Bailsec's Privacy policy

Effective Date: 01.01.2026

Last Updated: 01.05.2026

Bailsec LLC ("Bailsec", "we", "us", or "our") is a Wyoming, USA limited liability company that provides smart contract auditing, blockchain security review, and related advisory services. We respect your privacy and are committed to handling your personal data responsibly and in accordance with applicable data protection laws, including the EU General Data Protection Regulation ("GDPR"), the UK GDPR, and the California Consumer Privacy Act ("CCPA")

This Privacy Policy explains what personal data we collect when you visit bailsec.io (the "Website") or use our services (the "Services"), why we collect it, how we use, share, and protect it, and what rights you have. By using the Website or the Services, you agree to the practices described below.

1. Who We Are and How to Contact Us

This Privacy Policy is issued by Bailsec LLC. If you have questions about this policy, want to exercise your rights, or wish to lodge a privacy concern, you can reach us at:

• Email: office@bailsec.io
• Website: https://bailsec.io

For all privacy-related correspondence, please use the email above and clearly identify your request (for example, "Access Request" or "Deletion Request").

2. Scope of This Policy

This Privacy Policy applies only to personal data collected by Bailsec through the Website and the Services. It does not apply to:

• Third-party websites, tools, or services we link to;
• Information you publish on public blockchains (which is, by design, public and outside our control);
• Information clients share with their own end users on their own platforms.

You may access the Website from a desktop, laptop, mobile phone, tablet, or other connected device. This policy applies regardless of the device used.

3. What Personal Data We Collect

We collect personal data in two ways: directly from you, and automatically through your interaction with the Website.

3.1 Information You Provide Directly

• Contact and identification data: name, business email, company name, job title, country, and similar details when you reach out to us, request a quote, fill out a form, or sign an engagement.
• Engagement data: smart contract source code, repositories, technical specifications, threat models, and any related materials you submit for audit or review. To the extent these materials contain personal data of third parties, you confirm you have the right to share them with us.
• Communications: the contents of emails, chat messages, support tickets, scheduled call notes, and any feedback you send us.
• Recruitment data: if you apply for a role at Bailsec, we collect your name, contact information, CV/resume, LinkedIn profile, work history, education, and any additional information you provide as part of your application.
• Billing data: company billing details, VAT/tax identifiers, and payment references. We do not store full payment card numbers; payments are processed by third-party payment providers.

3.2 Information Collected Automatically

When you visit the Website, we (and our analytics providers) may automatically collect:

• IP address, approximate location, browser type and version, operating system, device type, and language preferences;
• Pages viewed, links clicked, time spent, and referring URLs;
• Session identifiers, cookies, and similar tracking technologies (see Section 12).

This information is generally non-identifying on its own, but may become personal data when combined with other information.

3.3 Information from Third Parties

In limited cases we may obtain information from public sources, including company websites, public registries, sanctions and PEP lists, professional networks (e.g., LinkedIn), and news media, primarily for due diligence, KYC, and to verify the legitimacy of prospective clients and engagements.

4. Why We Process Your Personal Data

We process personal data only for clearly defined purposes:

• Delivering the Services, including conducting audits, producing reports, communicating findings, and managing engagements.
• Verifying identity and complying with KYC/AML obligations, sanctions screening, and applicable financial-crime laws.
• Operating, securing, and improving the Website, including diagnostics, debugging, and protecting against abuse.
• Communicating with you, including responding to inquiries, sending engagement updates, and (where permitted) sharing relevant security insights or product updates.
• Marketing and business development, where lawful and based on legitimate interest or your consent. You can opt out at any time.
• Recruiting, including evaluating applications and contacting candidates.
• Legal, accounting, and regulatory compliance, including responding to lawful requests and keeping records required by law.
• Defending and exercising legal claims, where necessary to protect our rights, our clients, or third parties.

The same data may serve multiple purposes simultaneously.

5. Legal Bases for Processing (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Performance of a contract‚ Äî to deliver the Services you engaged us for, manage billing, and administer the engagement.
• Legitimate interests ‚Äî to operate, secure, and improve the Website and Services; conduct due diligence; perform direct marketing to existing clients; and protect our business. We carry out a balancing test before relying on this basis.
• Legal obligation ‚Äî to comply with applicable laws (e.g., tax, AML, sanctions, court orders).
• Consent ‚Äî for non-essential cookies, optional marketing communications, and any other case where consent is required. You can withdraw consent at any time without affecting the lawfulness of prior processing.

6. How We Collect Data

We collect personal data:

• Directly from you*, when you contact us, fill out forms, request a demo or quote, attend our events, sign an engagement, apply for a role, or otherwise interact with us;
• Automatically, through cookies, log files, and analytics tools when you browse the Website;
• Indirectly, from public sources, registries, partners, or referrals where lawful;
• From clients, when they share materials in connection with an engagement (which may incidentally contain personal data).

7. Who We Share Personal Data With

We do not sell personal data. We may share personal data with the following categories of recipients, only to the extent necessary:

• Service providers and processors* who help us operate the business ‚Äî for example, cloud hosting, secure code repositories, communication and ticketing tools, email and CRM platforms, analytics, billing and payment processors, and IT support
• Professional advisors*, such as lawyers, accountants, auditors, and insurers.
• KYC and identity verification providers*, where required.
• Government, regulators, and law enforcement*, when legally compelled or to protect rights, property, or safety.
• Successors in a corporate transaction*, such as a merger, acquisition, restructuring, or sale of assets ‚Äî in which case appropriate confidentiality safeguards will apply.
• Other parties with your consent or at your direction.

When we engage processors, we put written contracts in place requiring them to handle personal data in line with this Privacy Policy and applicable law, and to implement appropriate security measures.

8. International Data Transfers

Bailsec is based in Wyoming, USA. Some of our service providers may process personal data in other jurisdictions, including outside the EU/EEA, UK, or Switzerland. Where we transfer personal data internationally, we rely on appropriate safeguards, such as Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms.

You acknowledge that no method of internet transmission is fully secure. While we apply industry-standard protections, we cannot guarantee absolute security in transit.

9. Data Retention

We keep personal data only as long as we need it for the purposes described in this Privacy Policy:

• Website visitors: generally up to 24 months from your last interaction.
• Clients and engagements: for the duration of the engagement plus up to **10 years**, to comply with legal, tax, audit, professional liability, and recordkeeping obligations.
• Recruiting candidates: for the duration of the recruiting process, after which we delete or anonymize records, unless you have asked us to keep your application on file for future opportunities.
• Marketing contacts: until you opt out, after which we keep a minimal suppression record to honor your choice.

After the applicable retention period, we securely delete, destroy, or anonymize the data.

10. Data Security

We implement reasonable technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include access controls on a "need-to-know" basis, encryption in transit, vendor due diligence, internal policies, and ongoing review of our security posture.

That said, no system is impenetrable, and transmission of data over the internet always carries some level of risk. If a security incident affects your personal data, we will notify you and the relevant authorities where required by law.

11. Your Rights

Depending on where you live, you may have some or all of the following rights regarding your personal data:

• Right of access‚Äî request a copy of the personal data we hold about you.
• Right to rectification ‚Äî ask us to correct incomplete or inaccurate data.
• Right to erasure ‚Äî ask us to delete your personal data in certain circumstances.
• Right to restrict processing ‚Äî ask us to pause processing while a concern is investigated.
• Right to object ‚Äî object to processing based on legitimate interests, including direct marketing.
• Right to data portability*‚Äî receive certain data in a structured, machine-readable format.
• Right to withdraw consent‚Äî at any time, where processing is based on consent.
• Right to lodge a complaint with a supervisory authority in your jurisdiction.

To exercise any of these rights, contact us at office@bailsec.io. We may need to verify your identity before fulfilling the request, and we will respond within the timeframe required by applicable law (typically within 30 days, extendable where permitted).

