HELEOS

Privacy Policy

Effective Date: January 1, 2026 - Last Updated: January 1, 2026

This document is effective as of the date above. This policy is subject to revision following formal legal review.

Heleos ("Heleos," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (heleos.com), interact with the Heleos blockchain network, or use any of our ecosystem platforms and services (collectively, the "Services").

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of the Services immediately.

1. Definitions

  • "Personal Information" means any information that identifies, relates to, or could reasonably be linked to you or your household.
  • "On-Chain Data" means data recorded on the Heleos blockchain, including transaction records, wallet addresses, staking positions, and governance votes.
  • "Off-Chain Data" means data stored on traditional servers and databases that is not recorded on the blockchain.
  • "Ecosystem Platforms" means the applications and services built on the Heleos network, including but not limited to Tilus, StableNow, EquityLayer, and any future platforms.
  • "OS" means the native token of the Heleos blockchain.

2. Information We Collect

2.1 Information You Provide Directly

  • Account and Identity Information: Name, email address, organization name, phone number, and other contact details provided through forms on our website or when establishing a partnership.
  • KYC/AML Information: When required by applicable law, we may collect government-issued identification, proof of address, tax identification numbers, and other identity verification documents.
  • Partnership and Business Information: Organization details, partnership type, business registration information, and correspondence related to institutional partnerships.
  • Communication Data: Information you provide when you contact us, submit inquiries, or participate in surveys or events.

2.2 Information Collected Automatically

  • Device and Browser Information: IP address, browser type and version, operating system, device identifiers, screen resolution, and language preferences.
  • Usage Data: Pages visited, time spent on pages, click patterns, referral sources, and navigation paths.
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to collect information about your interactions with our Services. See Section 9 (Cookie Policy) for details.
  • Log Data: Server logs that record requests made to our website, including timestamps, URLs, and response codes.

2.3 Information from Third Parties

  • Analytics Providers: We receive aggregated and individual analytics data from third-party services that help us understand how our Services are used.
  • Identity Verification Partners: When KYC/AML verification is required, we receive verification results from third-party identity verification providers.
  • Blockchain Analytics: We may use blockchain analytics services to monitor on-chain activity for compliance, fraud prevention, and network security purposes.
  • Business Partners: We may receive information about you from institutional partners, banking partners, or other organizations in the Heleos ecosystem.

2.4 On-Chain Data

The Heleos blockchain is a public, distributed ledger. Certain data associated with your use of the network is recorded on-chain and is publicly visible. This includes:

  • Wallet addresses
  • Transaction amounts and timestamps
  • Staking positions, delegation relationships, and reward distributions
  • Governance votes and proposal submissions
  • Smart contract interactions
Important: On-chain data is immutable by design. Once a transaction is confirmed on the Heleos blockchain, it cannot be modified or deleted. This is a fundamental property of blockchain technology, not a policy choice. We cannot fulfill deletion requests for on-chain data. See Section 7 for details on how this interacts with your privacy rights.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing and Maintaining Services: To operate the Heleos website, process partnership inquiries, and facilitate access to ecosystem platforms.
  • Identity Verification and Compliance: To comply with KYC/AML regulations, sanctions screening, and other legal obligations applicable to financial infrastructure providers.
  • Communication: To respond to your inquiries, send updates about the Heleos ecosystem, and provide information you have requested.
  • Network Security and Integrity: To monitor network health, detect fraud or abuse, enforce network rules, and maintain the security of the Heleos blockchain.
  • Analytics and Improvement: To understand how our Services are used, identify areas for improvement, and develop new features and services.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
  • Protection of Rights: To protect the rights, property, and safety of Heleos, our users, and the public.

4. Legal Bases for Processing (EEA/UK Users)

If you are located in the European Economic Area or United Kingdom, we process your Personal Information based on the following legal grounds:

  • Contractual Necessity: Processing necessary to perform our obligations under our Terms of Use or partnership agreements.
  • Legal Obligation: Processing necessary to comply with applicable laws, including KYC/AML requirements and financial regulations.
  • Legitimate Interests: Processing necessary for our legitimate business interests, including network security, fraud prevention, service improvement, and business operations, where these interests are not overridden by your fundamental rights.
  • Consent: Where we rely on your consent, you have the right to withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

5. How We Share Your Information

We do not sell your Personal Information. We share your information only in the following circumstances:

5.1 Service Providers

We engage trusted third-party companies and individuals to perform services on our behalf, including hosting, analytics, identity verification, customer support, and security monitoring. These providers are contractually obligated to protect your information and may only use it to provide services to us.

