Privacy Policy
Last updated: March, 2025
Welcome to puccaworld.com ("Site," "we," "us," or "our"). Your privacy is important to us, and this Privacy Policy explains how we collect, use, store, and protect your personal information when you visit or interact with our Site.
1. Information We Collect
We may collect different types of information from you when you visit or interact with our Site. The information collected may include the following:
1.1 Automatically Collected Information
When you access our Site, we may automatically gather certain data related to your device and browsing behavior. This may include:
Your IP address, browser type, operating system, and language preferences.
Device-specific information, such as screen resolution, device model, and operating system version.
Data regarding your usage of the Site, including the pages you visit, the amount of time spent on each page, and referral sources, such as search engines or external links that directed you to our Site.
Cookies and tracking technologies (refer to Section 6 for more details on how these are used), which help us track user behavior on our Site and improve your experience.
1.2 Information You Provide
When you interact with our Site, you may provide us with:
Your name, email address, and contact details, which may be provided when subscribing to our newsletter, creating an account, or contacting us for support.
Payment information (such as billing details), which we collect if you make purchases through our Site. This may include credit/debit card information, billing address, or other payment methods, depending on the nature of the transaction.
Wallet addresses and other blockchain-related information, particularly when engaging with Web3-based services, if applicable.
Information shared during participation in events, promotions, surveys, or customer support requests, which may include feedback, preferences, or any other data you choose to provide.
1.3 Information Collected by Third Parties
In addition to the information you directly provide, we may receive data from third-party sources to enhance our services and user experience. This information may include:
Third-party applications
If you link or log in to our Site via third-party services (such as Google, Facebook, or other platforms), we may receive personal data including your profile information, friends list, activity data, and other details, based on the privacy settings you have selected on those platforms.
Our Site may use third-party tools like Google Analytics to track your browsing behavior, including IP address, pages visited, interactions with features, and time spent on the Site. This data helps us improve our offerings and analyze user trends. Google may store this data on servers located in the United States and may share it with other third parties as necessary for legal obligations or processing purposes.
Analytics services
If you connect external devices to interact with our services, we may collect additional data, including device logs, event-related information, and other technical details to facilitate these interactions.
Smart devices
2. How We Use Your Information
We collect, use, and process your personal information for various lawful purposes, ensuring that our services remain functional, secure, and optimized for user experience. Specifically, we may use your information for the following purposes:
Providing, maintaining, and enhancing our services
We process your personal data to ensure the proper functioning of our Site, deliver requested services, and improve overall performance. This includes troubleshooting technical issues, conducting software updates, refining user interfaces, and optimizing content delivery. We may also use aggregated and anonymized data to conduct research and develop new features that enhance user engagement and accessibility.
Your contact details may be used to facilitate communication, including responding to inquiries, resolving disputes, processing transactions, and providing general customer support. We may also send administrative notices, service announcements, security alerts, and policy updates. Marketing communications, newsletters, and promotional materials will only be sent if you have explicitly opted in. You may withdraw your consent at any time by adjusting your communication preferences.
Communication and customer support
We collect and analyze data to detect, investigate, and mitigate fraudulent activities, unauthorized transactions, and security threats. This includes monitoring suspicious login attempts, preventing identity theft, restricting unauthorized access to user accounts, and ensuring compliance with applicable data protection and cybersecurity laws. We may also process personal information to enforce our Terms & Conditions, investigate potential violations, or cooperate with law enforcement authorities in cases of legal or regulatory inquiries.
Security, fraud prevention, and legal compliance
If you engage with blockchain-based services on our Site, we may process your public wallet address and on-chain transaction history to facilitate decentralized interactions, execute smart contract functionalities, verify digital asset ownership, and support Web3 authentication mechanisms. Due to the immutable nature of blockchain technology, certain data recorded on public ledgers may be permanent and beyond our ability to alter or delete. Users are advised to exercise caution when transacting on blockchain networks, as data transparency is inherent to their design.