11.1 California Residents (CCPA / CPRA)

If you are a California resident, you have the right to request:

• The categories and specific pieces of personal information we have collected about you;
• The categories of sources from which we collected the information;
• The business or commercial purposes for collecting the information;
• The categories of third parties with whom we shared the information;
• Deletion of personal information, subject to legal exceptions;
• Correction of inaccurate personal information;
• To opt out of the "sale" or "sharing" of personal information ‚Äî although Bailsec LLC does not sell personal information.

We will not discriminate against you for exercising your CCPA rights. To make a request, email office@bailsec.io*.

12. Cookies and Similar Technologies

The Website uses cookies and similar technologies (such as pixels and local storage) to operate, secure, and improve the user experience. Cookies are small files placed on your device that allow the Website to recognize your browser, remember preferences, and gather usage statistics.

We use:

• Strictly necessary cookies to make the Website work (e.g., authentication, load balancing, consent storage);
• Analytics cookies to understand how visitors interact with the Website;
• Functional cookies to remember preferences such as language;
• Marketing cookies (only with your consent, where required) to measure the effectiveness of campaigns.

You can manage cookies through our cookie banner and through your browser settings. Disabling certain cookies may affect Website functionality. For details, please see our separate Cookie Policy.

13. Third-Party Links

The Website may contain links to third-party sites, tools, or repositories (for example, GitHub, social networks, blockchain explorers). We are not responsible for the content, privacy practices, or security of those third-party services. Review their privacy policies before submitting any personal data.

14. Children's Privacy

The Website and Services are intended for business users and are not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us personal data, contact us at **office@bailsec.io** so we can delete it.

15. Anti-Spam and Marketing Communications

We comply with applicable anti-spam laws, including the U.S. CAN-SPAM Act. This means:

• We do not use false or misleading sender names or subject lines;
• Marketing emails identify Bailsec as the sender and include our physical address;
• Every marketing email includes an "unsubscribe" mechanism, which we honor promptly;
• You can also opt out at any time by emailing office@bailsec.io with the subject "Unsubscribe".

Opting out of marketing does not stop transactional or service-related communications (e.g., engagement updates, audit deliveries, security advisories).

16. Automated Decision-Making

We do not use your personal data to make decisions about you that produce legal or similarly significant effects through solely automated means.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The "Last Updated" date at the top indicates when the most recent revision took effect. Where changes are material, we will provide additional notice (for example, by email or a prominent banner on the Website). Please review this Privacy Policy periodically.

18. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of the State of Wyoming, United States of America, without regard to conflict-of-laws principles. The courts located in Wyoming, USA shall have exclusive jurisdiction over any dispute arising from or relating to this Privacy Policy, except where applicable mandatory consumer or data-protection laws grant you the right to bring proceedings in your country of residence.

19. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your personal data, please contact:

*Bailsec LLC

Email: office@bailsec.io

Website: https://bailsec.io

‍

Bailsec's Privacy policy

Bailsec LLC ("Bailsec", "we", "us", or "our") is a Wyoming, USA limited liability company that provides smart contract auditing, blockchain security review, and related advisory services. We respect your privacy and are committed to handling your personal data responsibly and in accordance with applicable data protection laws, including the EU General Data Protection Regulation ("GDPR"), the UK GDPR, and the California Consumer Privacy Act ("CCPA").

This Privacy Policy explains what personal data we collect when you visit bailsec.io (the "Website") or use our services (the "Services"), why we collect it, how we use, share, and protect it, and what rights you have. By using the Website or the Services, you agree to the practices described below.

1. Who We Are and How to Contact Us

This Privacy Policy is issued by Bailsec LLC. If you have questions about this policy, want to exercise your rights, or wish to lodge a privacy concern, you can reach us at:

• Email: office@bailsec.io
• Website: https://bailsec.io

For all privacy-related correspondence, please use the email above and clearly identify your request (for example, "Access Request" or "Deletion Request").

2. Scope of This Policy

This Privacy Policy applies only to personal data collected by Bailsec through the Website and the Services. It does not apply to:

• Third-party websites, tools, or services we link to;
• Information you publish on public blockchains (which is, by design, public and outside our control);
• Information clients share with their own end users on their own platforms.

You may access the Website from a desktop, laptop, mobile phone, tablet, or other connected device. This policy applies regardless of the device used.

3. What Personal Data We Collect

We collect personal data in two ways: directly from you, and automatically through your interaction with the Website.

3.1 Information You Provide Directly

• Contact and identification data: name, business email, company name, job title, country, and similar details when you reach out to us, request a quote, fill out a form, or sign an engagement.
• Engagement data: smart contract source code, repositories, technical specifications, threat models, and any related materials you submit for audit or review. To the extent these materials contain personal data of third parties, you confirm you have the right to share them with us.
• Communications: the contents of emails, chat messages, support tickets, scheduled call notes, and any feedback you send us.
• Recruitment data: if you apply for a role at Bailsec, we collect your name, contact information, CV/resume, LinkedIn profile, work history, education, and any additional information you provide as part of your application.
• Billing data: company billing details, VAT/tax identifiers, and payment references. We do not store full payment card numbers; payments are processed by third-party payment providers.

3.2 Information Collected Automatically

When you visit the Website, we (and our analytics providers) may automatically collect:

• IP address, approximate location, browser type and version, operating system, device type, and language preferences;
• Pages viewed, links clicked, time spent, and referring URLs;
• Session identifiers, cookies, and similar tracking technologies (see Section 12).

This information is generally non-identifying on its own, but may become personal data when combined with other information.

3.3 Information from Third Parties

In limited cases we may obtain information from public sources, including company websites, public registries, sanctions and PEP lists, professional networks (e.g., LinkedIn), and news media, primarily for due diligence, KYC, and to verify the legitimacy of prospective clients and engagements.

4. Why We Process Your Personal Data

We process personal data only for clearly defined purposes:

• Delivering the Services, including conducting audits, producing reports, communicating findings, and managing engagements.
• Verifying identity and complying with KYC/AML obligations, sanctions screening, and applicable financial-crime laws.
• Operating, securing, and improving the Website, including diagnostics, debugging, and protecting against abuse.
• Communicating with you, including responding to inquiries, sending engagement updates, and (where permitted) sharing relevant security insights or product updates.
• Marketing and business development, where lawful and based on legitimate interest or your consent. You can opt out at any time.
• Recruiting, including evaluating applications and contacting candidates.
• Legal, accounting, and regulatory compliance, including responding to lawful requests and keeping records required by law.
• Defending and exercising legal claims, where necessary to protect our rights, our clients, or third parties.

The same data may serve multiple purposes simultaneously.

5. Legal Bases for Processing (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Performance of a contract‚ Äî to deliver the Services you engaged us for, manage billing, and administer the engagement.
• Legitimate interests ‚Äî to operate, secure, and improve the Website and Services; conduct due diligence; perform direct marketing to existing clients; and protect our business. We carry out a balancing test before relying on this basis.
• Legal obligation ‚Äî to comply with applicable laws (e.g., tax, AML, sanctions, court orders).
• Consent ‚Äî for non-essential cookies, optional marketing communications, and any other case where consent is required. You can withdraw consent at any time without affecting the lawfulness of prior processing.

6. How We Collect Data

We collect personal data:

• Directly from you*, when you contact us, fill out forms, request a demo or quote, attend our events, sign an engagement, apply for a role, or otherwise interact with us;
• Automatically, through cookies, log files, and analytics tools when you browse the Website;
• Indirectly, from public sources, registries, partners, or referrals where lawful;
• From clients, when they share materials in connection with an engagement (which may incidentally contain personal data).

7. Who We Share Personal Data With

We do not sell personal data. We may share personal data with the following categories of recipients, only to the extent necessary:

• Service providers and processors* who help us operate the business ‚Äî for example, cloud hosting, secure code repositories, communication and ticketing tools, email and CRM platforms, analytics, billing and payment processors, and IT support
• Professional advisors*, such as lawyers, accountants, auditors, and insurers.
• KYC and identity verification providers*, where required.
• Government, regulators, and law enforcement*, when legally compelled or to protect rights, property, or safety.
• Successors in a corporate transaction*, such as a merger, acquisition, restructuring, or sale of assets ‚Äî in which case appropriate confidentiality safeguards will apply.
• Other parties with your consent or at your direction.

