GDPR Compliance

Data Controller and Contact Information

SEA MarketWatch (Secure Exchange Atlas) is operated by Kieran Ashdown and is the data controller for the processing of personal data described in this page.

Registered contact: Kieran Ashdown, 11410 Century Oaks Terrace, Austin, TX 78758, United States of America.

Email: [email protected]

Scope and Relationship to U.S. Law

This page explains how SEA MarketWatch complies with the EU General Data Protection Regulation (GDPR) when offering services to, or monitoring the behavior of, individuals located in the European Economic Area (EEA), the United Kingdom, and Switzerland, while operating under the laws of the United States of America. Where U.S. federal or state law provides additional or different requirements, we implement those requirements alongside GDPR to maintain a high standard of privacy protection. In the event of any material conflict, we will apply the framework that provides stronger protection for the individual, to the extent legally permissible.

Summary of Services

SEA MarketWatch (Secure Exchange Atlas) is a blockchain hub for coins, exchanges, airdrops, and crypto knowledge. We provide market data tracking, comparisons of fees and liquidity across exchanges, curated airdrop listings, project fundamentals and tokenomics, as well as educational content and security tips for DeFi, NFTs, and Web3 wallets. We may offer alerts and newsletters to help users stay informed.

Categories of Personal Data Processed

We may process the following categories of personal data, depending on your interactions with our services:

• Identification and contact data: name, username, email address, country/region, and communication preferences.
• Account and service data: saved watchlists, alert configurations, preferences, support requests, and feedback.
• Technical and usage data: IP address, device identifiers, browser and OS details, referral URLs, time stamps, page views, and interaction logs.
• Marketing and communications data: newsletter subscriptions, engagement metrics, and consent records.
• Financial-relation indicators: non-transactional metadata such as preferred exchanges or tokens of interest (we do not process payment card information on our systems unless expressly stated and necessary).
• On-chain identifiers: public blockchain addresses you provide or that are associated with your account for watchlist or alert purposes (these are pseudonymous but can be personal data if linkable to you).

Sources of Personal Data

We obtain personal data from the following sources:

• Directly from you when you create an account, subscribe to alerts or newsletters, submit forms, or contact support.
• Automatically through cookies and similar technologies when you access or use our services.
• From publicly available sources, including public blockchain ledgers and project documentation, to the extent needed for features you enable.
• From service providers acting on our behalf (e.g., analytics, email delivery, hosting), strictly under contract.

Purposes of Processing and Legal Bases

We process personal data for the purposes and under the legal bases set out below:

• Provision of services: to operate, maintain, and deliver market data, watchlists, alerts, and educational materials; Legal bases: performance of a contract and legitimate interests.
• Account management and support: to create and manage accounts, respond to inquiries, and provide troubleshooting; Legal bases: performance of a contract and legitimate interests.
• Personalization: to tailor content, alerts, and recommendations to your interests; Legal bases: consent (where required) and legitimate interests.
• Analytics and service improvement: to measure usage, improve features, and ensure reliability; Legal bases: consent (for non-essential cookies/trackers) and legitimate interests.
• Marketing communications: to send newsletters and updates; Legal bases: consent and legitimate interests (soft opt-in where lawful). You may opt out at any time.
• Security and fraud prevention: to detect, prevent, and investigate security incidents and abuse; Legal bases: legitimate interests and legal obligations.
• Compliance: to meet legal, regulatory, and tax obligations and to respond to lawful requests; Legal bases: legal obligations and legitimate interests.
• Business continuity: in the context of mergers, acquisitions, or asset transfers; Legal bases: legitimate interests.

Cookies and Similar Technologies

We use cookies, web beacons, and similar technologies to enable core site functionality, remember preferences, perform analytics, and support limited advertising or referral measurement. Non-essential cookies are used only with your consent where required by law. You can manage cookie preferences via your browser settings and, where available, a consent banner or cookie preferences tool accessible from our site footer.

On-Chain Data Considerations

Public blockchain data is immutable and globally distributed. Where our services reference on-chain addresses or transactions that you provide, we will treat any associated mapping to your identity as personal data and store that mapping off-chain. If you exercise rights such as erasure, we will delete or de-link off-chain mappings and cease further association, but we cannot alter or remove data stored on public blockchains.

