This Privacy Policy complies with the Personal Data Protection Act (PDPA) of Singapore and the relevant guidelines of the Monetary Authority of Singapore (MAS), protecting the personal data of users worldwide.
Article 1 (Items of Personal Data Collected)
The Service is a non-custodial wallet without a separate sign-up process. In accordance with the Singapore PDPA, it collects only the minimum personal data essential for service utilization.
(1) Mandatory Collection Items (Automatically Generated & Collected)
- Wallet Address
- Transaction Hash
- Service Usage Records (Transaction history, access logs)
(2) Optional Collection Items (Only for Specific Feature Usage)
- Email Address: For 1:1 customer inquiries, announcements, and two-factor authentication (2FA)
Article 2 (Methods of Collecting Personal Data)
(1) Automatically generated and collected during the service usage process (including blockchain on-chain data)
(2) Directly inputted by the user for customer support or additional security feature settings
(3) Collected through integration with third-party services (e.g., DApp connections)
Article 3 (Purpose of Using Personal Data)
- Service Provision & Operation: Wallet Address, Transaction Hash
- Customer Support: Email (when inquiring), Transaction History, Access Logs
- Compliance with Singapore Laws & MAS Regulations: Utilizing on-chain data and IP addresses upon lawful request by regulatory authorities
Article 4 (Retention and Use Period of Personal Data)
(1) The Company retains personal data for the period necessary in accordance with Singapore laws and regulatory guidelines. When a user deletes the application and stops using the service, the collected offline/server data is destroyed immediately.
(2) Blockchain on-chain data (Wallet Address, Transaction Hash, etc.) is permanently preserved due to the technical nature of blockchain networks, and the Company cannot modify or destroy it.
Article 5 (Provision of Personal Data to Third Parties)
In principle, the Company does not provide users' personal data to external parties. However, exceptions are made in the following cases:
(1) When the user gives prior consent
(2) When requested in accordance with Singapore laws or lawful procedures of judicial or regulatory authorities such as MAS
(3) To comply with AML/CFT (Anti-Money Laundering/Countering the Financing of Terrorism) laws and MAS notices
Article 6 (Rights of the User and Method of Exercise)
(1) Users may request access, correction, or erasure of their personal data via email (privacy@bukcs.com) in accordance with the Singapore PDPA and GDPR.
(2) However, the exercise of such rights is limited for blockchain on-chain data specified in Article 4 (2), as erasure is technically impossible.
Article 7 (Measures to Ensure the Safety of Personal Data)
The Company implements the following security measures in compliance with the MAS Technology Risk Management (TRM) guidelines:
- Data Encryption: Stored with AES-256 encryption and TLS 1.3 applied during transmission
- Access Control: Application of the principle of least privilege and management of access logs
- Vulnerability Management: Regular penetration testing and external security audits
- Non-retention of Private Keys: User private keys are not stored on the Company's servers
Article 8 (Cookies and Tracking Technologies)
The Service may use cookies and similar tracking technologies for analysis purposes. Users can refuse to store cookies through settings, which may restrict some functions.
Article 9 (Data Protection Officer)
The Company has designated a Data Protection Officer (DPO) in accordance with the Singapore PDPA as follows:
- Company Name: Bukcs Pte. Ltd.
- Title: Data Protection Officer (DPO)
- Email: privacy@bukcs.com
- Address: Registered office address in Singapore (Refer to the announcement within the service)
KOOKMIN WALLET