KOVA Token logo

KOVA Token

Solana-native ยท $KOVA
Effective February 2025

Privacy policy that matches the speed of Solana

This policy explains the categories of information collected by KOVA contributors, how that data is used, and the safeguards we rely on for wallets, dApps, and support touch points.

Data controller: KOVA Labs LTD (BVI) Contact: privacy@kova.sol Last review: 01 Feb 2025

1. Information we collect

We limit collection to what keeps the ecosystem safe, compliant, and responsive.

Wallet & usage
  • Public wallet addresses interacting with KOVA smart contracts.
  • Transaction metadata surfaced on Solana explorers.
  • Device + browser stats for fraud prevention.
Community interactions
  • Contact form submissions, support transcripts, Telegram handles.
  • Email addresses for launch alerts or governance votes.
  • Bug bounty disclosures.
Off-chain operations
  • Partner diligence documents (NDAs, technical notes).
  • Analytics events aggregated and anonymized.

2. How we use data

Purpose Legal basis Retention
Operate wallets, staking, and quest features. Contractual necessity. On-chain history is permanent; off-chain cached for 24 months.
Security monitoring & anti-abuse. Legitimate interest. 90 days rolling logs unless escalated.
Community communications (newsletter, support). Consent. Until you unsubscribe or request deletion.
Regulatory compliance (KYC for listings, audits). Legal obligation. 7 years unless law requires longer.

3. How we share information

  • Vetted infrastructure partners (RPC providers, analytics) under strict DPAs.
  • Incident responders or auditors during security reviews.
  • Regulators when legally compelled. We challenge over-broad requests.
  • Never sold to advertisers or data brokers.

4. Your choices

  • Right to access or delete: email privacy@kova.sol.
  • Unsubscribe links embedded in every campaign.
  • Opt-out of analytics by enabling Do Not Track in supported browsers.
  • Security disclosures get prioritized via security@kova.sol.

5. International transfers & storage

Servers are located in the EU and US. Whenever data leaves those regions we rely on Standard Contractual Clauses and industry encryption (AES-256 at rest, TLS 1.3 in transit). We conduct yearly penetration tests.