Olbos
Launch app

Privacy Policy

Last updated: June 5, 2026

This Privacy Policy describes how Olbos (“Olbos,” “we,” “us,” or “our”) collects, uses, discloses, and retains information in connection with the Olbos websites, dashboard, APIs, MCP server, and related services (collectively, the “Services”). By using the Services, you acknowledge the practices described in this Policy. Where consent is required by applicable law, your use of the Services following notice of this Policy constitutes such consent to the extent permitted.

1. Scope

This Policy applies to information processed by us in connection with the Services. It does not apply to third-party protocols, venues, wallets, websites, or services that you access through or alongside the Services, each of which is governed by its own privacy practices. Public blockchain networks are operated by third parties and are outside the scope of this Policy and outside our control.

2. Information We Collect

We collect the following categories of information:

  • On-chain and wallet information. Public wallet addresses, Smart Wallet configurations, Policy parameters, transaction signatures, and associated on-chain activity relating to your treasury. By the nature of public blockchains, such information is publicly available independently of us.
  • Operational and log information. API, SDK, and MCP request metadata (timestamps, endpoints, request identifiers, response codes), x402 payment references, IP addresses, user-agent strings, and diagnostic logs generated in the ordinary operation of the Services.
  • Contact information. Information you provide directly, such as an email address submitted when contacting us, requesting access, or subscribing to updates, together with the contents of your correspondence.
  • Aggregated information. Statistical information derived from usage of the Services that does not identify any individual (for example, total settlements processed).

3. Information We Do Not Collect

We do not collect, request, store, or have access to private keys, seed phrases, or session-key secret material. We do not knowingly collect government identifiers, biometric data, or special categories of personal data. We do not operate third-party advertising trackers on the Services, and we do not sell personal information.

4. How We Use Information

We process information for the following purposes:

  • to provide, operate, maintain, and secure the Services, including executing Policies and rendering the dashboard;
  • to meter, invoice, and settle usage over x402;
  • to monitor for, prevent, and investigate fraud, abuse, and security incidents;
  • to debug, test, and improve the Services;
  • to communicate with you regarding the Services, including responding to inquiries and providing material notices;
  • to comply with applicable law, legal process, and enforceable governmental requests; and
  • to compile aggregated, non-identifying statistics.

5. Legal Bases

Where the EU or UK General Data Protection Regulation applies, we process personal data on the following legal bases: performance of a contract (operating the Services you use); legitimate interests (securing and improving the Services, preventing abuse); compliance with legal obligations; and consent, where specifically requested. Where we rely on legitimate interests, we balance those interests against your rights and freedoms.

6. Disclosure of Information

We may disclose information:

  • to service providers performing functions on our behalf (for example, hosting, analytics limited to first-party operational metrics, and email delivery), bound by confidentiality obligations;
  • to comply with law, regulation, legal process, or enforceable governmental request, or to establish or defend legal claims;
  • to protect the rights, property, or safety of Olbos, our users, or the public, including enforcement of our Terms;
  • in connection with a merger, acquisition, financing, or sale of assets, subject to customary protections; and
  • in aggregated or de-identified form that cannot reasonably be used to identify you.

7. Retention

Audit-log entries relating to treasury activity are append-only by design and are retained for the life of the relevant treasury, as their durability is a core function of the Services. Operational logs are retained on a rolling basis measured in weeks and thereafter deleted or de-identified. Correspondence is retained for as long as reasonably necessary for the purpose for which it was provided. We may retain information longer where required by law or to resolve disputes.

8. Security

We employ technical and organizational measures appropriate to the risk, including transport encryption, scoped credentials, and the principle of least privilege. No method of transmission or storage is completely secure; we cannot and do not guarantee absolute security. The most consequential secrets in the system (your keys) are, by design, never in our possession.

9. International Transfers

The Services are operated from infrastructure that may be located in multiple jurisdictions. Where personal data is transferred across borders, we implement appropriate safeguards, such as standard contractual clauses, where required by applicable law.

10. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, or object to the processing of your personal data, to data portability, and to lodge a complaint with a supervisory authority. Note that information recorded on public blockchains is immutable by design and cannot be altered or deleted by us. To exercise any right, contact team@olbos.tech; we will respond within the period required by applicable law and may need to verify your identity.

11. Children

The Services are not directed to persons under the age of 18, and we do not knowingly collect personal data from them. If you believe a minor has provided personal data to us, contact team@olbos.tech and we will take appropriate steps to delete it.

12. Changes to this Policy

We may update this Policy from time to time. The amended Policy will be posted with a revised “Last updated” date, and material changes will be conspicuously indicated. Your continued use of the Services after the effective date of an amendment constitutes acknowledgment of the amended Policy.

13. Contact

Privacy inquiries may be directed to team@olbos.tech with the subject line “Privacy.”