Facilitating Web3 and blockchain-based interactions
We use various analytics tools to understand user behavior, track website usage trends, and evaluate the effectiveness of marketing campaigns. This may involve third-party service providers such as Google Analytics, Meta Pixel, or similar tools that collect and process data related to user interactions, demographics, engagement metrics, and referral sources. We use these insights to personalize user experiences, improve content recommendations, and optimize advertising strategies. Where required by law, we will seek user consent before implementing certain tracking technologies.
Marketing, analytics, and performance tracking
3. Sharing of Your Information
We respect your privacy and do not sell or trade your personal information. However, in certain circumstances, we may share your information with third parties to facilitate our services, comply with legal obligations, or ensure the security and integrity of our platform. Specifically, we may share your information in the following instances:
Service providers and third-party processors
We may engage third-party vendors, contractors, and service providers to assist in delivering various functionalities, including but not limited to cloud hosting, data storage, cybersecurity, fraud detection, payment processing, customer support, analytics, and digital marketing. These third parties are contractually obligated to process your personal information solely for the purposes specified by us and in compliance with applicable data protection laws. Where required, we implement data processing agreements to ensure the confidentiality and security of your information.
We may disclose your personal information when required to do so by law, subpoena, court order, or other legal process. This includes responding to governmental or regulatory requests, cooperating with law enforcement investigations, enforcing our Terms & Conditions, protecting our legal rights, or preventing fraud, security breaches, and illegal activities. If permitted, we will notify you of any such disclosures unless prohibited by law.
Legal authorities, regulatory bodies, and compliance requirements
In the event of a merger, acquisition, sale of assets, restructuring, bankruptcy, or similar corporate transaction, your personal information may be transferred as part of the company’s business assets. We will take reasonable steps to ensure that any acquiring entity or successor honors this Privacy Policy and provides you with notice of any material changes in how your data is handled.
Business transfers, mergers, and corporate transactions
If you engage with blockchain-based services through our platform, certain information, such as your public wallet address, transaction details, and smart contract interactions, may be recorded on a public blockchain ledger. Due to the decentralized and immutable nature of blockchain technology, this data is publicly accessible, cannot be altered or erased, and may be permanently visible to other network participants. We advise users to exercise caution when sharing personal data in Web3 environments, as blockchain transactions lack traditional privacy protections.
Blockchain networks and decentralized technologies
4. Security of Your Information
We employ industry-leading security measures, technologies, and best practices to safeguard your personal information from unauthorized access, alteration, disclosure, or destruction. These security measures include, but are not limited to, encryption protocols, multi-factor authentication, intrusion detection systems, firewalls, access controls, and regular security audits to ensure the integrity and confidentiality of your data.
Data encryption and secure storage
We utilize advanced encryption standards (AES) and secure socket layer (SSL) technology to encrypt data during transmission and storage, minimizing the risk of interception or unauthorized access. Sensitive data is stored in hardened security environments with restricted access, ensuring that only authorized personnel with a legitimate need can handle such information.
We enforce strict access control mechanisms, including multi-factor authentication (MFA), role-based access controls (RBAC), and least privilege principles, to limit exposure of your data to unauthorized parties. Employees, contractors, and third-party service providers handling personal data are subject to confidentiality agreements and undergo security training to mitigate risks.
Access controls and authentication
Our systems are continuously monitored for suspicious activity, potential vulnerabilities, and security threats. We employ intrusion detection systems (IDS) and threat intelligence tools to identify and mitigate risks proactively. In the event of a security breach, we have a comprehensive incident response plan in place to investigate, contain, and resolve the issue promptly. If legally required, we will notify affected users and regulatory authorities of any data breaches.
Threat monitoring and incident response
While we implement robust security measures, no internet transmission or storage system is entirely immune to cyber threats. We strongly encourage users to take additional precautions, such as using strong, unique passwords, enabling multi-factor authentication (MFA), being cautious with phishing attempts, and avoiding the sharing of sensitive information over unsecured networks. Users engaging with Web3 technologies should also exercise caution, as blockchain transactions are public, irreversible, and inherently less private than traditional financial systems.
