MWX Privacy Policy

Last Updated: May 18, 2025

Introduction

This Privacy Policy explains how MWX Global Pte. Ltd. ("MWX," "we," "our," or "us") collects, uses, discloses, and protects personal data in connection with the MWX platform. We are committed to safeguarding your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), Singapore's Personal Data Protection Act (PDPA), and California's Consumer Privacy Act (CCPA). By using the MWX platform, you agree to the practices described in this Policy. If you do not agree, please discontinue use of our services.

Data We Collect and Why

We collect personal and usage data necessary to provide and improve our Web3 AI marketplace services. This includes:

  • Account Information: When you create an account or register for MWX services, we collect information such as your name, email address, username, password, and contact details. We use this to identify you, provide access to the platform, and communicate with you. If you sign up via social login or single sign-on, we receive your basic profile information from those providers (e.g. your name and email).
  • Profile and DAO Participation Data: If you participate in our community or DAO (Decentralized Autonomous Organization) governance, we may collect information like your MWXT wallet address or user ID to verify membership, voting eligibility, affiliate referrals, and participation status. This helps enable on-chain voting and community rewards.
  • Transaction and Payment Information: When you make purchases or transactions on the marketplace, we collect data related to the transaction. This may include payment method (e.g. credit card details managed by our payment processor or your MWXT crypto wallet address), transaction amount, and timestamps. We collect this to process payments, award token rewards, provide purchase history, and comply with legal obligations (such as accounting and anti-fraud requirements). (Note: MWX itself does not store full credit card numbers; those are handled by third-party payment processors.)
  • Usage Logs and Device Information: We automatically collect technical data when you interact with our platform. This includes your IP address, browser type, device identifiers, operating system, referral URLs, and pages or features accessed. We also log activity such as clicks, AI service usage (e.g. which AI tool you used and when), and other usage metrics. We use this data to analyze platform performance, personalize your experience, provide usage analytics to vendors, and improve our services.
  • Cookies and Tracking Data: Like most online platforms, we use cookies, web beacons, and similar technologies to collect information about your interactions (see Cookies and Tracking Technologies below for details). This helps us remember your preferences, keep you logged in, track affiliate referrals, and gather usage statistics.
  • Communications and Support: If you contact us with questions or for support, or participate in surveys or promotions, we will collect the information you provide (such as your name, email, and the contents of your message or responses). We use this to respond to you, address issues, and improve customer service.
  • KYC and Compliance Data: For certain token transactions or high-value services, we may require identity verification to comply with Know-Your-Customer (KYC) and anti-money laundering laws. This could include collecting copies of government IDs, proof of address, or other verification information. We will only request this when legally necessary (for example, prior to large token purchases or withdrawals) and use it solely for compliance verification.

How We Use Your Information

MWX uses the collected data for the following purposes:

  • Providing and Improving Services: We use personal and usage data to allow you to access and use our AI marketplace and services. This includes authenticating your login, processing transactions (e.g. subscription payments or MWXT token transfers), delivering AI solutions and results, and enabling platform features. We also analyze usage logs to improve our offerings, develop new features, and fix bugs, thereby enhancing your overall experience.
  • Platform Operations and Marketplace Transactions: We use data to facilitate the operations of our marketplace, such as enabling third-party AI tool providers to deliver their services to you. For example, if you request a third-party AI service through our platform, we may use your request details and account ID to route the request to the appropriate vendor and ensure you receive the service. We also use data for internal accounting and to calculate any commissions or token burns related to marketplace transactions.
  • Token Utilization and Rewards: The MWXT utility token is integral to our ecosystem. We use data about your token holdings and activity to apply discounts or benefits (e.g. if you stake MWXT for fee rebates or higher usage limits), to deliver rewards (for example, crediting your account with MWXT earned via affiliate referrals or community participation), and to record governance actions. If you participate in the affiliate program, we track referral data to attribute new user sign-ups or sales to you and calculate your token rewards.
  • Communications: We use your contact information (email or other provided channels) to send service-related communications. This includes sending confirmations and invoices, notifying you of important account or transaction information, and alerting you to important updates about the platform (such as changes to this Policy or our Terms of Service). With your consent or as permitted by law, we may also send marketing communications about new features, promotions, or news. You can opt out of marketing emails at any time by using the unsubscribe link or contacting us.
  • Analytics and Personalization: We use cookies and third-party analytics tools to understand how users interact with our platform. This helps us personalize content, such as recommending AI solutions you might find useful, and optimizing the user interface. It also helps us measure the effectiveness of marketing campaigns and affiliate referrals (e.g. determining how many users joined via an affiliate link).
  • Security and Fraud Prevention: Your information is used to maintain the security of the MWX platform and its users. For instance, we may monitor login locations or usage patterns to detect suspicious activities or potential misuse (such as unauthorized access, bot abuse of our AI tools, or fraudulent transactions). If we detect potential fraud or violations of our Terms, we may use your data to investigate and take appropriate action (e.g. account suspension or reporting to authorities).
  • Legal Compliance: We process personal data when necessary to comply with our legal obligations. This includes using data for verifying identity where required by regulations (as part of KYC/AML programs), keeping transaction records for financial and tax regulations, fulfilling duties under consumer protection laws, or responding to lawful requests by public authorities.
  • DAO Governance and Community: If you engage in MWX's community governance (for example, voting on treasury allocations or product roadmap proposals via the MWX DAO), we use your relevant data to facilitate that participation. This may involve verifying that you hold the necessary amount of MWXT to vote, recording your votes or proposals on the blockchain, and communicating with you regarding governance matters. Your participation (such as proposals or voting decisions) may be recorded publicly on the blockchain and visible to the community, associated with your blockchain address or chosen username.