When we engage processors, we put written contracts in place requiring them to handle personal data in line with this Privacy Policy and applicable law, and to implement appropriate security measures.

8. International Data Transfers

Bailsec is based in Wyoming, USA. Some of our service providers may process personal data in other jurisdictions, including outside the EU/EEA, UK, or Switzerland. Where we transfer personal data internationally, we rely on appropriate safeguards, such as Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms.

You acknowledge that no method of internet transmission is fully secure. While we apply industry-standard protections, we cannot guarantee absolute security in transit.

9. Data Retention

We keep personal data only as long as we need it for the purposes described in this Privacy Policy:

• Website visitors: generally up to 24 months from your last interaction.
• Clients and engagements: for the duration of the engagement plus up to **10 years**, to comply with legal, tax, audit, professional liability, and recordkeeping obligations.
• Recruiting candidates: for the duration of the recruiting process, after which we delete or anonymize records, unless you have asked us to keep your application on file for future opportunities.
• Marketing contacts: until you opt out, after which we keep a minimal suppression record to honor your choice.

After the applicable retention period, we securely delete, destroy, or anonymize the data.

10. Data Security

We implement reasonable technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include access controls on a "need-to-know" basis, encryption in transit, vendor due diligence, internal policies, and ongoing review of our security posture.

That said, no system is impenetrable, and transmission of data over the internet always carries some level of risk. If a security incident affects your personal data, we will notify you and the relevant authorities where required by law.

11. Your Rights

Depending on where you live, you may have some or all of the following rights regarding your personal data:

• Right of access‚Äî request a copy of the personal data we hold about you.
• Right to rectification ‚Äî ask us to correct incomplete or inaccurate data.
• Right to erasure ‚Äî ask us to delete your personal data in certain circumstances.
• Right to restrict processing ‚Äî ask us to pause processing while a concern is investigated.
• Right to object ‚Äî object to processing based on legitimate interests, including direct marketing.
• Right to data portability*‚Äî receive certain data in a structured, machine-readable format.
• Right to withdraw consent‚Äî at any time, where processing is based on consent.
• Right to lodge a complaint with a supervisory authority in your jurisdiction.

To exercise any of these rights, contact us at office@bailsec.io. We may need to verify your identity before fulfilling the request, and we will respond within the timeframe required by applicable law (typically within 30 days, extendable where permitted).

11.1 California Residents (CCPA / CPRA)

If you are a California resident, you have the right to request:

• The categories and specific pieces of personal information we have collected about you;
• The categories of sources from which we collected the information;
• The business or commercial purposes for collecting the information;
• The categories of third parties with whom we shared the information;
• Deletion of personal information, subject to legal exceptions;
• Correction of inaccurate personal information;
• To opt out of the "sale" or "sharing" of personal information ‚Äî although Bailsec LLC does not sell personal information.

We will not discriminate against you for exercising your CCPA rights. To make a request, email office@bailsec.io*.

12. Cookies and Similar Technologies

The Website uses cookies and similar technologies (such as pixels and local storage) to operate, secure, and improve the user experience. Cookies are small files placed on your device that allow the Website to recognize your browser, remember preferences, and gather usage statistics.

We use:

• Strictly necessary cookies to make the Website work (e.g., authentication, load balancing, consent storage);
• Analytics cookies to understand how visitors interact with the Website;
• Functional cookies to remember preferences such as language;
• Marketing cookies (only with your consent, where required) to measure the effectiveness of campaigns.

You can manage cookies through our cookie banner and through your browser settings. Disabling certain cookies may affect Website functionality. For details, please see our separate Cookie Policy.

13. Third-Party Links

The Website may contain links to third-party sites, tools, or repositories (for example, GitHub, social networks, blockchain explorers). We are not responsible for the content, privacy practices, or security of those third-party services. Review their privacy policies before submitting any personal data.

14. Children's Privacy

The Website and Services are intended for business users and are not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us personal data, contact us at **office@bailsec.io** so we can delete it.

15. Anti-Spam and Marketing Communications

We comply with applicable anti-spam laws, including the U.S. CAN-SPAM Act. This means:

• We do not use false or misleading sender names or subject lines;
• Marketing emails identify Bailsec as the sender and include our physical address;
• Every marketing email includes an "unsubscribe" mechanism, which we honor promptly;
• You can also opt out at any time by emailing office@bailsec.io with the subject "Unsubscribe".

Opting out of marketing does not stop transactional or service-related communications (e.g., engagement updates, audit deliveries, security advisories).

16. Automated Decision-Making

We do not use your personal data to make decisions about you that produce legal or similarly significant effects through solely automated means.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The "Last Updated" date at the top indicates when the most recent revision took effect. Where changes are material, we will provide additional notice (for example, by email or a prominent banner on the Website). Please review this Privacy Policy periodically.

18. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of the State of Wyoming, United States of America, without regard to conflict-of-laws principles. The courts located in Wyoming, USA shall have exclusive jurisdiction over any dispute arising from or relating to this Privacy Policy, except where applicable mandatory consumer or data-protection laws grant you the right to bring proceedings in your country of residence.

19. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your personal data, please contact:

*Bailsec LLC

Email: office@bailsec.io

Website: https://bailsec.io

‍

Bailsec's Privacy policy

Bailsec LLC ("Bailsec", "we", "us", or "our") is a Wyoming, USA limited liability company that provides smart contract auditing, blockchain security review, and related advisory services. We respect your privacy and are committed to handling your personal data responsibly and in accordance with applicable data protection laws, including the EU General Data Protection Regulation ("GDPR"), the UK GDPR, and the California Consumer Privacy Act ("CCPA").

This Privacy Policy explains what personal data we collect when you visit bailsec.io (the "Website") or use our services (the "Services"), why we collect it, how we use, share, and protect it, and what rights you have. By using the Website or the Services, you agree to the practices described below.

1. Who We Are and How to Contact Us

This Privacy Policy is issued by Bailsec LLC. If you have questions about this policy, want to exercise your rights, or wish to lodge a privacy concern, you can reach us at:

• Email: office@bailsec.io
• Website: https://bailsec.io

For all privacy-related correspondence, please use the email above and clearly identify your request (for example, "Access Request" or "Deletion Request").

2. Scope of This Policy

This Privacy Policy applies only to personal data collected by Bailsec through the Website and the Services. It does not apply to:

• Third-party websites, tools, or services we link to;
• Information you publish on public blockchains (which is, by design, public and outside our control);
• Information clients share with their own end users on their own platforms.

You may access the Website from a desktop, laptop, mobile phone, tablet, or other connected device. This policy applies regardless of the device used.

3. What Personal Data We Collect

We collect personal data in two ways: directly from you, and automatically through your interaction with the Website.

3.1 Information You Provide Directly

• Contact and identification data: name, business email, company name, job title, country, and similar details when you reach out to us, request a quote, fill out a form, or sign an engagement.
• Engagement data: smart contract source code, repositories, technical specifications, threat models, and any related materials you submit for audit or review. To the extent these materials contain personal data of third parties, you confirm you have the right to share them with us.
• Communications: the contents of emails, chat messages, support tickets, scheduled call notes, and any feedback you send us.
• Recruitment data: if you apply for a role at Bailsec, we collect your name, contact information, CV/resume, LinkedIn profile, work history, education, and any additional information you provide as part of your application.
• Billing data: company billing details, VAT/tax identifiers, and payment references. We do not store full payment card numbers; payments are processed by third-party payment providers.

3.2 Information Collected Automatically

When you visit the Website, we (and our analytics providers) may automatically collect:

• IP address, approximate location, browser type and version, operating system, device type, and language preferences;
• Pages viewed, links clicked, time spent, and referring URLs;
• Session identifiers, cookies, and similar tracking technologies (see Section 12).

This information is generally non-identifying on its own, but may become personal data when combined with other information.

