Privacy Policy

1. Introduction

Umi ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and services (collectively, the "Services").

This policy complies with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and other applicable privacy laws.

2. Information We Collect

2.1 Information You Provide

• Contact Information: Email address, phone number
• Account Information: Username, profile information
• Wallet Information: Public wallet addresses (we never have access to your private keys)
• Waitlist Information: Email and phone number when you sign up for our waitlist
• Communications: Information you provide when contacting us

2.2 Information Collected Automatically

• Device Information: Device type, operating system, browser type
• Usage Data: Pages visited, features used, time spent on Services
• Log Data: Access times, referring URLs

3. How We Use Your Information

We use your information for the following purposes:

• To provide, maintain, and improve our Services
• To process transactions and send related information
• To send you updates, security alerts, and support messages
• To communicate about products, services, and events (with your consent)
• To detect, prevent, and address fraud and security issues
• To comply with legal obligations
• To notify you when our Services launch (waitlist)

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your data based on:

• Consent: When you sign up for our waitlist or opt-in to communications
• Contract: When necessary to provide our Services to you
• Legitimate Interests: For fraud prevention, security, and service improvement
• Legal Obligation: When required by law

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third parties that help us operate our Services (hosting, analytics, email delivery)
• Legal Requirements: When required by law, court order, or governmental authority
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you have given us permission

6. Your Privacy Rights

6.1 Rights for All Users

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Opt-out of marketing communications

6.2 Additional Rights for EEA Residents (GDPR)

• Right to data portability
• Right to restrict processing
• Right to object to processing
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

6.3 Additional Rights for California Residents (CCPA/CPRA)

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we do not sell your data)
• Right to non-discrimination for exercising your rights
• Right to correct inaccurate personal information
• Right to limit use of sensitive personal information

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Waitlist data is retained until you unsubscribe or our services launch and you create an account.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Do Not Track Signals

Some browsers have a "Do Not Track" feature. We currently do not respond to Do Not Track signals, as there is no industry standard for how to handle them.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:

For EEA residents, you also have the right to lodge a complaint with your local data protection authority.

14. California Shine the Light

California Civil Code Section 1798.83 permits California residents to request information regarding the disclosure of personal information to third parties for direct marketing purposes. We do not share your personal information with third parties for their direct marketing purposes.