How We Share and Disclose Data

We value your privacy and share personal data only as needed to run our business and provide our services, as follows:

  • Within the MWX Corporate Group: We may share data with our related entities and affiliates as necessary to operate the platform. MWX is supported by a triple-entity structure (Singapore, BVI, Cayman) for compliance. For example, MWX Global Pte. Ltd. (Singapore) operates the marketplace and will share data with PT Mediawave Interaktif (Indonesia) to support AI solution development and with MWX Lab Ltd (BVI) and MWX Foundation (Cayman) to facilitate token transactions, governance, and technical infrastructure. All such entities adhere to this Privacy Policy and maintain strict confidentiality.
  • Service Providers and Partners: We use third-party service providers to perform certain business operations on our behalf. This includes cloud hosting providers (to store and process data securely), payment processors (to handle credit card transactions or crypto payments through regulated partners), email and communication services (to send notifications or support messages), and analytics providers (to analyze app usage or website traffic). We only share the data necessary for these providers to perform their functions, and they are contractually obligated to protect your information and use it only for providing services to us.
  • AI Vendors on the Marketplace: When you use a third-party vendor's AI application through our marketplace, we may share limited information with that vendor to facilitate the service. For example, if you subscribe to or invoke a third-party AI service, we might share a unique user identifier or technical info necessary for them to process your request (such as an order ID or the input you provided for analysis). We do not share more personal information (like your name or contact details) with third-party vendors unless it is required to deliver the service or you explicitly consent. Note that any data you provide directly to a third-party service (for instance, if a vendor requires you to create an account with them separately) will be governed by that vendor's own privacy policy.
  • Affiliate Program Participants: If you were referred to MWX via an affiliate link or code, we may share certain information with the referring affiliate to allow them to claim rewards. This is generally limited to data such as an anonymous user or transaction ID and the fact that a successful referral occurred (e.g. that their link resulted in a new signup or purchase). We do not share your personal identity details with affiliates without your consent. Conversely, if you are an MWX Affiliate who refers others, we will share with you summary information necessary for you to track your referrals and rewards (such as the number of sign-ups or transactions attributable to your code), but not the personal identities of referred users.
  • Business Transfers: If MWX undergoes a business transaction such as a merger, acquisition by another company, reorganization, or sale of all or part of its assets, your personal data may be transferred as part of that deal. We will ensure the new owner continues to honor the privacy commitments we have made in this Policy. We will notify you (for example, via email or a prominent notice on our site) of any change in ownership or new uses of your personal information.
  • Legal Compliance and Protection: We may disclose personal information to courts, law enforcement, regulatory authorities, or other competent bodies when we believe disclosure is necessary (a) to comply with any applicable law, regulation, legal process, or governmental request; (b) to enforce our Terms of Service or other agreements; (c) to detect or investigate illegal activities, fraud, or security issues; (d) to protect the rights, property, and safety of MWX, our users, or others; or (e) to exercise or defend legal claims. We will only share the data that is reasonably required in these circumstances and, where legally possible, will inform you of such disclosure.
  • With Your Consent: Apart from the cases above, we will seek your consent before sharing your personal data with third parties for purposes not covered by this Policy. For example, if we ever want to publicly post a user testimonial with personal information, or if you opt-in to integrate MWX with another platform that requires sharing data, we will obtain your permission. You have the right to revoke such consent at any time.