3.3 Information from Third Parties

In limited cases we may obtain information from public sources, including company websites, public registries, sanctions and PEP lists, professional networks (e.g., LinkedIn), and news media, primarily for due diligence, KYC, and to verify the legitimacy of prospective clients and engagements.

4. Why We Process Your Personal Data

We process personal data only for clearly defined purposes:

• Delivering the Services, including conducting audits, producing reports, communicating findings, and managing engagements.
• Verifying identity and complying with KYC/AML obligations, sanctions screening, and applicable financial-crime laws.
• Operating, securing, and improving the Website, including diagnostics, debugging, and protecting against abuse.
• Communicating with you, including responding to inquiries, sending engagement updates, and (where permitted) sharing relevant security insights or product updates.
• Marketing and business development, where lawful and based on legitimate interest or your consent. You can opt out at any time.
• Recruiting, including evaluating applications and contacting candidates.
• Legal, accounting, and regulatory compliance, including responding to lawful requests and keeping records required by law.
• Defending and exercising legal claims, where necessary to protect our rights, our clients, or third parties.

The same data may serve multiple purposes simultaneously.

5. Legal Bases for Processing (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Performance of a contract‚ Äî to deliver the Services you engaged us for, manage billing, and administer the engagement.
• Legitimate interests ‚Äî to operate, secure, and improve the Website and Services; conduct due diligence; perform direct marketing to existing clients; and protect our business. We carry out a balancing test before relying on this basis.
• Legal obligation ‚Äî to comply with applicable laws (e.g., tax, AML, sanctions, court orders).
• Consent ‚Äî for non-essential cookies, optional marketing communications, and any other case where consent is required. You can withdraw consent at any time without affecting the lawfulness of prior processing.

6. How We Collect Data

We collect personal data:

• Directly from you*, when you contact us, fill out forms, request a demo or quote, attend our events, sign an engagement, apply for a role, or otherwise interact with us;
• Automatically, through cookies, log files, and analytics tools when you browse the Website;
• Indirectly, from public sources, registries, partners, or referrals where lawful;
• From clients, when they share materials in connection with an engagement (which may incidentally contain personal data).

7. Who We Share Personal Data With

We do not sell personal data. We may share personal data with the following categories of recipients, only to the extent necessary:

• Service providers and processors* who help us operate the business ‚Äî for example, cloud hosting, secure code repositories, communication and ticketing tools, email and CRM platforms, analytics, billing and payment processors, and IT support
• Professional advisors*, such as lawyers, accountants, auditors, and insurers.
• KYC and identity verification providers*, where required.
• Government, regulators, and law enforcement*, when legally compelled or to protect rights, property, or safety.
• Successors in a corporate transaction*, such as a merger, acquisition, restructuring, or sale of assets ‚Äî in which case appropriate confidentiality safeguards will apply.
• Other parties with your consent or at your direction.

When we engage processors, we put written contracts in place requiring them to handle personal data in line with this Privacy Policy and applicable law, and to implement appropriate security measures.

8. International Data Transfers

Bailsec is based in Wyoming, USA. Some of our service providers may process personal data in other jurisdictions, including outside the EU/EEA, UK, or Switzerland. Where we transfer personal data internationally, we rely on appropriate safeguards, such as Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms.

You acknowledge that no method of internet transmission is fully secure. While we apply industry-standard protections, we cannot guarantee absolute security in transit.

9. Data Retention

We keep personal data only as long as we need it for the purposes described in this Privacy Policy:

• Website visitors: generally up to 24 months from your last interaction.
• Clients and engagements: for the duration of the engagement plus up to **10 years**, to comply with legal, tax, audit, professional liability, and recordkeeping obligations.
• Recruiting candidates: for the duration of the recruiting process, after which we delete or anonymize records, unless you have asked us to keep your application on file for future opportunities.
• Marketing contacts: until you opt out, after which we keep a minimal suppression record to honor your choice.

After the applicable retention period, we securely delete, destroy, or anonymize the data.

10. Data Security

We implement reasonable technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include access controls on a "need-to-know" basis, encryption in transit, vendor due diligence, internal policies, and ongoing review of our security posture.

That said, no system is impenetrable, and transmission of data over the internet always carries some level of risk. If a security incident affects your personal data, we will notify you and the relevant authorities where required by law.

11. Your Rights

Depending on where you live, you may have some or all of the following rights regarding your personal data:

• Right of access‚Äî request a copy of the personal data we hold about you.
• Right to rectification ‚Äî ask us to correct incomplete or inaccurate data.
• Right to erasure ‚Äî ask us to delete your personal data in certain circumstances.
• Right to restrict processing ‚Äî ask us to pause processing while a concern is investigated.
• Right to object ‚Äî object to processing based on legitimate interests, including direct marketing.
• Right to data portability*‚Äî receive certain data in a structured, machine-readable format.
• Right to withdraw consent‚Äî at any time, where processing is based on consent.
• Right to lodge a complaint with a supervisory authority in your jurisdiction.

To exercise any of these rights, contact us at office@bailsec.io. We may need to verify your identity before fulfilling the request, and we will respond within the timeframe required by applicable law (typically within 30 days, extendable where permitted).

11.1 California Residents (CCPA / CPRA)

If you are a California resident, you have the right to request:

• The categories and specific pieces of personal information we have collected about you;
• The categories of sources from which we collected the information;
• The business or commercial purposes for collecting the information;
• The categories of third parties with whom we shared the information;
• Deletion of personal information, subject to legal exceptions;
• Correction of inaccurate personal information;
• To opt out of the "sale" or "sharing" of personal information ‚Äî although Bailsec LLC does not sell personal information.

We will not discriminate against you for exercising your CCPA rights. To make a request, email office@bailsec.io*.

12. Cookies and Similar Technologies

The Website uses cookies and similar technologies (such as pixels and local storage) to operate, secure, and improve the user experience. Cookies are small files placed on your device that allow the Website to recognize your browser, remember preferences, and gather usage statistics.

We use:

• Strictly necessary cookies to make the Website work (e.g., authentication, load balancing, consent storage);
• Analytics cookies to understand how visitors interact with the Website;
• Functional cookies to remember preferences such as language;
• Marketing cookies (only with your consent, where required) to measure the effectiveness of campaigns.

You can manage cookies through our cookie banner and through your browser settings. Disabling certain cookies may affect Website functionality. For details, please see our separate Cookie Policy.

13. Third-Party Links

The Website may contain links to third-party sites, tools, or repositories (for example, GitHub, social networks, blockchain explorers). We are not responsible for the content, privacy practices, or security of those third-party services. Review their privacy policies before submitting any personal data.

14. Children's Privacy

The Website and Services are intended for business users and are not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us personal data, contact us at **office@bailsec.io** so we can delete it.

15. Anti-Spam and Marketing Communications

We comply with applicable anti-spam laws, including the U.S. CAN-SPAM Act. This means:

• We do not use false or misleading sender names or subject lines;
• Marketing emails identify Bailsec as the sender and include our physical address;
• Every marketing email includes an "unsubscribe" mechanism, which we honor promptly;
• You can also opt out at any time by emailing office@bailsec.io with the subject "Unsubscribe".

Opting out of marketing does not stop transactional or service-related communications (e.g., engagement updates, audit deliveries, security advisories).

16. Automated Decision-Making

We do not use your personal data to make decisions about you that produce legal or similarly significant effects through solely automated means.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The "Last Updated" date at the top indicates when the most recent revision took effect. Where changes are material, we will provide additional notice (for example, by email or a prominent banner on the Website). Please review this Privacy Policy periodically.

18. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of the State of Wyoming, United States of America, without regard to conflict-of-laws principles. The courts located in Wyoming, USA shall have exclusive jurisdiction over any dispute arising from or relating to this Privacy Policy, except where applicable mandatory consumer or data-protection laws grant you the right to bring proceedings in your country of residence.

19. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your personal data, please contact:

*Bailsec LLC

Email: office@bailsec.io

Website: https://bailsec.io

‍

Bailsec's Privacy policy

Bailsec LLC ("Bailsec", "we", "us", or "our") is a Wyoming, USA limited liability company that provides smart contract auditing, blockchain security review, and related advisory services. We respect your privacy and are committed to handling your personal data responsibly and in accordance with applicable data protection laws, including the EU General Data Protection Regulation ("GDPR"), the UK GDPR, and the California Consumer Privacy Act ("CCPA").

This Privacy Policy explains what personal data we collect when you visit bailsec.io (the "Website") or use our services (the "Services"), why we collect it, how we use, share, and protect it, and what rights you have. By using the Website or the Services, you agree to the practices described below.

1. Who We Are and How to Contact Us

This Privacy Policy is issued by Bailsec LLC. If you have questions about this policy, want to exercise your rights, or wish to lodge a privacy concern, you can reach us at:

• Email: office@bailsec.io
• Website: https://bailsec.io

For all privacy-related correspondence, please use the email above and clearly identify your request (for example, "Access Request" or "Deletion Request").

2. Scope of This Policy

This Privacy Policy applies only to personal data collected by Bailsec through the Website and the Services. It does not apply to:

• Third-party websites, tools, or services we link to;
• Information you publish on public blockchains (which is, by design, public and outside our control);
• Information clients share with their own end users on their own platforms.

You may access the Website from a desktop, laptop, mobile phone, tablet, or other connected device. This policy applies regardless of the device used.

3. What Personal Data We Collect

We collect personal data in two ways: directly from you, and automatically through your interaction with the Website.

3.1 Information You Provide Directly

• Contact and identification data: name, business email, company name, job title, country, and similar details when you reach out to us, request a quote, fill out a form, or sign an engagement.
• Engagement data: smart contract source code, repositories, technical specifications, threat models, and any related materials you submit for audit or review. To the extent these materials contain personal data of third parties, you confirm you have the right to share them with us.
• Communications: the contents of emails, chat messages, support tickets, scheduled call notes, and any feedback you send us.
• Recruitment data: if you apply for a role at Bailsec, we collect your name, contact information, CV/resume, LinkedIn profile, work history, education, and any additional information you provide as part of your application.
• Billing data: company billing details, VAT/tax identifiers, and payment references. We do not store full payment card numbers; payments are processed by third-party payment providers.

3.2 Information Collected Automatically

When you visit the Website, we (and our analytics providers) may automatically collect:

• IP address, approximate location, browser type and version, operating system, device type, and language preferences;
• Pages viewed, links clicked, time spent, and referring URLs;
• Session identifiers, cookies, and similar tracking technologies (see Section 12).

This information is generally non-identifying on its own, but may become personal data when combined with other information.

3.3 Information from Third Parties

In limited cases we may obtain information from public sources, including company websites, public registries, sanctions and PEP lists, professional networks (e.g., LinkedIn), and news media, primarily for due diligence, KYC, and to verify the legitimacy of prospective clients and engagements.

4. Why We Process Your Personal Data

We process personal data only for clearly defined purposes:

• Delivering the Services, including conducting audits, producing reports, communicating findings, and managing engagements.
• Verifying identity and complying with KYC/AML obligations, sanctions screening, and applicable financial-crime laws.
• Operating, securing, and improving the Website, including diagnostics, debugging, and protecting against abuse.
• Communicating with you, including responding to inquiries, sending engagement updates, and (where permitted) sharing relevant security insights or product updates.
• Marketing and business development, where lawful and based on legitimate interest or your consent. You can opt out at any time.
• Recruiting, including evaluating applications and contacting candidates.
• Legal, accounting, and regulatory compliance, including responding to lawful requests and keeping records required by law.
• Defending and exercising legal claims, where necessary to protect our rights, our clients, or third parties.

The same data may serve multiple purposes simultaneously.

5. Legal Bases for Processing (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Performance of a contract‚ Äî to deliver the Services you engaged us for, manage billing, and administer the engagement.
• Legitimate interests ‚Äî to operate, secure, and improve the Website and Services; conduct due diligence; perform direct marketing to existing clients; and protect our business. We carry out a balancing test before relying on this basis.
• Legal obligation ‚Äî to comply with applicable laws (e.g., tax, AML, sanctions, court orders).
• Consent ‚Äî for non-essential cookies, optional marketing communications, and any other case where consent is required. You can withdraw consent at any time without affecting the lawfulness of prior processing.

6. How We Collect Data

We collect personal data:

• Directly from you*, when you contact us, fill out forms, request a demo or quote, attend our events, sign an engagement, apply for a role, or otherwise interact with us;
• Automatically, through cookies, log files, and analytics tools when you browse the Website;
• Indirectly, from public sources, registries, partners, or referrals where lawful;
• From clients, when they share materials in connection with an engagement (which may incidentally contain personal data).

7. Who We Share Personal Data With

We do not sell personal data. We may share personal data with the following categories of recipients, only to the extent necessary:

• Service providers and processors* who help us operate the business ‚Äî for example, cloud hosting, secure code repositories, communication and ticketing tools, email and CRM platforms, analytics, billing and payment processors, and IT support
• Professional advisors*, such as lawyers, accountants, auditors, and insurers.
• KYC and identity verification providers*, where required.
• Government, regulators, and law enforcement*, when legally compelled or to protect rights, property, or safety.
• Successors in a corporate transaction*, such as a merger, acquisition, restructuring, or sale of assets ‚Äî in which case appropriate confidentiality safeguards will apply.
• Other parties with your consent or at your direction.

When we engage processors, we put written contracts in place requiring them to handle personal data in line with this Privacy Policy and applicable law, and to implement appropriate security measures.

8. International Data Transfers

Bailsec is based in Wyoming, USA. Some of our service providers may process personal data in other jurisdictions, including outside the EU/EEA, UK, or Switzerland. Where we transfer personal data internationally, we rely on appropriate safeguards, such as Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms.

You acknowledge that no method of internet transmission is fully secure. While we apply industry-standard protections, we cannot guarantee absolute security in transit.

9. Data Retention

We keep personal data only as long as we need it for the purposes described in this Privacy Policy:

• Website visitors: generally up to 24 months from your last interaction.
• Clients and engagements: for the duration of the engagement plus up to **10 years**, to comply with legal, tax, audit, professional liability, and recordkeeping obligations.
• Recruiting candidates: for the duration of the recruiting process, after which we delete or anonymize records, unless you have asked us to keep your application on file for future opportunities.
• Marketing contacts: until you opt out, after which we keep a minimal suppression record to honor your choice.

After the applicable retention period, we securely delete, destroy, or anonymize the data.

10. Data Security

We implement reasonable technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include access controls on a "need-to-know" basis, encryption in transit, vendor due diligence, internal policies, and ongoing review of our security posture.

That said, no system is impenetrable, and transmission of data over the internet always carries some level of risk. If a security incident affects your personal data, we will notify you and the relevant authorities where required by law.

11. Your Rights

Depending on where you live, you may have some or all of the following rights regarding your personal data:

• Right of access‚Äî request a copy of the personal data we hold about you.
• Right to rectification ‚Äî ask us to correct incomplete or inaccurate data.
• Right to erasure ‚Äî ask us to delete your personal data in certain circumstances.
• Right to restrict processing ‚Äî ask us to pause processing while a concern is investigated.
• Right to object ‚Äî object to processing based on legitimate interests, including direct marketing.
• Right to data portability*‚Äî receive certain data in a structured, machine-readable format.
• Right to withdraw consent‚Äî at any time, where processing is based on consent.
• Right to lodge a complaint with a supervisory authority in your jurisdiction.

To exercise any of these rights, contact us at office@bailsec.io. We may need to verify your identity before fulfilling the request, and we will respond within the timeframe required by applicable law (typically within 30 days, extendable where permitted).

