email address | Your primary email address associated with your GitHub account |
| GitHub username | Your GitHub username |
| Avatar URL | The URL of your GitHub profile picture |
We use your email address as the unique identifier for your LiquidMesh account.
3.2 Identity Verification Data
When you complete the identity verification process via Binance Wallet App, the following data is collected and processed:
| Data Type | Description |
|---|---|
| Wallet address | The Binance Wallet MPC (Keyless) wallet address used for verification |
| Binance Wallet User ID | An identifier associated with your Binance Wallet account |
| Verification status | The result of the verification (success / failure) |
| Verification timestamp | The date and time of verification |
| Verification method | The verification method used (e.g., Binance Wallet App QR scan) |
3.3 Account Data
We generate and maintain the following information about your account:
| Data Type | Description |
|---|---|
| Account ID | A unique, system-generated identifier for your account |
| Account type | Individual or Enterprise |
| Account status | Unverified, Verified, Verification Expired, or Suspended |
| Tier information | Individual or Enterprise, including associated rate limits and quotas |
| Terms of Use acceptance | Whether you have accepted the Terms of Use, the version accepted, and the timestamp of acceptance |
| Account creation date | The date and time your account was created |
3.4 API Key Data
When you create API Keys, we store the following:
| Data Type | Description |
|---|---|
| API Key ID | A unique identifier for each API Key |
| Public Key | The public portion of your API Key pair |
| Secret Key (hashed) | A cryptographic hash of your Secret Key. We do not store Secret Keys in plaintext. |
| Key name / label | An optional label assigned to the key (Enterprise Users) |
| Key status | Active, disabled, or deleted |
| Creation and rotation timestamps | The dates and times keys were created or rotated |
3.5 Whitelist Address Data
When you add wallet addresses to your whitelist, we collect and store:
| Data Type | Description |
|---|---|
| Wallet address | The ERC-55 formatted wallet address |
| Risk status | The result of security screening (safe / flagged / blacklisted) |
| Label | An optional label assigned to the address |
| Addition timestamp | The date and time the address was added |
| Source | Whether the address was added manually or automatically via identity verification |
3.6 API Usage Data
When you access the LiquidMesh API, we automatically collect:
| Data Type | Description |
|---|---|
| API request logs | Endpoint called, request parameters, response status code, and timestamp |
| Request frequency | Rate and volume of API calls per key and per endpoint |
| Error logs | Error codes, error messages, and associated request details |
| IP address | The IP address from which the API request originated |
| API Key used | The Public Key used to authenticate the request |
3.7 Technical Data
When you access the Portal, we automatically collect:
| Data Type | Description |
|---|---|
| IP address | Your IP address |
| Browser information | Browser type, version, and user-agent string |
| Device information | Operating system, screen resolution, and device type |
| Access logs | Pages visited, timestamps, referrer URLs, and session duration |
3.8 Blockchain Data (On-Chain)
When transactions are executed through the Services, the following data is recorded on public blockchain networks:
| Data Type | Description |
|---|---|
| Transaction hash | The unique identifier of the blockchain transaction |
| Wallet addresses | Sender and recipient addresses |
| Token amounts and types | The Digital Assets and quantities involved |
| Chain ID | The blockchain network on which the transaction occurred |
| Gas fees | Network transaction fees paid |
Important: On-chain data is publicly visible and permanently recorded on blockchain networks. This data is inherently immutable and cannot be modified, deleted, or erased by LiquidMesh or any party. Please refer to Section 7 for more details.