No Sale of Personal Data

We do not sell your personal information to third parties for profit. In the context of CCPA, we do not "sell" or "share" (for cross-context behavioral advertising) personal data as those terms are defined in the law. If this changes in the future, we will update this Policy and provide appropriate opt-out mechanisms.

Public Blockchain Disclosures

If you engage in transactions involving the MWXT token or other blockchain features of the platform, note that certain information will be recorded on a public blockchain. For instance, MWXT transfers, staking, or voting transactions will be visible on the Solana blockchain (or other relevant blockchain), including your wallet address and transaction details. This information is public by design, and not controlled by MWX, meaning it cannot be altered or deleted by us. While these blockchain records typically do not contain direct personal identifiers (only cryptographic addresses), they might be linked to you by others (for example, if you publicly associate your wallet with your identity). Transactions recorded on a blockchain are immutable and may be accessible indefinitely, which also means data subject rights like deletion or correction cannot be applied to on-chain data written to the blockchain.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on the MWX platform:

  • What Cookies Are: Cookies are small text files stored on your device by websites or apps you visit. They allow us to recognize your browser or device and remember information about your visit (such as your preferences or login status). We also may use related technologies like web beacons (tiny graphic images in emails or on web pages) and local storage for similar purposes.
  • How We Use Cookies: MWX uses cookies to enable core platform functionality and to improve our services. For example, we use essential cookies to remember your session (so you don't have to log in repeatedly) and to enable secure navigation of the site. We use preference cookies to save your settings (like language or interface customizations). We use analytics cookies (including third-party cookies from providers like Google Analytics) to understand how users arrive at and use our site, which pages are popular, and how our campaigns are performing. This helps us improve content and usability. We may also use affiliate tracking cookies or similar identifiers to record when you visit our site via an affiliate link, so that we can properly credit the referrer. At this time, we do not use cookies for third-party targeted advertising, but if we begin doing so, we will update this Policy and request any necessary consent.
  • Cookie Consent: Where required by law, we will obtain your consent before using non-essential cookies (for instance, via a cookie banner when you first visit our site from the EU/UK). You have the right to choose which optional cookies to accept. Note that certain cookies that are necessary for the operation of the site (such as those for login or to keep track of your transactions in the marketplace) cannot be disabled without affecting service functionality.
  • Managing Cookies: You can manage or delete cookies at any time through your browser settings. Most browsers allow you to block or delete cookies, or to prompt you before accepting a cookie. You can also typically disable the use of third-party cookies specifically. Please be aware that if you disable cookies, some features of the MWX platform may not function properly (for example, you may not be able to stay logged in or some marketplace features might not remember your actions).
  • Do-Not-Track Signals: Some browsers offer a "Do Not Track" (DNT) setting that allows you to signal your privacy preference to websites. While there is not yet a consensus on how to interpret DNT signals, MWX does honor opt-out preferences for cookies where feasible. If a DNT signal is detected, we will treat it as a general opt-out of third-party tracking cookies. However, essential first-party cookies will still be used to ensure the service works.

For more detailed information on the specific cookies and trackers we use, and their retention periods, please see our [Cookie Notice](if provided separately). By continuing to use our site with cookies enabled, you consent to our use of cookies as described above.

Data Security

We take data protection seriously and implement appropriate technical and organizational measures to secure your personal information:

  • Security Measures: We use industry-standard security practices to protect data against unauthorized access, alteration, disclosure, or destruction. This includes encryption of data in transit (e.g. TLS encryption for data exchanged with our website) and, where applicable, encryption of sensitive data at rest. We employ firewalls and access controls to restrict access to databases and servers, and we regularly monitor our systems for vulnerabilities and attacks.
  • Limited Access: Internally, we limit access to personal data to employees, contractors, and agents who need that information to operate, develop, or improve our services. They are bound by strict confidentiality obligations and are subject to disciplinary measures (including termination and legal action) if they fail to meet these obligations. We also ensure that any third-party service providers handling personal data on our behalf are contractually obligated to protect it with high standards of security.
  • Blockchain and Smart Contract Security: MWX's platform leverages blockchain technology (Solana and related smart contracts) for certain functions like token transactions and audit trails. We subject our smart contracts to security audits and follow best practices to minimize the risk of exploits. However, please note that blockchain transactions, by their nature, carry some inherent risks (such as the risk of losing access to your crypto wallet or the irreversible nature of transfers). You are responsible for safeguarding your blockchain credentials (e.g. the private key or seed phrase to your MWXT wallet). MWX does not have access to your private keys, and we cannot recover tokens if you lose your credentials or send tokens to an incorrect address.
  • Privacy by Design: We strive to build privacy and security into our platform's design. For instance, whenever feasible, user data used in AI processing is encrypted or anonymized to protect privacy (e.g. your sensitive datasets can be processed by AI providers in an encrypted form, ensuring the provider cannot directly read your raw data). We also utilize blockchain audit trails that provide transparency without compromising personal data (transactions are verifiable on-chain while personal details remain off-chain). Such measures enhance security and trust beyond what is possible on centralized platforms.
  • Incident Response: Despite our efforts, no system is 100% secure. In the event of a data breach or security incident affecting your personal data, we will notify you and the appropriate authorities as required by law. We have a response plan in place to quickly mitigate any security incidents, should they occur, and to learn from them to strengthen our safeguards.

Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this Policy, or as required by law. In general:

  • User Account Information: We keep your account information (such as your profile and contact details) for as long as your account exists or as long as needed to provide you services. If you deactivate your account or request deletion, we will take steps to delete or anonymize your personal data within a reasonable timeframe, except as noted below.
  • Transaction and Usage Data: We retain logs of transactions, payments, and usage for audit, tax, and financial record-keeping purposes. Even if you delete your account, we may retain certain transactional records as required for compliance (for example, we may need to keep invoice records for several years under financial regulations). We will also retain records of consents, opt-outs, and other privacy preferences as required by law.
  • Communications: If you contact support or correspond with us, we may retain those communications for a period of time to ensure we have a history of your service requests and our responses, or as needed to handle any follow-up issues.
  • Backup and Archival: Copies of your data might remain in our backups or archives after it is removed from our active systems. We maintain backups for business continuity purposes, but will purge or secure them periodically. If restoring data from backups, we take care not to re-introduce data that you have requested to delete.
  • Anonymized Data: In some cases, we may convert personal data into anonymized, aggregated data for statistical analysis or business insights. Once anonymized (i.e., it can no longer be linked to an identifiable individual), we may retain this data indefinitely to help us understand trends and improve our services, without further notice to you.

When determining retention periods, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes of processing, and whether those purposes can be achieved through other means. In cases where your data is no longer needed for any permissible purpose, we will delete or irreversibly anonymize it.

International Data Transfers

MWX is a global platform – as such, your information may be transferred to and processed in countries other than your own. Specifically, most of our infrastructure is located in Singapore, and we also have operations and partners in Indonesia, British Virgin Islands, Cayman Islands, and other locations. This means that when you use MWX, your personal data could be transferred across national borders, for example from the European Economic Area (EEA) or the United States to Singapore or other countries.

While the data protection laws of these countries may differ from those in your jurisdiction, we take steps to ensure that your privacy remains protected:

  • Adequacy and Safeguards: If you are located in the EEA, United Kingdom, or other regions with data transfer restrictions, we rely on legally approved mechanisms to transfer your data. This may include European Commission Standard Contractual Clauses (SCCs) or equivalent legal safeguards to ensure an adequate level of data protection. We also may rely on the fact that the transfer is necessary for the performance of a contract with you (for example, to provide you with the requested service) or based on your consent where appropriate.
  • Group-Wide Standards: All MWX entities and offices follow a unified standard of data protection as set out in this Privacy Policy, regardless of location. Our internal policies and data handling practices are designed to provide a consistent level of protection to your data, wherever it is processed. When we transfer data from Singapore outward (under PDPA requirements) or from the EU inward, we implement measures to ensure recipients uphold confidentiality and security at least as protective as the requirements in the originating jurisdiction.
  • Third-Party Transfers: Many of our third-party service providers (e.g. cloud services) have data centers in the United States or other countries. When we engage such providers to process EEA or UK personal data, we will ensure that the data remains protected in line with GDPR standards. This often involves having data processing agreements including SCCs in place with those providers, or ensuring they are certified under frameworks like the Asia-Pacific Economic Cooperation (APEC) CBPR system, where applicable.
  • Your Acknowledgement: By using our services or submitting your personal information to us, you understand that your data may be transferred internationally as described above. We will obtain any necessary consents for international transfer as required by law. If you prefer not to have your information transferred to other countries, please refrain from using the platform or contact us to discuss any limitations we can accommodate.

If you have questions about our international data transfer practices, or need more information about the safeguards in place, you can contact us using the details in the Contact Us section below.