11.1 California Residents (CCPA / CPRA)

If you are a California resident, you have the right to request:

• The categories and specific pieces of personal information we have collected about you;
• The categories of sources from which we collected the information;
• The business or commercial purposes for collecting the information;
• The categories of third parties with whom we shared the information;
• Deletion of personal information, subject to legal exceptions;
• Correction of inaccurate personal information;
• To opt out of the "sale" or "sharing" of personal information ‚Äî although Bailsec LLC does not sell personal information.

We will not discriminate against you for exercising your CCPA rights. To make a request, email office@bailsec.io*.

12. Cookies and Similar Technologies

The Website uses cookies and similar technologies (such as pixels and local storage) to operate, secure, and improve the user experience. Cookies are small files placed on your device that allow the Website to recognize your browser, remember preferences, and gather usage statistics.

We use:

• Strictly necessary cookies to make the Website work (e.g., authentication, load balancing, consent storage);
• Analytics cookies to understand how visitors interact with the Website;
• Functional cookies to remember preferences such as language;
• Marketing cookies (only with your consent, where required) to measure the effectiveness of campaigns.

You can manage cookies through our cookie banner and through your browser settings. Disabling certain cookies may affect Website functionality. For details, please see our separate Cookie Policy.

13. Third-Party Links

The Website may contain links to third-party sites, tools, or repositories (for example, GitHub, social networks, blockchain explorers). We are not responsible for the content, privacy practices, or security of those third-party services. Review their privacy policies before submitting any personal data.

14. Children's Privacy

The Website and Services are intended for business users and are not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us personal data, contact us at **office@bailsec.io** so we can delete it.

15. Anti-Spam and Marketing Communications

We comply with applicable anti-spam laws, including the U.S. CAN-SPAM Act. This means:

• We do not use false or misleading sender names or subject lines;
• Marketing emails identify Bailsec as the sender and include our physical address;
• Every marketing email includes an "unsubscribe" mechanism, which we honor promptly;
• You can also opt out at any time by emailing office@bailsec.io with the subject "Unsubscribe".

Opting out of marketing does not stop transactional or service-related communications (e.g., engagement updates, audit deliveries, security advisories).

16. Automated Decision-Making

We do not use your personal data to make decisions about you that produce legal or similarly significant effects through solely automated means.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The "Last Updated" date at the top indicates when the most recent revision took effect. Where changes are material, we will provide additional notice (for example, by email or a prominent banner on the Website). Please review this Privacy Policy periodically.

18. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of the State of Wyoming, United States of America, without regard to conflict-of-laws principles. The courts located in Wyoming, USA shall have exclusive jurisdiction over any dispute arising from or relating to this Privacy Policy, except where applicable mandatory consumer or data-protection laws grant you the right to bring proceedings in your country of residence.

19. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your personal data, please contact:

*Bailsec LLC

Email: office@bailsec.io

Website: https://bailsec.io

‍

Bailsec's Privacy policy

Bailsec LLC ("Bailsec", "we", "us", or "our") is a Wyoming, USA limited liability company that provides smart contract auditing, blockchain security review, and related advisory services. We respect your privacy and are committed to handling your personal data responsibly and in accordance with applicable data protection laws, including the EU General Data Protection Regulation ("GDPR"), the UK GDPR, and the California Consumer Privacy Act ("CCPA").

This Privacy Policy explains what personal data we collect when you visit bailsec.io (the "Website") or use our services (the "Services"), why we collect it, how we use, share, and protect it, and what rights you have. By using the Website or the Services, you agree to the practices described below.

1. Who We Are and How to Contact Us

This Privacy Policy is issued by Bailsec LLC. If you have questions about this policy, want to exercise your rights, or wish to lodge a privacy concern, you can reach us at:

• Email: office@bailsec.io
• Website: https://bailsec.io

For all privacy-related correspondence, please use the email above and clearly identify your request (for example, "Access Request" or "Deletion Request").

2. Scope of This Policy

This Privacy Policy applies only to personal data collected by Bailsec through the Website and the Services. It does not apply to:

• Third-party websites, tools, or services we link to;
• Information you publish on public blockchains (which is, by design, public and outside our control);
• Information clients share with their own end users on their own platforms.

You may access the Website from a desktop, laptop, mobile phone, tablet, or other connected device. This policy applies regardless of the device used.

3. What Personal Data We Collect

We collect personal data in two ways: directly from you, and automatically through your interaction with the Website.

3.1 Information You Provide Directly

• Contact and identification data: name, business email, company name, job title, country, and similar details when you reach out to us, request a quote, fill out a form, or sign an engagement.
• Engagement data: smart contract source code, repositories, technical specifications, threat models, and any related materials you submit for audit or review. To the extent these materials contain personal data of third parties, you confirm you have the right to share them with us.
• Communications: the contents of emails, chat messages, support tickets, scheduled call notes, and any feedback you send us.
• Recruitment data: if you apply for a role at Bailsec, we collect your name, contact information, CV/resume, LinkedIn profile, work history, education, and any additional information you provide as part of your application.
• Billing data: company billing details, VAT/tax identifiers, and payment references. We do not store full payment card numbers; payments are processed by third-party payment providers.

3.2 Information Collected Automatically

When you visit the Website, we (and our analytics providers) may automatically collect:

• IP address, approximate location, browser type and version, operating system, device type, and language preferences;
• Pages viewed, links clicked, time spent, and referring URLs;
• Session identifiers, cookies, and similar tracking technologies (see Section 12).

This information is generally non-identifying on its own, but may become personal data when combined with other information.

3.3 Information from Third Parties

In limited cases we may obtain information from public sources, including company websites, public registries, sanctions and PEP lists, professional networks (e.g., LinkedIn), and news media, primarily for due diligence, KYC, and to verify the legitimacy of prospective clients and engagements.

4. Why We Process Your Personal Data

We process personal data only for clearly defined purposes:

• Delivering the Services, including conducting audits, producing reports, communicating findings, and managing engagements.
• Verifying identity and complying with KYC/AML obligations, sanctions screening, and applicable financial-crime laws.
• Operating, securing, and improving the Website, including diagnostics, debugging, and protecting against abuse.
• Communicating with you, including responding to inquiries, sending engagement updates, and (where permitted) sharing relevant security insights or product updates.
• Marketing and business development, where lawful and based on legitimate interest or your consent. You can opt out at any time.
• Recruiting, including evaluating applications and contacting candidates.
• Legal, accounting, and regulatory compliance, including responding to lawful requests and keeping records required by law.
• Defending and exercising legal claims, where necessary to protect our rights, our clients, or third parties.

The same data may serve multiple purposes simultaneously.

5. Legal Bases for Processing (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Performance of a contract‚ Äî to deliver the Services you engaged us for, manage billing, and administer the engagement.
• Legitimate interests ‚Äî to operate, secure, and improve the Website and Services; conduct due diligence; perform direct marketing to existing clients; and protect our business. We carry out a balancing test before relying on this basis.
• Legal obligation ‚Äî to comply with applicable laws (e.g., tax, AML, sanctions, court orders).
• Consent ‚Äî for non-essential cookies, optional marketing communications, and any other case where consent is required. You can withdraw consent at any time without affecting the lawfulness of prior processing.

6. How We Collect Data

We collect personal data:

• Directly from you*, when you contact us, fill out forms, request a demo or quote, attend our events, sign an engagement, apply for a role, or otherwise interact with us;
• Automatically, through cookies, log files, and analytics tools when you browse the Website;
• Indirectly, from public sources, registries, partners, or referrals where lawful;
• From clients, when they share materials in connection with an engagement (which may incidentally contain personal data).

7. Who We Share Personal Data With

We do not sell personal data. We may share personal data with the following categories of recipients, only to the extent necessary:

• Service providers and processors* who help us operate the business ‚Äî for example, cloud hosting, secure code repositories, communication and ticketing tools, email and CRM platforms, analytics, billing and payment processors, and IT support
• Professional advisors*, such as lawyers, accountants, auditors, and insurers.
• KYC and identity verification providers*, where required.
• Government, regulators, and law enforcement*, when legally compelled or to protect rights, property, or safety.
• Successors in a corporate transaction*, such as a merger, acquisition, restructuring, or sale of assets ‚Äî in which case appropriate confidentiality safeguards will apply.
• Other parties with your consent or at your direction.