3.9 Communications Data
If you contact our support team, we collect:
| Data Type | Description |
|---|---|
| Email correspondence | The content of emails sent to and received from support |
| Support ticket details | Issue descriptions, attachments, and resolution status |
3.10 Data We Do NOT Collect
LiquidMesh is committed to data minimization. We do not collect:
- Private keys, seed phrases, or wallet passwords
- Government-issued identification documents (for Individual Users)
- Credit card, bank account, or traditional financial account information
- Biometric data
- Social media data beyond what is provided through GitHub OAuth
4. How We Use Your Data
We process your personal data for the following purposes:
4.1 Service Provision and Contract Performance
| Purpose | Data Used |
|---|---|
| Account creation and management | GitHub OAuth data, account data |
| Identity verification and whitelist access | Verification data, wallet address |
| API Key issuance and management | API Key data |
| Processing API requests and enforcing rate limits | API usage data, API Key data |
| Whitelist address management and validation | Whitelist address data |
4.2 Security and Fraud Prevention
| Purpose | Data Used |
|---|---|
| Blacklist screening of wallet addresses | Whitelist address data |
| Detection of unauthorized access or abuse | API usage data, technical data, IP address |
| IP address screening for Restricted Territories | IP address |
| Account suspension for security violations | Account data, whitelist address data |
| Monitoring for market manipulation or prohibited conduct | API usage data |
4.3 Legal Compliance
| Purpose | Data Used |
|---|---|
| Compliance with applicable AML/CTF regulations | Verification data, wallet addresses |
| Compliance with sanctions screening requirements | IP address, wallet addresses |
| Responding to valid legal requests from authorities | Any data as legally required |
| Record-keeping for regulatory purposes | Account data, API usage data, verification data |
4.4 Service Improvement and Analytics
| Purpose | Data Used |
|---|---|
| Analyzing API usage patterns and performance | API usage data (aggregated/anonymized) |
| Improving Portal user experience | Technical data (aggregated/anonymized) |
| Diagnosing technical issues and bugs | Error logs, technical data |
4.5 Communications
| Purpose | Data Used |
|---|---|
| Responding to support requests | Communications data, account data |
| Sending security alerts (e.g., API Key changes, suspicious activity) | Email address, account data |
| Sending service notifications (e.g., verification expiry, account status changes) | Email address, account data |
5. Legal Bases for Processing
We process your personal data on the following legal bases:
| Legal Basis | Applicable Processing Activities |
|---|---|
| Contract Performance | Providing the Services, managing your account, processing API requests, issuing API Keys, managing whitelist addresses |
| Legal Obligation | Sanctions screening, AML/CTF compliance, responding to legal requests, record-keeping |
| Legitimate Interests | Security monitoring, fraud prevention, service improvement, analytics, protecting our rights and the integrity of the Services |
| Consent | Where explicitly obtained (e.g., optional marketing communications, if offered in the future) |
Where we rely on legitimate interests, we have conducted a balancing assessment to ensure that our interests do not override your fundamental rights and freedoms.
6. Data Sharing and Disclosure
We do not sell your personal data to third parties. We may share your personal data only in the following circumstances and with the following categories of recipients:
6.1 Service Providers
| Category | Purpose | Examples |
|---|---|---|
| Cloud infrastructure providers | Hosting, storage, and computing | AWS, Google Cloud, or equivalent |
| Security service providers | Wallet address blacklist screening and threat intelligence | Blockchain security analytics providers |
| Analytics providers | Usage analytics and performance monitoring | Privacy-respecting analytics tools |
| Customer support platforms | Managing and responding to support requests | Email and ticketing systems |
All service providers are bound by data processing agreements and are required to process your data only for the purposes specified by LiquidMesh and in accordance with applicable data protection standards.
6.2 Binance Wallet
During the identity verification process, certain data (wallet address, verification session details) is exchanged with Binance Wallet services to facilitate and validate the verification. This data exchange is limited to what is strictly necessary for the verification process.
6.3 Law Enforcement and Regulatory Authorities
We may disclose your personal data to law enforcement agencies, regulatory authorities, courts, or other governmental bodies when:
(a) Required by applicable law, regulation, court order, or legal process;
(b) We believe in good faith that disclosure is necessary to protect the rights, property, or safety of LiquidMesh, our Users, or the public;
(c) We believe in good faith that disclosure is necessary to prevent or investigate possible wrongdoing.
Where legally permitted, we will make reasonable efforts to notify you of such disclosures.
6.4 Corporate Transactions
In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal data may be transferred to the successor entity, provided that the successor agrees to honor the commitments made in this Policy.
6.5 Affiliated Entities
We may share your personal data with our affiliated entities for the purposes described in this Policy, subject to the same data protection standards.