5.2 Ecosystem Partners

When you interact with Heleos ecosystem platforms (such as Tilus, StableNow, or EquityLayer), certain information may be shared with the operators of those platforms to facilitate your use of their services. Each ecosystem platform maintains its own privacy policy governing its use of your information.

5.3 Legal and Regulatory Requirements

We may disclose your information to law enforcement, government authorities, or other third parties when we believe in good faith that disclosure is necessary to:

  • Comply with applicable law, regulation, legal process, or enforceable governmental request
  • Enforce our Terms of Use or other agreements
  • Detect, prevent, or address fraud, security issues, or technical problems
  • Protect the rights, property, or safety of Heleos, our users, or the public

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or similar event, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

5.5 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

6. Data Retention

We retain your Personal Information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Account and Contact Information: Retained for the duration of our business relationship and for a reasonable period thereafter, or as required by applicable law.
  • KYC/AML Records: Retained for a minimum of five (5) years following the end of the business relationship, or longer as required by applicable financial regulations.
  • Communication Records: Retained for the duration necessary to resolve inquiries and for a reasonable period thereafter.
  • Analytics Data: Aggregated analytics data may be retained indefinitely. Individual-level analytics data is retained for no more than twenty-four (24) months.
  • On-Chain Data: On-chain data is permanent and cannot be deleted. See Section 2.4.

When information is no longer needed, we securely delete or anonymize it in accordance with our data retention procedures.

7. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your Personal Information:

7.1 General Rights

  • Access: Request a copy of the Personal Information we hold about you.
  • Correction: Request correction of inaccurate or incomplete Personal Information.
  • Deletion: Request deletion of your Personal Information, subject to legal retention requirements.
  • Portability: Request a copy of your data in a structured, commonly used, machine-readable format.
  • Objection: Object to processing of your Personal Information based on legitimate interests.
  • Restriction: Request that we restrict processing of your Personal Information under certain circumstances.

7.2 Blockchain Data Limitations

Due to the immutable nature of blockchain technology, we cannot modify or delete on-chain data, including transaction records, wallet addresses, staking positions, and governance votes. This is a technical limitation inherent to all blockchain networks. Where we maintain off-chain records that link your identity to on-chain data, we can delete those off-chain records upon request, which will disassociate your personal identity from your on-chain activity to the extent technically feasible.

7.3 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • Right to Know: The categories and specific pieces of Personal Information collected about you.
  • Right to Delete: Request deletion of your Personal Information, subject to exceptions.
  • Right to Opt-Out of Sale: We do not sell Personal Information. We do not share Personal Information for cross-context behavioral advertising.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights.

To exercise any of these rights, contact us at [email protected].

7.4 EEA/UK Residents (GDPR/UK GDPR)

If you are located in the European Economic Area or United Kingdom, you have the rights described in Section 7.1, as well as the right to lodge a complaint with your local data protection authority.

8. Security

We implement commercially reasonable technical and organizational measures to protect your Personal Information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and penetration testing
  • Employee training on data protection practices
  • Incident response procedures

No method of transmission over the Internet or method of electronic storage is completely secure. While we strive to protect your Personal Information, we cannot guarantee absolute security.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your use of our Services.

  • Strictly Necessary Cookies: Required for the operation of our website. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our website. We use these to improve our Services.
  • Preference Cookies: Remember your settings and preferences, such as theme selection.

You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our Services.

10. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your jurisdiction.

When we transfer Personal Information outside of the EEA, UK, or Switzerland, we implement appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure that your information receives an adequate level of protection.

11. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect Personal Information from children. If we learn that we have collected Personal Information from a child under 18, we will take steps to delete such information promptly. If you believe we have collected information from a child, please contact us at [email protected].

12. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access through our Services.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this page and, where required, by providing additional notice (such as posting a notice on our website or sending you a notification).

Your continued use of the Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about our data practices, please contact us:

Heleos Foundation
Email: [email protected]

For EEA/UK residents, you may also contact our data protection representative at [email protected].

Back to top