Disclosures and Recipients

We disclose personal data only as necessary and under appropriate safeguards to:

• Service providers: hosting, cloud infrastructure, analytics, email delivery, customer support, and security partners.
• Affiliates and business partners: limited sharing for features you use (e.g., referral tracking) subject to contract and your choices.
• Legal and compliance recipients: government authorities, regulators, or advisors where required by law or to protect our rights.
• Business transfers: prospective or actual buyers, advisors, and counterparties in connection with corporate transactions.

We do not sell personal information for monetary consideration. Where U.S. state law treats certain analytics or advertising disclosures as a "sale" or "share," you may opt out as described in the U.S. State Privacy Notices section.

International Data Transfers

We are located in the United States. When transferring personal data from the EEA, UK, or Switzerland to the United States or other third countries, we rely on recognized transfer mechanisms, including the European Commission Standard Contractual Clauses and, where applicable, participation in relevant adequacy frameworks. We implement supplementary measures where necessary to protect your data.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this page, including to comply with legal, accounting, or reporting requirements. Typical retention periods are:

• Account data: for the life of the account and up to 36 months after closure, unless a longer period is required by law or necessary to resolve disputes.
• Technical logs: typically 12–24 months, subject to security and operational needs.
• Marketing data: until you unsubscribe or withdraw consent, plus a short period to maintain suppression lists.
• Cookie identifiers: per the cookie's configured lifespan or until you clear or reset cookies.

Security Measures

We maintain appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Measures include access controls, encryption in transit, segmented infrastructure, vulnerability management, and personnel training. We regularly review and improve our practices in line with risk. In the event of a personal data breach affecting individuals in the EEA/UK/Switzerland, we will notify the relevant supervisory authority and affected individuals as required by law.

Your Rights under GDPR

Subject to legal conditions and applicable exemptions, you have the following rights:

• Access: to obtain confirmation whether we process your data and receive a copy.
• Rectification: to correct inaccurate or incomplete data.
• Erasure: to request deletion of your data, including where it is no longer necessary for the purposes collected, subject to legal obligations and technical limitations on public blockchains.
• Restriction: to request we limit processing under certain circumstances.
• Portability: to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible.
• Objection: to object to processing based on legitimate interests, including profiling, and to direct marketing at any time.
• Withdrawal of consent: where processing is based on consent, you may withdraw consent at any time without affecting prior processing.
• Complaint: to lodge a complaint with a supervisory authority. We encourage you to contact us first so we may address your concerns promptly.

How to Exercise Your Rights

To exercise your rights, please contact us at [email protected] or by mail to Kieran Ashdown, 11410 Century Oaks Terrace, Austin, TX 78758, United States of America. Please specify the right you wish to exercise and provide sufficient information to verify your identity and locate your records. We may request additional information solely to verify and process your request. Authorized agents may submit requests on your behalf where permitted by law, subject to adequate proof of authorization and identity verification. We will respond without undue delay and within one month, extendable by two months where necessary due to complexity or number of requests, in which case you will be informed of the extension and reasons.

Automated Decision-Making and Profiling

We do not engage in automated decision-making that produces legal effects or similarly significant effects concerning you. We may use limited profiling to personalize content or alerts based on your preferences and activity; you may object to such processing as described above.

Children's Data

Our services are not directed to children under 16 years of age, and we do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us so we can take appropriate action.

U.S. State Privacy Notices

For residents of California, Virginia, Colorado, Connecticut, Utah, and other similar jurisdictions, applicable state laws may grant rights to know, access, correct, delete, and opt out of certain processing (including targeted advertising or the sale/share of personal information as defined by law). We honor these rights and apply consistent mechanisms alongside GDPR processes. To exercise these rights or submit an opt-out request, contact [email protected]. We will not discriminate against you for exercising your privacy rights.

Records of Processing and Accountability

We maintain internal records of our processing activities, assess vendors for appropriate safeguards, and implement data protection by design and by default, commensurate with the risks associated with our services.

Updates to This Page

We may update this page to reflect changes in our practices, technologies, or legal requirements. Material changes will be communicated through our services or by direct notice where appropriate. Your continued use of our services after an update signifies your acknowledgment of the updated terms.

Effective Date

This GDPR compliance page is effective as of the date it is published or last updated and applies to processing from that date forward. For prior versions, you may contact us at [email protected].