Privacy Policy

This Privacy Policy explains what information we collect, how we use it, and what rights you have in relation to it when you use the Neural Liquidity Orchestrator ("NLO", the "Service"). As a non-custodial DeFi platform, our data collection is minimal by design.

Last updated: 28 April 2026 · Version 1.0

Minimal data collection by design. NLO is a non-custodial platform. We do not require accounts, passwords, names, email addresses, or phone numbers. The primary identifier used by the Service is your public wallet address — a pseudonymous identifier that you control. We cannot link your wallet address to your real-world identity.

Contents

Information we collect
How we use information
Blockchain data
Cookies & analytics
Data storage & security
Third-party services
Children's privacy
International users
Your rights
Changes to this policy
Contact

1. Information we collect

"Foundation", "we", "us" and "our" refer to L1X Stiftung, c/o Sielva Management SA, Gubelstrasse 11, CH-6300 Zug, Switzerland. "You" refers to any person or entity that accesses or uses the Service.

NLO is designed to minimise data collection. We do not collect personal information in the traditional sense — no names, email addresses, phone numbers, physical addresses, dates of birth, or government-issued identifiers. We do not require you to create an account or provide a password.

1.1 Wallet addresses

When you connect a cryptocurrency wallet (such as MetaMask or another Web3-compatible wallet) to the Service, we receive your public wallet address. This is necessary for the Service to display your portfolio, execute transactions you initiate, and provide liquidity management functionality. Wallet addresses are pseudonymous — they do not inherently reveal your real-world identity.

1.2 Transaction data

When you interact with the Service, our API endpoints process data related to your transactions, including deposit and withdrawal amounts, vault interactions, strategy selections, and associated blockchain transaction hashes. This data is necessary to operate the Service and is also independently recorded on public blockchains.

1.3 Technical data

When you access the Service through our web portal, iOS app (xNLO), Android app, or Chrome extension (X_Wallet), we may automatically collect:

IP address (anonymised where technically feasible)
Browser type and version
Operating system and device type
Referring URL and pages visited
Timestamps of access
Screen resolution and viewport size

This technical data is collected through standard web server logs and analytics tools and is used in aggregate to improve the Service. It is not linked to your wallet address.

1.4 Information we do NOT collect

Real names or legal identities
Email addresses or phone numbers
Physical or mailing addresses
Government-issued identification numbers
Financial account details (bank accounts, credit cards)
Private keys, seed phrases, or wallet passwords
Biometric data

2. How we use information

We use the limited information we collect for the following purposes:

Providing the Service. Displaying your portfolio, processing vault interactions, and executing the liquidity management strategies you select.
Improving the Service. Analysing aggregate usage patterns to optimise performance, fix bugs, and develop new features.
Security and integrity. Detecting and preventing abuse, fraud, and technical issues, including monitoring for anomalous transaction patterns and potential smart-contract exploits.
Compliance. Meeting any applicable legal or regulatory obligations, including responding to lawful requests from authorities where required by Swiss law.
Analytics. Understanding how users interact with the Service in aggregate to guide product decisions.

We do not sell, rent, or trade any user data to third parties. We do not use your data for targeted advertising. We do not build personal profiles linked to real-world identities.

3. Blockchain data

Public by nature. All transactions on the Arbitrum, Optimism, Base, and Ethereum blockchains are inherently public and immutable. This is a fundamental property of blockchain technology, not a choice made by the Foundation.

When you interact with the Service, your transactions are recorded on public blockchains. This means:

Your wallet address, transaction amounts, and interaction history with NLO smart contracts are permanently and publicly visible on-chain.
Anyone with access to a blockchain explorer can view this data.
The Foundation has no ability to delete, modify, or restrict access to on-chain data.
Even if you stop using the Service, your historical on-chain transactions remain publicly accessible.

We encourage you to consider this inherent transparency when using the Service. If privacy is a concern, consider using a wallet address that is not publicly associated with your real-world identity.

4. Cookies and analytics

4.1 Google Analytics

The NLO website uses Google Analytics (measurement ID: G-2ZCX4VPE8H) to collect anonymous usage statistics. Google Analytics uses cookies to help analyse how users interact with the website. The information generated by the cookie about your use of the website is transmitted to and stored by Google on servers that may be located outside of Switzerland.