When we engage processors, we put written contracts in place requiring them to handle personal data in line with this Privacy Policy and applicable law, and to implement appropriate security measures.

8. International Data Transfers

Bailsec is based in Wyoming, USA. Some of our service providers may process personal data in other jurisdictions, including outside the EU/EEA, UK, or Switzerland. Where we transfer personal data internationally, we rely on appropriate safeguards, such as Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms.

You acknowledge that no method of internet transmission is fully secure. While we apply industry-standard protections, we cannot guarantee absolute security in transit.

9. Data Retention

We keep personal data only as long as we need it for the purposes described in this Privacy Policy:

• Website visitors: generally up to 24 months from your last interaction.
• Clients and engagements: for the duration of the engagement plus up to **10 years**, to comply with legal, tax, audit, professional liability, and recordkeeping obligations.
• Recruiting candidates: for the duration of the recruiting process, after which we delete or anonymize records, unless you have asked us to keep your application on file for future opportunities.
• Marketing contacts: until you opt out, after which we keep a minimal suppression record to honor your choice.

After the applicable retention period, we securely delete, destroy, or anonymize the data.

10. Data Security

We implement reasonable technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include access controls on a "need-to-know" basis, encryption in transit, vendor due diligence, internal policies, and ongoing review of our security posture.

That said, no system is impenetrable, and transmission of data over the internet always carries some level of risk. If a security incident affects your personal data, we will notify you and the relevant authorities where required by law.

11. Your Rights

Depending on where you live, you may have some or all of the following rights regarding your personal data:

• Right of access‚Äî request a copy of the personal data we hold about you.
• Right to rectification ‚Äî ask us to correct incomplete or inaccurate data.
• Right to erasure ‚Äî ask us to delete your personal data in certain circumstances.
• Right to restrict processing ‚Äî ask us to pause processing while a concern is investigated.
• Right to object ‚Äî object to processing based on legitimate interests, including direct marketing.
• Right to data portability*‚Äî receive certain data in a structured, machine-readable format.
• Right to withdraw consent‚Äî at any time, where processing is based on consent.
• Right to lodge a complaint with a supervisory authority in your jurisdiction.

To exercise any of these rights, contact us at office@bailsec.io. We may need to verify your identity before fulfilling the request, and we will respond within the timeframe required by applicable law (typically within 30 days, extendable where permitted).

11.1 California Residents (CCPA / CPRA)

If you are a California resident, you have the right to request:

• The categories and specific pieces of personal information we have collected about you;
• The categories of sources from which we collected the information;
• The business or commercial purposes for collecting the information;
• The categories of third parties with whom we shared the information;
• Deletion of personal information, subject to legal exceptions;
• Correction of inaccurate personal information;
• To opt out of the "sale" or "sharing" of personal information ‚Äî although Bailsec LLC does not sell personal information.

We will not discriminate against you for exercising your CCPA rights. To make a request, email office@bailsec.io*.

12. Cookies and Similar Technologies

The Website uses cookies and similar technologies (such as pixels and local storage) to operate, secure, and improve the user experience. Cookies are small files placed on your device that allow the Website to recognize your browser, remember preferences, and gather usage statistics.

We use:

• Strictly necessary cookies to make the Website work (e.g., authentication, load balancing, consent storage);
• Analytics cookies to understand how visitors interact with the Website;
• Functional cookies to remember preferences such as language;
• Marketing cookies (only with your consent, where required) to measure the effectiveness of campaigns.

You can manage cookies through our cookie banner and through your browser settings. Disabling certain cookies may affect Website functionality. For details, please see our separate Cookie Policy.

13. Third-Party Links

The Website may contain links to third-party sites, tools, or repositories (for example, GitHub, social networks, blockchain explorers). We are not responsible for the content, privacy practices, or security of those third-party services. Review their privacy policies before submitting any personal data.

14. Children's Privacy

The Website and Services are intended for business users and are not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us personal data, contact us at **office@bailsec.io** so we can delete it.

15. Anti-Spam and Marketing Communications

We comply with applicable anti-spam laws, including the U.S. CAN-SPAM Act. This means:

• We do not use false or misleading sender names or subject lines;
• Marketing emails identify Bailsec as the sender and include our physical address;
• Every marketing email includes an "unsubscribe" mechanism, which we honor promptly;
• You can also opt out at any time by emailing office@bailsec.io with the subject "Unsubscribe".

Opting out of marketing does not stop transactional or service-related communications (e.g., engagement updates, audit deliveries, security advisories).

16. Automated Decision-Making

We do not use your personal data to make decisions about you that produce legal or similarly significant effects through solely automated means.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The "Last Updated" date at the top indicates when the most recent revision took effect. Where changes are material, we will provide additional notice (for example, by email or a prominent banner on the Website). Please review this Privacy Policy periodically.

18. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of the State of Wyoming, United States of America, without regard to conflict-of-laws principles. The courts located in Wyoming, USA shall have exclusive jurisdiction over any dispute arising from or relating to this Privacy Policy, except where applicable mandatory consumer or data-protection laws grant you the right to bring proceedings in your country of residence.

19. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your personal data, please contact:

*Bailsec LLC

Email: office@bailsec.io

Website: https://bailsec.io

‍

Bailsec's Privacy policy

Bailsec LLC ("Bailsec", "we", "us", or "our") is a Wyoming, USA limited liability company that provides smart contract auditing, blockchain security review, and related advisory services. We respect your privacy and are committed to handling your personal data responsibly and in accordance with applicable data protection laws, including the EU General Data Protection Regulation ("GDPR"), the UK GDPR, and the California Consumer Privacy Act ("CCPA").

This Privacy Policy explains what personal data we collect when you visit bailsec.io (the "Website") or use our services (the "Services"), why we collect it, how we use, share, and protect it, and what rights you have. By using the Website or the Services, you agree to the practices described below.

1. Who We Are and How to Contact Us

This Privacy Policy is issued by Bailsec LLC. If you have questions about this policy, want to exercise your rights, or wish to lodge a privacy concern, you can reach us at:

• Email: office@bailsec.io
• Website: https://bailsec.io

For all privacy-related correspondence, please use the email above and clearly identify your request (for example, "Access Request" or "Deletion Request").

2. Scope of This Policy

This Privacy Policy applies only to personal data collected by Bailsec through the Website and the Services. It does not apply to:

• Third-party websites, tools, or services we link to;
• Information you publish on public blockchains (which is, by design, public and outside our control);
• Information clients share with their own end users on their own platforms.

You may access the Website from a desktop, laptop, mobile phone, tablet, or other connected device. This policy applies regardless of the device used.

3. What Personal Data We Collect

We collect personal data in two ways: directly from you, and automatically through your interaction with the Website.

3.1 Information You Provide Directly

• Contact and identification data: name, business email, company name, job title, country, and similar details when you reach out to us, request a quote, fill out a form, or sign an engagement.
• Engagement data: smart contract source code, repositories, technical specifications, threat models, and any related materials you submit for audit or review. To the extent these materials contain personal data of third parties, you confirm you have the right to share them with us.
• Communications: the contents of emails, chat messages, support tickets, scheduled call notes, and any feedback you send us.
• Recruitment data: if you apply for a role at Bailsec, we collect your name, contact information, CV/resume, LinkedIn profile, work history, education, and any additional information you provide as part of your application.
• Billing data: company billing details, VAT/tax identifiers, and payment references. We do not store full payment card numbers; payments are processed by third-party payment providers.

3.2 Information Collected Automatically

When you visit the Website, we (and our analytics providers) may automatically collect:

• IP address, approximate location, browser type and version, operating system, device type, and language preferences;
• Pages viewed, links clicked, time spent, and referring URLs;
• Session identifiers, cookies, and similar tracking technologies (see Section 12).

This information is generally non-identifying on its own, but may become personal data when combined with other information.