User responsibility and security awareness
5. Your Rights & Choices
Under the Personal Data Protection Act 2012 (PDPA) and other applicable laws, you may have the following rights regarding your personal data:
Right to Access and Correct Your Personal Data
You have the right to request access to the personal data we hold about you and to seek corrections to any inaccuracies. Such requests must be made in writing and may be subject to a reasonable administrative fee as permitted by law. We will process such requests in accordance with the PDPA and respond within a reasonable timeframe.
Where we rely on your consent to process personal data, you may withdraw your consent at any time by providing us with reasonable notice. Upon receiving your request, we will inform you of the consequences of your withdrawal, which may include our inability to continue providing certain services. Withdrawal of consent does not affect the lawfulness of processing based on consent given before withdrawal.
Right to Withdraw Consent
You may opt out of receiving marketing messages, newsletters, or promotional materials by following the unsubscribe instructions provided in such communications or by contacting us directly. However, service-related messages essential to your use of our services, such as account notifications or security alerts, will still be sent.
Right to Object to Direct Marketing Communications
You may request that we restrict the processing of your personal data in certain circumstances, such as during ongoing investigations or legal disputes. However, this right does not apply where processing is necessary for legal or regulatory compliance.
Right to Restrict Processing for Specific Purposes
You may configure your browser settings to disable cookies or other tracking technologies at any time. However, certain functionalities of our Site may be affected if you choose to restrict these technologies. Further details on how we use cookies can be found in Section 6 of this Privacy Policy.
Right to Manage Cookies and Tracking Technologies
To make a request regarding your rights under the PDPA, please contact our Data Protection Officer (DPO) using the details provided in this Privacy Policy. We may require verification of your identity before processing any request, to protect your data security. If we are unable to fulfill your request, we will provide you with an explanation in accordance with the PDPA.
Exercising Your Rights
6. Cookies & Tracking Technologies
Our Site utilizes cookies and other tracking technologies to enhance user experience, personalize content, analyze website traffic, and improve our services. These technologies may include, but are not limited to, session cookies, persistent cookies, web beacons, tracking pixels, and other similar technologies that collect information about your browsing behavior, preferences, and interactions with our Site. By using our Site, you consent to the deployment of such tracking technologies unless you choose to disable them. You retain control over the use of cookies and may modify your browser settings to refuse or restrict certain types of cookies. However, disabling cookies may impact your ability to access certain features or functionalities of the Site. For further details on how we use cookies and how you can manage your preferences, please refer to our Cookie Policy (if applicable).
7. Web3 & Blockchain Notice
If you engage with blockchain-based services through our Site, please be aware of the following:
By using blockchain-based services on our Site, you acknowledge and accept the inherent risks and characteristics of blockchain technology, including the permanent and transparent nature of blockchain transactions.
Transactions conducted on a blockchain are immutable and permanently recorded on a decentralized public ledger. Once a transaction is confirmed, it cannot be altered, reversed, or deleted. You should exercise caution when initiating blockchain transactions, as they are final and irreversible.
Blockchain wallet addresses are pseudonymous but publicly accessible. While a wallet address does not inherently reveal your personal identity, transaction histories linked to wallet addresses are publicly visible and traceable on the blockchain. If you associate your wallet address with your identity in any way, such as by sharing it publicly, it may become possible for third parties to link your identity to your blockchain transactions.
We do not own, operate, or control any third-party blockchain networks, protocols, or smart contracts. As a result, we have no ability to modify, delete, or reverse transactions recorded on the blockchain. Additionally, we do not have control over the security, reliability, or availability of blockchain networks and are not responsible for any disruptions, vulnerabilities, or failures that may occur within such networks.
8. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to comply with legal, regulatory, tax, accounting, or reporting obligations, as well as to resolve disputes and enforce our agreements.
Once data is no longer required for any of the above purposes, we will take appropriate steps to ensure it is securely deleted, anonymized, or otherwise disposed of in accordance with applicable laws and industry best practices.
Legal and Compliance Requirements
Certain information may be retained for a prescribed period as required under applicable laws, regulations, or legal proceedings. We will ensure compliance with relevant data retention laws before permanently deleting any data.
We may retain your information to support ongoing business operations, improve our services, maintain security, prevent fraud, or conduct analytics. Data that is no longer necessary for these purposes will be securely deleted or anonymized.
Operational and Business Purposes
If you request the deletion of your personal information, we will assess and comply with your request where legally permissible. However, certain data may be retained where required by law, to protect our legitimate interests, or to fulfill outstanding contractual obligations.
Data Deletion Requests
9. Privacy of Minors
Our Site is not intended for individuals under the age of 18, and we do not knowingly collect, process, or store personal information from minors.
If you believe we have collected data from a minor, please contact us at the details provided in the "Contact Us" section, and we will take appropriate action to address the issue.
Age Verification
We make reasonable efforts to ensure that our Site is not accessed by individuals under the age of 18. We do not knowingly market our services to children, and we do not intentionally collect data from users who we know to be under 18.
If we become aware that we have inadvertently collected personal information from a minor under the age of 18, we will take immediate steps to delete such information from our records.
Actions Upon Discover
In the event that we do allow the collection of personal information from children under 18 in specific cases where permitted by law, we will obtain verifiable parental consent before collecting such information.
Parental Consent
10. International Data Transfers
Scope of Transfers
Your personal data may be transferred to and processed in countries outside of your own, including those with differing or less stringent data protection laws. This could occur due to our use of global servers, third-party service providers, or business operations in multiple regions.
We ensure compliance with applicable data protection laws by implementing appropriate safeguards for cross-border transfers.These may include standard contractual clauses (SCCs) approved by regulatory bodies, binding corporate rules (BCRs), or other legally recognized mechanisms to maintain data security and privacy standards equivalent to those in your jurisdiction.
Protection Measures
11. Data Breach Notification
In the event of a personal data breach, we will promptly notify the relevant supervisory authority, typically within 72 hours of discovery, unless the breach is deemed low-risk and unlikely to affect your rights. This ensures compliance with legal obligations and facilitates a coordinated response. If a breach poses a high risk to your rights and freedoms (e.g., identity theft, financial harm, or significant privacy violations), we will inform you without unnecessary delay. Our response process includes:
This structured approach ensures transparency, accountability, and continuous improvement in data protection practices.
Identification & Assessment - Determining the nature, scope, and severity of the breach.
Containment & Mitigation - Taking immediate action to limit damage and secure affected systems.
Authority Communication - Reporting to regulators in accordance with legal requirements.
User Communication - Providing clear and timely information to affected individuals when necessary.
Preventive Review - Analyzing the incident to strengthen security measures and prevent recurrence.
12. Changes to This Privacy Policy
We reserve the right to update, modify, or amend this Privacy Policy from time to time in order to reflect changes in our practices, legal obligations, or technological advancements.
It is your responsibility to review this Privacy Policy periodically to stay informed about how we are protecting your information.
Notification of Changes - Any changes to this Privacy Policy will be posted on this page, with the "Last updated" date at the top indicating the most recent revision.
Communication of Significant Updates - In the event of material changes to the terms of this Privacy Policy, we will make reasonable efforts to notify you via email or through Site notifications, ensuring that you are aware of any substantial modifications.
Your Continued Use - By continuing to use our Site after any updates to this Privacy Policy, you acknowledge and agree to the revised terms. If you do not agree with the changes, you should discontinue use of our Site and services.
13. Contact Us
If you have any questions about this Privacy Policy, you may contact us at:
Email: contact@puccaworld.com
Website: www.puccaworld.com
