WalletCheck Logo WalletCheck Back to home

Privacy Policy

WalletCheck AG · Last updated: December 2025

1. Introduction

This Privacy Policy explains how WalletCheck AG, Zug, Switzerland ("WalletCheck", "we", "our", "us") processes personal data when providing its software-as-a-service ("Service") to its professional clients ("Client").

This Policy is designed in accordance with the Swiss Federal Act on Data Protection (FADP) and is compatible with the EU General Data Protection Regulation (GDPR) where applicable.

In the event of conflict, the order of precedence between agreements is defined in the Terms of Use.

2. Roles and Responsibilities

2.1 Client as Data Controller

When the Client uploads or provides personal data (e.g., wallet addresses, case identifiers, annotations), the Client is the data controller and is responsible for ensuring a lawful basis for processing.

2.2 WalletCheck as Data Processor

WalletCheck processes such data solely on behalf of the Client, in accordance with the:

  • Terms of Use,
  • Master Service Agreement (MSA), and
  • Data Processing Agreement (DPA).

2.3 Public Blockchain Data (Independent Controller)

WalletCheck processes publicly available blockchain data (e.g., on-chain transactions, wallet interactions) as an independent controller, as this data is not provided by the Client and is essential to the Service.

3. Data We Process

3.1 Client-Provided Data (Processor)

The Client may provide or upload:

  • wallet addresses
  • case identifiers or internal reference IDs
  • notes or metadata relevant to compliance assessments

Wallet addresses may constitute pseudonymous personal data where linkable to an individual.

The Client must not upload special categories of personal data as defined under Art. 5 FADP / Art. 9 GDPR.

3.2 Operational & Security Logs

To maintain secure operation, we process minimal technical data:

  • login timestamps
  • IP address
  • user ID / work email
  • security events and error logs

This processing is based on our legitimate interest in platform integrity, security, and fraud prevention.

3.3 Public Blockchain Data

We analyze publicly accessible blockchain data as part of the Service.

4. Purpose of Processing

We process data solely for:

  • Providing the WalletCheck Service
  • Maintaining platform security and integrity
  • Detecting abuse or unauthorized access
  • Customer support and troubleshooting
  • Fulfilling legal and contractual obligations

We do not sell data, track individuals for marketing, or use Client Data for unrelated purposes.

5. Legal Basis

Under Swiss FADP:

Processing relies on:

  • performance of a contract,
  • overriding private interest (platform security), or
  • consent where required.

Under GDPR (if applicable):

Processing is based on:

  • Art. 6(1)(b) — contract performance,
  • Art. 6(1)(f) — legitimate interests (security, logs),
  • Art. 28 — processor obligations for Client Data.

6. Hosting and Security

6.1 Location

All Client Data is hosted in Microsoft Azure datacenters located in Switzerland.

6.2 Security Measures

We apply industry-standard technical and organizational security measures appropriate to the risk.

7. Data Sharing

We do not share Client Data with third parties except:

  • Microsoft Azure (as cloud infrastructure provider), and
  • when legally required by authorities.

8. Data Retention

8.1 Client Data

Upon termination of the Services, deletion occurs automatically as defined in the DPA.

8.2 Operational Logs

Retained for up to 180 days, unless required longer for security or legal obligations.

8.3 Public Blockchain Data

Retained indefinitely, as it forms part of the immutable public record and is required for accurate historical analytics.

9. Data Subject Rights

Where applicable under FADP or GDPR, individuals may request access, correction, deletion, restriction, or objection.

Requests relating to Client Data are forwarded to the Client (controller) within 30 days.

10. Cookies and Tracking

The WalletCheck platform:

  • uses no analytics cookies or trackers,
  • uses only essential technical cookies if required for authentication,
  • performs no advertising or behavioral tracking.

11. Minors

The Service is intended for professional use only.

We do not knowingly process personal data of minors.

12. Automated Decision-Making

Automated analyses do not constitute solely automated decision-making under Art. 21 FADP / Art. 22 GDPR. Assessments are informational and require human evaluation by the Client.

13. Confidentiality

All Client Data and internal information are treated as confidential.

Employees and subprocessors are bound by confidentiality obligations.

14. Updates to This Policy

Material updates will be communicated at least 30 days in advance. Continued use after the effective date constitutes acceptance.

15. Severability

If any provision of this Policy is invalid or unenforceable, the remaining provisions remain in effect.

16. Entire Agreement

This Policy, together with the Terms of Use, MSA, and DPA (where applicable), forms the complete agreement regarding privacy and data protection.

17. Contact

WalletCheck AG

6300 Zug

Switzerland

Email: privacy@wallet-check.io

© 2025 WalletCheck. All rights reserved.