We have configured Google Analytics with the following privacy-preserving settings:

IP anonymisation is enabled
Data sharing with Google products is disabled where possible
Advertising features are not enabled
Data retention is set to the minimum period

You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on, or by configuring your browser to block cookies from google-analytics.com.

4.2 Essential cookies

The Service may set strictly necessary cookies to maintain your session state (such as your connected wallet address and preferred network). These are essential for the Service to function and cannot be disabled without impairing functionality.

4.3 No tracking cookies

Beyond Google Analytics and essential session cookies, the Service does not use advertising cookies, social-media tracking pixels, fingerprinting scripts, or any other cross-site tracking technology.

5. Data storage and security

Off-chain data (such as server logs and analytics) is stored on secure infrastructure with industry-standard safeguards, including:

Encryption of data in transit (TLS/HTTPS)
Access controls limiting data access to authorised personnel
Regular security reviews of infrastructure
Minimal data retention periods — server logs are rotated and purged on a regular schedule

On-chain data (wallet addresses, transaction records) is stored on public blockchains and is secured by the consensus mechanisms of those networks. The Foundation does not control and is not responsible for the security of blockchain networks themselves.

No method of electronic transmission or storage is 100% secure. While we strive to use commercially reasonable means to protect your information, we cannot guarantee absolute security.

6. Third-party services

The Service interacts with or relies upon the following categories of third-party services, each of which has its own privacy practices:

Blockchain networks. Arbitrum, Optimism, Base, and Ethereum — all transactions are publicly recorded on these networks.
Wallet providers. MetaMask and other Web3 wallets you use to connect to the Service. We do not receive or store any data beyond your public wallet address from these providers.
Analytics. Google Analytics, as described in Section 4.
Infrastructure providers. Cloud hosting, CDN, and RPC node providers that process technical data (such as IP addresses) to deliver the Service.
Decentralised exchanges and protocols. Third-party DeFi protocols with which the Service interacts on your behalf when executing strategies.

We encourage you to review the privacy policies of any third-party services you interact with through the Service. The Foundation is not responsible for the privacy practices of third parties.

7. Children's privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect information from children. Since the Service does not collect personal information such as names or ages, we have no practical means of verifying a user's age. If you believe a child under 18 is using the Service, please contact us at connect@nlo.finance.

8. International users

The Foundation is established in Switzerland. If you access the Service from outside Switzerland, you acknowledge that your technical data (such as IP address) may be transferred to and processed in Switzerland or other jurisdictions where our infrastructure providers operate.

Switzerland is recognised by the European Commission as providing an adequate level of data protection. For transfers to other jurisdictions, we rely on standard contractual clauses or other appropriate safeguards where required.

8.1 European Economic Area (EEA) and UK users

If you are located in the EEA or UK, our legal basis for processing the limited data we collect is:

Legitimate interest — to operate and improve the Service, and to ensure its security and integrity.
Consent — for non-essential cookies (Google Analytics), which you may withdraw at any time by adjusting your browser settings or using the opt-out mechanisms described in Section 4.
Legal obligation — where we are required to process data to comply with applicable law.

8.2 Swiss data protection

The Foundation processes data in accordance with the Swiss Federal Act on Data Protection (FADP) and its implementing ordinances. Given the pseudonymous nature of wallet addresses and the minimal data we collect, the scope of personal data processing under the FADP is limited.

9. Your rights

Depending on your jurisdiction, you may have the following rights regarding data that qualifies as personal data under applicable law:

Access. Request confirmation of whether we process your personal data and obtain a copy of it.
Rectification. Request correction of inaccurate data.
Erasure. Request deletion of your personal data, subject to legal retention obligations.
Restriction. Request that we limit the processing of your data in certain circumstances.
Portability. Receive your data in a structured, machine-readable format.
Objection. Object to data processing based on legitimate interest.
Withdrawal of consent. Withdraw consent for non-essential data processing at any time.

To exercise any of these rights, contact us at connect@nlo.finance. We will respond within the timeframe required by applicable law (typically 30 days).

Limitations for on-chain data. We cannot modify or delete data recorded on public blockchains. Blockchain transactions are immutable by design. Your rights under data protection law apply only to off-chain data that the Foundation controls.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be communicated through a notice on the Service.

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of those changes. We encourage you to review this Privacy Policy periodically.

11. Contact

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, you may contact us at:

L1X Stiftung
c/o Sielva Management SA
Gubelstrasse 11
CH-6300 Zug
Switzerland
connect@nlo.finance