3.3 Information from Third Parties

In limited cases we may obtain information from public sources, including company websites, public registries, sanctions and PEP lists, professional networks (e.g., LinkedIn), and news media, primarily for due diligence, KYC, and to verify the legitimacy of prospective clients and engagements.

4. Why We Process Your Personal Data

We process personal data only for clearly defined purposes:

• Delivering the Services, including conducting audits, producing reports, communicating findings, and managing engagements.
• Verifying identity and complying with KYC/AML obligations, sanctions screening, and applicable financial-crime laws.
• Operating, securing, and improving the Website, including diagnostics, debugging, and protecting against abuse.
• Communicating with you, including responding to inquiries, sending engagement updates, and (where permitted) sharing relevant security insights or product updates.
• Marketing and business development, where lawful and based on legitimate interest or your consent. You can opt out at any time.
• Recruiting, including evaluating applications and contacting candidates.
• Legal, accounting, and regulatory compliance, including responding to lawful requests and keeping records required by law.
• Defending and exercising legal claims, where necessary to protect our rights, our clients, or third parties.

The same data may serve multiple purposes simultaneously.

5. Legal Bases for Processing (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Performance of a contract‚ Äî to deliver the Services you engaged us for, manage billing, and administer the engagement.
• Legitimate interests ‚Äî to operate, secure, and improve the Website and Services; conduct due diligence; perform direct marketing to existing clients; and protect our business. We carry out a balancing test before relying on this basis.
• Legal obligation ‚Äî to comply with applicable laws (e.g., tax, AML, sanctions, court orders).
• Consent ‚Äî for non-essential cookies, optional marketing communications, and any other case where consent is required. You can withdraw consent at any time without affecting the lawfulness of prior processing.

6. How We Collect Data

We collect personal data:

• Directly from you*, when you contact us, fill out forms, request a demo or quote, attend our events, sign an engagement, apply for a role, or otherwise interact with us;
• Automatically, through cookies, log files, and analytics tools when you browse the Website;
• Indirectly, from public sources, registries, partners, or referrals where lawful;
• From clients, when they share materials in connection with an engagement (which may incidentally contain personal data).

7. Who We Share Personal Data With

We do not sell personal data. We may share personal data with the following categories of recipients, only to the extent necessary:

• Service providers and processors* who help us operate the business ‚Äî for example, cloud hosting, secure code repositories, communication and ticketing tools, email and CRM platforms, analytics, billing and payment processors, and IT support
• Professional advisors*, such as lawyers, accountants, auditors, and insurers.
• KYC and identity verification providers*, where required.
• Government, regulators, and law enforcement*, when legally compelled or to protect rights, property, or safety.
• Successors in a corporate transaction*, such as a merger, acquisition, restructuring, or sale of assets ‚Äî in which case appropriate confidentiality safeguards will apply.
• Other parties with your consent or at your direction.

When we engage processors, we put written contracts in place requiring them to handle personal data in line with this Privacy Policy and applicable law, and to implement appropriate security measures.

8. International Data Transfers

Bailsec is based in Wyoming, USA. Some of our service providers may process personal data in other jurisdictions, including outside the EU/EEA, UK, or Switzerland. Where we transfer personal data internationally, we rely on appropriate safeguards, such as Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms.

You acknowledge that no method of internet transmission is fully secure. While we apply industry-standard protections, we cannot guarantee absolute security in transit.

9. Data Retention

We keep personal data only as long as we need it for the purposes described in this Privacy Policy:

• Website visitors: generally up to 24 months from your last interaction.
• Clients and engagements: for the duration of the engagement plus up to **10 years**, to comply with legal, tax, audit, professional liability, and recordkeeping obligations.
• Recruiting candidates: for the duration of the recruiting process, after which we delete or anonymize records, unless you have asked us to keep your application on file for future opportunities.
• Marketing contacts: until you opt out, after which we keep a minimal suppression record to honor your choice.

After the applicable retention period, we securely delete, destroy, or anonymize the data.

10. Data Security

We implement reasonable technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include access controls on a "need-to-know" basis, encryption in transit, vendor due diligence, internal policies, and ongoing review of our security posture.

That said, no system is impenetrable, and transmission of data over the internet always carries some level of risk. If a security incident affects your personal data, we will notify you and the relevant authorities where required by law.

11. Your Rights

Depending on where you live, you may have some or all of the following rights regarding your personal data:

• Right of access‚Äî request a copy of the personal data we hold about you.
• Right to rectification ‚Äî ask us to correct incomplete or inaccurate data.
• Right to erasure ‚Äî ask us to delete your personal data in certain circumstances.
• Right to restrict processing ‚Äî ask us to pause processing while a concern is investigated.
• Right to object ‚Äî object to processing based on legitimate interests, including direct marketing.
• Right to data portability*‚Äî receive certain data in a structured, machine-readable format.
• Right to withdraw consent‚Äî at any time, where processing is based on consent.
• Right to lodge a complaint with a supervisory authority in your jurisdiction.

To exercise any of these rights, contact us at office@bailsec.io. We may need to verify your identity before fulfilling the request, and we will respond within the timeframe required by applicable law (typically within 30 days, extendable where permitted).

11.1 California Residents (CCPA / CPRA)

If you are a California resident, you have the right to request:

• The categories and specific pieces of personal information we have collected about you;
• The categories of sources from which we collected the information;
• The business or commercial purposes for collecting the information;
• The categories of third parties with whom we shared the information;
• Deletion of personal information, subject to legal exceptions;
• Correction of inaccurate personal information;
• To opt out of the "sale" or "sharing" of personal information ‚Äî although Bailsec LLC does not sell personal information.

We will not discriminate against you for exercising your CCPA rights. To make a request, email office@bailsec.io*.

12. Cookies and Similar Technologies

The Website uses cookies and similar technologies (such as pixels and local storage) to operate, secure, and improve the user experience. Cookies are small files placed on your device that allow the Website to recognize your browser, remember preferences, and gather usage statistics.

We use:

• Strictly necessary cookies to make the Website work (e.g., authentication, load balancing, consent storage);
• Analytics cookies to understand how visitors interact with the Website;
• Functional cookies to remember preferences such as language;
• Marketing cookies (only with your consent, where required) to measure the effectiveness of campaigns.

You can manage cookies through our cookie banner and through your browser settings. Disabling certain cookies may affect Website functionality. For details, please see our separate Cookie Policy.

13. Third-Party Links

The Website may contain links to third-party sites, tools, or repositories (for example, GitHub, social networks, blockchain explorers). We are not responsible for the content, privacy practices, or security of those third-party services. Review their privacy policies before submitting any personal data.

14. Children's Privacy

The Website and Services are intended for business users and are not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us personal data, contact us at **office@bailsec.io** so we can delete it.

15. Anti-Spam and Marketing Communications

We comply with applicable anti-spam laws, including the U.S. CAN-SPAM Act. This means:

• We do not use false or misleading sender names or subject lines;
• Marketing emails identify Bailsec as the sender and include our physical address;
• Every marketing email includes an "unsubscribe" mechanism, which we honor promptly;
• You can also opt out at any time by emailing office@bailsec.io with the subject "Unsubscribe".

Opting out of marketing does not stop transactional or service-related communications (e.g., engagement updates, audit deliveries, security advisories).

16. Automated Decision-Making

We do not use your personal data to make decisions about you that produce legal or similarly significant effects through solely automated means.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The "Last Updated" date at the top indicates when the most recent revision took effect. Where changes are material, we will provide additional notice (for example, by email or a prominent banner on the Website). Please review this Privacy Policy periodically.

18. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of the State of Wyoming, United States of America, without regard to conflict-of-laws principles. The courts located in Wyoming, USA shall have exclusive jurisdiction over any dispute arising from or relating to this Privacy Policy, except where applicable mandatory consumer or data-protection laws grant you the right to bring proceedings in your country of residence.

19. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your personal data, please contact:

*Bailsec LLC

Email: office@bailsec.io

Website: https://bailsec.io

‍