7. Blockchain Data — Special Provisions
Due to the fundamental nature of public blockchain technology, the following important provisions apply:
7.1 Pseudonymity, Not Anonymity
Wallet addresses on public blockchains are pseudonymous, meaning they are not directly tied to your real-world identity. However, wallet addresses can potentially be linked to identifiable individuals through blockchain analytics, correlation of on-chain and off-chain data, or other means. You should be aware that your on-chain activity may not be fully anonymous.
7.2 Immutability of On-Chain Data
Transaction data recorded on public blockchains (including transaction hashes, wallet addresses, token amounts, and gas fees) is permanent and immutable. Neither LiquidMesh nor any third party has the ability to modify, delete, or erase on-chain data. Accordingly, rights of erasure, rectification, or restriction of processing cannot be exercised with respect to data that has been recorded on a public blockchain.
7.3 Public Visibility
All on-chain transaction data is publicly visible and can be viewed by anyone using a blockchain explorer or similar tool. By initiating transactions through the Services, you acknowledge and accept that your transaction details will be permanently and publicly accessible.
7.4 No Private Key Storage
LiquidMesh operates as a non-custodial service. We do not collect, store, access, or have the ability to access your private keys, seed phrases, or wallet passwords at any time.
8. Cookies and Tracking Technologies
8.1 Types of Cookies
We use the following categories of cookies and similar technologies:
| Category | Purpose | Consent Required |
|---|---|---|
| Strictly Necessary | Essential for Portal functionality, including session management, authentication (JWT tokens), and security | No |
| Analytics | Help us understand how Users interact with the Portal and improve the user experience | Yes |
| Functional | Remember your preferences and settings (e.g., language, display preferences) | Yes |
8.2 No Advertising Cookies
We do not use advertising or marketing tracking cookies. We do not engage in behavioral advertising or cross-site tracking.
8.3 Managing Cookies
You can manage your cookie preferences through:
(a) The cookie preference settings provided within the Portal (where available);
(b) Your browser settings — most browsers allow you to block or delete cookies. Please note that disabling strictly necessary cookies may impair the functionality of the Portal.
8.4 Other Tracking Technologies
In addition to cookies, we may use:
- Local storage: To persist session state and user preferences;
- Server-side logging: To record API request and access logs for security and performance monitoring.
9. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law:
| Data Category | Retention Period | Justification |
|---|---|---|
| Account and profile data | Duration of your account + 2 years after deletion or deactivation | Service continuity and dispute resolution |
| Identity verification data | 5 years from date of verification | Regulatory compliance (AML/CTF) |
| API Key data | Duration of key lifecycle + 1 year after deletion | Security audit trail |
| Whitelist address data | Duration of your account + 1 year after address removal | Security and compliance records |
| API usage logs | 12 months | Operational monitoring, security analysis |
| Technical / access logs | 90 days | Security monitoring and troubleshooting |
| Support communications | 3 years after resolution | Quality assurance and dispute resolution |
| Terms of Use acceptance records | Duration of your account + 5 years | Legal compliance evidence |
| On-chain blockchain data | Permanent | Immutable by nature — outside LiquidMesh's control |
Upon expiry of the applicable retention period, personal data will be securely deleted or anonymized.
10. International Data Transfers
LiquidMesh is incorporated in Seychelles and operates globally. Your personal data may be transferred to and processed in jurisdictions outside of your country of residence, including jurisdictions that may not provide the same level of data protection as your home jurisdiction.
When transferring personal data internationally, we implement appropriate safeguards to ensure your data is protected, including:
(a) Standard Contractual Clauses ("SCCs"): Where transfers involve data from the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on European Commission-approved SCCs or equivalent mechanisms;
(b) Data Processing Agreements: All service providers processing data on our behalf are bound by contractual obligations to maintain appropriate data protection standards;
(c) Security Measures: All data transfers are encrypted in transit and subject to the security measures described in Section 11.
By using the Services, you acknowledge and consent to the transfer of your personal data to Seychelles and other jurisdictions as described in this Section.
11. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:
| Measure | Details |
|---|---|
| Encryption in transit | All data transmitted between your browser/application and our servers is encrypted using TLS/SSL |
| Encryption at rest | Sensitive data stored on our servers is encrypted using industry-standard encryption algorithms (e.g., AES-256) |
| Secret Key protection | API Secret Keys are stored only as cryptographic hashes — we never store Secret Keys in plaintext |
| Access controls | Role-based access controls with the principle of least privilege are enforced for all internal systems |
| Infrastructure security | Our infrastructure is hosted on enterprise-grade cloud platforms with DDoS protection, firewalls, and intrusion detection |
| Regular security reviews | We conduct periodic security audits and vulnerability assessments |
| Incident response | We maintain an incident response plan for the prompt investigation and mitigation of security breaches |
Please note: While we take reasonable measures to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your personal data.
12. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
| Right | Description |
|---|---|
| Right of Access | Request a copy of the personal data we hold about you |
| Right to Rectification | Request correction of inaccurate or incomplete personal data |
| Right to Erasure | Request deletion of your personal data, subject to legal retention obligations and the blockchain data exception described in Section 7.2 |
| Right to Restriction | Request that we limit the processing of your personal data in certain circumstances |
| Right to Data Portability | Request your personal data in a structured, commonly used, machine-readable format |
| Right to Object | Object to the processing of your personal data based on legitimate interests |
| Right to Withdraw Consent | Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of prior processing |
12.1 How to Exercise Your Rights
To exercise any of the above rights, please submit a written request to privacy@liquidmesh.io. We will:
(a) Verify your identity before processing your request;
(b) Respond to your request within thirty (30) days, which may be extended by an additional thirty (30) days for complex requests, with prior notification;
(c) Provide the requested information free of charge, unless the request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request.
12.2 Limitations
Please be aware that certain rights may be limited in the following circumstances:
(a) Blockchain data: Rights to erasure, rectification, and restriction cannot be exercised with respect to data recorded on public blockchains, as this data is immutable and outside our control (see Section 7.2);
(b) Legal obligations: We may be required to retain certain data to comply with legal, regulatory, or contractual obligations;
(c) Legitimate interests: We may continue to process certain data where we have compelling legitimate grounds that override your interests.
12.3 Right to Lodge a Complaint
If you believe that we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with the relevant data protection supervisory authority in your jurisdiction.
13. Children's Privacy
The Services are not directed at persons under the age of eighteen (18) or the age of legal majority in the applicable jurisdiction, whichever is greater. We do not knowingly collect personal data from minors.
If we become aware that we have inadvertently collected personal data from a person under the age of eighteen (18), we will take prompt steps to delete such data. If you are a parent or guardian and believe that your child has provided personal data to us, please contact us at privacy@liquidmesh.io.
14. Third-Party Services
The Services integrate with or reference certain third-party services, including but not limited to:
| Service | Purpose |
|---|---|
| GitHub | OAuth authentication for account registration and login |
| Binance Wallet | Identity verification via MPC Wallet (Keyless mode) |
| Blockchain networks | Execution and recording of on-chain transactions |
| Decentralized exchanges | Liquidity sources accessed through the LiquidMesh aggregation protocol |
Your interactions with these third-party services are governed by their own respective privacy policies and terms of service, not this Policy. We encourage you to review the privacy policies of all third-party services you interact with.
LiquidMesh is not responsible for the privacy practices, data collection, or security measures of any third-party service.
15. Changes to This Policy
We reserve the right to update or modify this Privacy Policy at any time at our sole discretion. When we make changes, we will:
(a) Update the "Last Updated" date at the top of this Policy;
(b) For material changes, provide notice through the Portal interface and/or via email to the address associated with your account;
(c) Where required by applicable law, obtain your consent before implementing material changes.
Your continued use of the Services after any changes to this Policy constitutes your acceptance of the updated Policy. We encourage you to review this Policy periodically to stay informed about how we protect your data.
16. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:
Liquid Mesh Co., Ltd
- Privacy Inquiries: privacy@liquidmesh.io
- General Support: support@liquidmesh.io
- Registered Address: 306 Victoria House, Victoria, Mahe, Seychelles
- Company Registration Number: 246845
We aim to respond to all privacy-related inquiries within thirty (30) days of receipt.
This Privacy Policy was last updated on April 23, 2026.