Your Rights and Choices

You have certain rights regarding your personal data. MWX is committed to honoring these rights (subject to applicable laws and some exceptions). These rights include:

  • Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to request a copy of the data we hold about you. We will provide this in a commonly used electronic format.
  • Rectification: If any of your personal information is inaccurate or incomplete, you have the right to ask us to correct or update it. You can also update most of your basic account information directly through your account settings.
  • Erasure (Right to be Forgotten): You may request that we delete your personal data. We will honor deletion requests to the extent required by applicable law. Note that we may need to retain certain information for the reasons outlined in Data Retention (such as to comply with legal obligations or for legitimate business purposes). If we cannot fully delete, we will inform you of the reasons (e.g. legal requirements) and, if possible, will anonymize or isolate the data.
  • Data Portability: You have the right to request a copy of personal data you provided to us in a structured, commonly used, machine-readable format, and to have that information transmitted to another service provider (when technically feasible). This right applies when processing is based on your consent or on a contract with you and carried out by automated means. For example, you could request a copy of the profile information and transaction history you provided to MWX.
  • Withdrawal of Consent: Where we rely on your consent to process personal data (for instance, for sending marketing emails or using certain cookies), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal. If you withdraw consent, we will stop the specific processing unless we have another legal basis to continue (e.g. a legal obligation).
  • Objection to Processing: You may have the right to object to certain processing activities. For example, if we are processing your data based on our legitimate interests, you can object and request we stop unless we have compelling legitimate grounds that override your privacy rights. You can also object at any time to the processing of your personal data for direct marketing purposes, and we will cease such marketing.
  • Restriction of Processing: You can request that we limit the processing of your personal data in certain circumstances (such as while we are verifying the accuracy of data you've contested, or if you want to preserve data for legal claims while we would otherwise delete it). During such restriction, your data will only be processed with your consent or for certain exempt purposes (storage, legal claims, public interest, etc.).
  • California Privacy Rights: If you are a California resident, you have specific rights under the CCPA (as amended by the CPRA), some of which overlap with the above. These include the right to know what categories of personal information we have collected, the sources of that information, the business purpose for collection, and the categories of third parties with whom we share it. You also have the right to request deletion of your personal information (with similar exceptions), and the right to correct inaccurate personal information. Additionally, you have the right to opt out of the sale or sharing of your personal information for targeted advertising purposes. As noted, we do not sell personal data, and you can also contact us to confirm that no sale or sharing is occurring with respect to your data. California law also provides that you have the right not to receive discriminatory treatment for exercising your privacy rights – MWX will not deny you services, charge you a different price, or provide a lesser quality of service just because you exercised your rights under CCPA.
  • Exercising Your Rights: To exercise any of the above rights, please contact us at the email or address provided in Contact Us below with your specific request. We may need to verify your identity before fulfilling certain requests (for example, by confirming control of your email address or requesting additional information as permitted by law) to protect your security. If you are an authorized agent making a request on behalf of someone else, we will require proof of your authorization and may still contact the individual to verify identity. We will respond to your request within the timeframe required by law (generally within 30 days for GDPR requests and 45 days for CCPA requests, with possible extensions). If we need an extension or cannot fulfill part of your request, we will explain the reason.
  • Complaints: If you believe we have processed your information in violation of applicable privacy laws, you have the right to lodge a complaint. Under GDPR, EU residents can file a complaint with their local Data Protection Authority or with Singapore's Personal Data Protection Commission (PDPC) since our lead operations are in Singapore. Under PDPA, you can contact the PDPC. Under CCPA, you can reach out to the California Privacy Protection Agency. We encourage you to contact us first, so we have the opportunity to address your concerns directly.

Children's Privacy

MWX's platform is not intended for children under the age of 16 (or the minimum age required by the laws in your jurisdiction for providing consent to data processing). We do not knowingly collect personal data from children. If you are under 16, please do not use our services or provide any personal information to us. If we learn that we have inadvertently collected personal data from a child under 16, we will take steps to delete such information promptly. Parents or guardians who believe that MWX might have collected information from a child can contact us to request deletion of the data.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this Policy. If the changes are significant, we will provide a more prominent notice, such as via email notification or a message on our website. We encourage you to review this Policy periodically to stay informed about how we are protecting your information.

Your continued use of the MWX platform after any update to this Policy becomes effective will signify your acceptance of the updated terms (to the extent permitted by law). If you do not agree to any changes, you should stop using the services and may request that we delete your personal data.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

  • MWX Global Pte. Ltd. (Data Protection Officer)
  • Email: privacy@mwxplatform.ai (or contact@mwxplatform.ai)
  • Postal Mail: Attn: Data Protection Officer, MWX Global Pte. Ltd., Singapore (address available on our website)

We will do our best to respond promptly and help resolve any issues. Your privacy is important to us, and we welcome your feedback.