Privacy Policy

MOONRUSH PRIVACY POLICY (EN)

This privacy notice for MoonRush Labs LLC (“MoonRush,” “Company,” “we,” “us,” or “our”) explains how and why we may collect, store, use, and/or share (“process”) your information when you use our services (“Services”), including our mobile application MoonRush (the “App”), our website at https://moonrush.space (the “Website”), and any other sites or services linking to this Privacy Policy.

By using our Services, you acknowledge you have read and understood this Privacy Policy.

1. WHAT INFORMATION DO WE COLLECT?

We collect personal information that you voluntarily provide to us, information collected automatically, and information we may receive from third parties (such as social login providers). We also interact with public blockchain data.

1.1 Personal Information You Provide

The personal information we collect depends on how you interact with our Services, the choices you make, and the features you use. This may include:

• Account information: email address, phone number (if provided), username/handle, profile photo/avatar, bio, and other profile details.
• Authentication information: one-time passcodes (OTP), login session tokens, or authentication state (we do not store your device Face ID/Touch ID biometrics; those are handled by your device OS).
• Support and communications: messages you send to our support team, bug reports, feedback, surveys, and any attachments you provide.
• Community and social content: posts, comments, reactions, follows, bookmarks, user-to-user messages (where enabled), and any content you submit or publish through the Services (“User Content”).
• Referral and rewards information (if applicable): referral codes, referral relationships, reward status, and anti-fraud signals related to reward eligibility.

1.2 Wallet and Blockchain-Related Information (Non-Custodial)

MoonRush is designed to be non-custodial. We do not collect or store your private keys or seed phrases.

However, depending on your usage, we may collect or process:

• Public wallet addresses you connect or use with the Services.
• Public blockchain transaction data (e.g., transaction hashes, token transfers, on-chain activity) that is inherently public on the relevant blockchain networks.
• Trade activity displayed in the social feed (which may be derived from public chain data and/or user-triggered sharing settings within the app).

Important: Blockchain data is generally public and immutable. Even if you delete your account, blockchain records may remain visible on-chain.

1.3 Information Automatically Collected

We automatically collect certain information when you visit, use, or navigate the Services. This does not necessarily reveal your specific identity but may include:

• Device and usage information: IP address, device type, device identifiers, operating system, app version, language settings, time zone, crash logs, performance metrics, and interaction events (e.g., screens viewed, taps, session duration).
• Log and security data: access times, pages/features used, error reports, security events, and suspected fraud signals.
• Approximate location: derived from IP address (city/region-level), used for security, compliance, and analytics.

1.4 Cookies and Similar Tracking Technologies (Website)

We may use cookies, web beacons, pixels, SDKs, and similar technologies to:

• keep you logged in,
• remember preferences,
• measure performance and analytics,
• prevent fraud and abuse.

You can manage cookies through your browser settings. Some features may not work properly if cookies are disabled.

1.5 Information Received from Third Parties

We may receive information from:

• Social login providers (e.g., Apple, Google, X) if you choose to use them for sign-in. This may include your name, email address, profile image, and other information you choose to share with that provider.
• Service providers that help us with analytics, security, fraud prevention, and infrastructure.

2. HOW DO WE PROCESS YOUR INFORMATION?

We process your information for purposes that depend on how you use our Services, including:

2.1 Account Creation, Authentication, and Management

• Create and manage user accounts
• Authenticate logins and maintain sessions
• Provide account recovery mechanisms (where applicable)
• Enforce our Terms, policies, and community guidelines

2.2 Provide and Improve the Services

• Deliver features such as social feed, discovery, profiles, and messaging (if enabled)
• Personalize content and improve relevance of trends and signals
• Maintain and improve reliability, performance, and user experience

2.3 Safety, Security, and Fraud Prevention

• Detect, prevent, and respond to fraud, abuse, impersonation, spam, bot activity, and security incidents
• Protect user accounts and the integrity of the community
• Enforce restrictions required by law or policy (e.g., sanctions, restricted jurisdictions, and other compliance controls)

2.4 Support and Communications

• Respond to questions, complaints, and support requests
• Send administrative messages about updates, security alerts, policy changes, and service notices

2.5 Analytics and Product Development

• Understand usage trends and feature adoption
• Diagnose crashes and fix bugs
• Conduct internal research, testing, and development

Analytics / Crash Reporting Provider: Firebase

2.6 Marketing and Promotions (Where Permitted)

• Communicate about new features, events, and promotions
• Measure effectiveness of campaigns

You may have options to opt out of marketing communications (where required by law).

2.7 Legal Obligations and Vital Interests

• Comply with legal requirements
• Protect someone’s vital interests where necessary to prevent harm

3. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

We may share your information in the following circumstances:

3.1 Service Providers

We may share information with vendors, contractors, and agents who provide services on our behalf (e.g., hosting, analytics, crash reporting, customer support, security monitoring, email delivery). These providers are authorized to use your information only as necessary to provide services to us and are contractually obligated to safeguard it.

3.2 Compliance, Legal Process, and Protection

We may disclose information if we believe disclosure is necessary to:

• comply with laws, regulations, legal process, or governmental requests;
• protect the rights, property, and safety of MoonRush, our users, or others;
• investigate and prevent fraud, security issues, or illegal activity.

3.3 Business Transfers

If we are involved in a merger, acquisition, restructuring, or sale of assets, your information may be transferred as part of that transaction, subject to applicable law and appropriate safeguards.

3.4 Public and Social Features

If you publish content, follow others, comment, react, or choose to share activity, that information may be visible to others consistent with the Service design and your settings.

3.5 We Do Not “Sell” Personal Information (General Statement)

We do not sell your personal information in the traditional sense. However, “sale” and “sharing” may have specific meanings under certain laws. See Section 10 for region-specific rights.

4. WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES AND SERVICES?

The Services may link to third-party websites, DApps, protocols, exchanges, social platforms, or other online services. We are not responsible for the privacy, security, or content practices of third parties. Your interactions with third-party services are governed by their own terms and privacy policies.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

Yes. We may use cookies and similar technologies on the Website and SDKs in the App for: authentication, analytics, security, and performance monitoring. Where required by law, we will obtain consent for certain cookies or tracking.

6. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

If you choose to register or log in via a social account (Apple, Google, X, etc.), we receive certain profile information from the provider. We use this information only for: authentication, account creation, and functions described in this Privacy Policy.

We do not control how social login providers use your data. Please review their privacy notices.

7. HOW DO WE KEEP YOUR INFORMATION SAFE?

We implement reasonable technical and organizational measures to protect your information. However, no electronic transmission or storage system can be guaranteed to be 100% secure. You use the Services at your own risk and should use a secure device and environment.

8. DO WE COLLECT INFORMATION FROM MINORS?

We do not knowingly collect information from or market to individuals under 18. If you believe a minor has provided us personal information, contact us at contact@moonrush.space and we will take appropriate steps to delete it, subject to legal requirements.

9. CONTROLS FOR DO-NOT-TRACK FEATURES

Most browsers and some mobile operating systems provide a Do-Not-Track (“DNT”) feature. There is no uniform standard for responding to DNT signals. We do not currently respond to DNT signals. If standards change, we may update this Policy.

10. REGION-SPECIFIC PRIVACY RIGHTS

10.1 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you may have rights to:

• know what personal information we collect, use, disclose;
• request deletion (subject to exceptions);
• request correction (where applicable);
• access your personal information;
• opt out of “sale” or “sharing” (as defined by law);
• limit use/disclosure of “sensitive personal information” (as defined by law);
• not be discriminated against for exercising rights.

How to exercise: email info@moonrush.space with “California Privacy Request” and include the email tied to your account.

Verification: We may request information to verify your identity and authority. We will only use verification data for verification purposes and will delete it when no longer needed.

Authorized agents: We may require proof of authorization.

10.2 Virginia Privacy Rights (VCDPA)

If you are a Virginia resident, you may have rights to:

• confirm processing,
• access, correct, delete,
• obtain a portable copy,
• opt out of targeted advertising, sale, or profiling in certain cases.

Response timeline: We respond within required timelines and provide appeal options where applicable.

10.3 EEA/UK (GDPR) Rights (If Applicable)

If you are in the EEA/UK, you may have rights to:

• access, rectify, erase,
• restrict or object to processing,
• data portability,
• withdraw consent (where processing is based on consent),
• lodge a complaint with a supervisory authority.

Legal bases may include: performance of a contract, legitimate interests, consent, and legal obligation.

10.4 Other Jurisdictions

Depending on your location (e.g., Brazil LGPD, Canada, Singapore, etc.), you may have similar rights. Contact info@moonrush.space.

11. DATA RETENTION

We retain personal information only as long as necessary for the purposes described in this Policy, including: account maintenance, providing Services, compliance and enforcement, security and fraud prevention, dispute resolution.

We may retain certain logs and security records for longer periods where needed for legitimate interests or legal obligations.

12. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your own. Where required, we implement safeguards for international transfers.

13. ACCOUNT DELETION AND YOUR CHOICES

You may be able to delete your account in-app (if implemented). Upon deletion request:

• we delete or de-identify personal information where required and feasible,
• we may retain certain data for legal, security, and fraud prevention purposes,
• blockchain data remains public and is not controlled by MoonRush.

14. DO WE MAKE UPDATES TO THIS NOTICE?

We may update this Privacy Policy from time to time. The updated version will be effective when posted with a revised date. For material changes, we may notify you via the App, Website, or email.

15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?