《Rainbow Privacy Policy》

Dear Users,

IRIS Foundation (or referred to as “Foundation", "we" or “us”) attaches great importance to the privacy protection of you (or referred to as “you” or “user”). When you use the products or services that we provide, we will collect, use, share and protect your personal information in accordance with this privacy policy (the “Policy”).

Before using this product ("Rainbow Wallet") and the services we provide, please read and fully understand the full content of this policy. The definition of keywords in this policy is consistent with IRIS Foundation's "Rainbow Wallet Service Agreement". By using Rainbow Wallet, which includes browsing, accessing our website and/or any product or service offered by us, you consent to the collection, use, sharing and protection of your personal information in accordance with this policy.

This policy can be updated by IRIS Foundation at any time. Once the updated policy is announced, it will replace the original policy. If you do not accept the revised terms, please stop using the products and services provided by us immediately. If you continue to use our services, we will deem it as accepting the revised policy. Once the revised policy is published on Rainbow Wallet, it will automatically take effect immediately.

1. What kind of information do we collect from you?

We collect the following information so as to provide you with Rainbow Wallet products and services and to continuously improve its quality , including but not limited to supporting our launch of Rainbow Wallet products, and in compliance with the laws and regulations of the country. Service-related marketing activities, improving existing product and service functions, and developing new products or services. And you do have to understand that if you do not provide the information that is required for our services, your service experience at Rainbow Wallet may be affected.

1.1 Identification information, including but not limited to your name, identification, mobile number, email address, biometrics, and wallet address, etc.

1.2 Technical information, including but not limited to your mobile device model, operating system version, IP address, etc.

1.3 Platform operation information, including but not limited to your transaction records, and operation records, etc.

1.4 Other personal information collected in accordance with the needs of our specific products and services, including but not limited to your opinions, suggestions and other information about us as well as our products or services.

1.5 In addition to the above, you understand that when you use certain features of Rainbow Wallet, we will give you special tips to collect more personal information from you before collecting your personal information. If you do not consent to it, you will be deemed as abandoning the specific features of Rainbow Wallet.

1.6 To the extent permitted by laws and regulations, we may collect and use your personal information in the following situations without your authorized consent:

(1) related to national security and national defense security;

(2)related to public safety, public health, and major public interests;

(3)related to criminal investigation, prosecution, trial and execution of judgments;

(4)The personal information collected is disclosed to the public by yourself;

(5)Collecting your personal information from legally publicly disclosed information, such as legitimate news reports, government information disclosure, etc.;

(6)necessary for the maintenance of safety and compliance of services, such as detection and handling of faults in products and services;

(7)Other circumstances as stipulated by laws and regulations.

You have to understand that when you create or import a wallet on Rainbow Wallet, your mnemonic, private key, password, and so on are stored only on your current mobile device and are not stored on our server. If you do not save or back up your wallet mnemonic, private key as well as other information and your mobile device is lost or damaged, your assets on the blockchain will be lost. We will not be able to recover it for you, and you would need to bear the corresponding losses. If you divulge information when you export, save or back up mnemonics, private keys, passwords, etc., or if the device or server where you save or back up the information is hacked or controlled, your assets on the blockchain will also be lost. Again, IRIS Foundation will not be able to recover it for you and you would have to bear the corresponding losses.

2. How do we collect your information?

The way we collect information is as follow:

2.1 You provide us with your information. We will collect whatever information that you provided to us when using our products and services, or when you provide us with feedback including but not limited to your name, mobile number, email address, etc.

2.2 We obtain information during your use of Rainbow Wallet or when you visit our website, including your IP address, mobile device information and your operating records of Rainbow Wallet;

2.3 We copy all or part of your transaction history through the blockchain system. However, the transaction records are subject to the records of the blockchain system.

3. How do we use your information?

The information we collect will primarily be used to improve the quality of our products and services. We will never rent, trade or sell your personal information without your prior consent. We will use or disclose your personal information for one or more of the following purposes:

3.1 When it is necessary to get in touch with you;

3.2 We will promptly send you important notices such as software updates, service agreements and changes to the terms of this policy;

3.3 To inform you about our products, services, marketing activities, etc.

3.4 We will process the feedback you submit to us by collecting your public wallet address and mobile device information that you provided;

3.5 We will collect your personal information for our internal audit, data analysis and research, etc., as well as to continuously improve our level of service;

3.6 According to the "Rainbow Wallet Service Agreement" and other relevant provisions of us, IRIS Foundation will use users information to manage and handle their usage behaviors;

3.7 Requirements for laws and regulations and cooperation with regulatory agencies;

3.8 Other reasonable purposes relating to the above purposes.

4. How do you manage your information?

You have the following autonomy over your personal information in Rainbow Wallet:

4.1 You can import other wallets into Rainbow Wallet, or import your Rainbow Wallet into another digital token management wallet. Rainbow Wallet will display the information imported into the wallet;

4.2 You understand that you can modify your digital token type, transfer, collection, etc. through the assets section;

4.3 You know that you can delegate, withdraw, etc. to the validators you specify through the "Delegation" section;

4.4 You know that in the “Me" section of Rainbow Wallet, you can view and modify your "Address Book" at any time in the "Address Book” section;

4.5 You acknowledge that when we collect information from you for a specific purpose, we will give you notice in advance. You reserved the right to opt out. But at the same time, you have to know that when you choose not to provide certain relevant information, this would mean that you are giving up on using the services of Rainbow Wallet.

4.6 You understand that both you and the Foundation have no control over whether or not your transaction records are made public, because it is open source on the blockchain trading system. Your transaction records are transparent throughout the blockchain system.

4.7 You have the right to request us to update, change, or delete your personal information.

4.8 You acknowledge that we may collect your information in accordance with article 1 of paragraph 6 of this policy without obtaining your authorization.

5. We may share or transmit your information.

5.1 The personal information collected and generated by IRIS Foundation within the territory of Hong Kong SAR will be stored on the servers within the territory of Hong Kong SAR. If we really need to transfer your personal information to overseas, we need your authorization beforehand and will conduct cross-border data transmission in accordance with the relevant laws, regulations and policies, and fulfill your confidentiality obligations for your personal information.

5.2 We will not share or transfer your personal information to any third party without your prior consent, except in the following cases:

(1) Obtain your explicit consent or authorization in advance;

(2) The personal information collected is disclosed to the public by yourself;

(3) The personal information collected is from legally publicly disclosed channels, such as legal news reports and government information disclosure channels;

(4) Shared with the affiliates of IRIS Foundation, we will only share the necessary user information and we are bound by the purposes stated in this privacy policy;

(5) Providing or enforcing this policy to protect the rights, property or rights of Foundation or other parties in accordance with applicable laws and regulations, legal procedures, requirements of the executive or the judiciary;

(6) When it comes to mergers and acquisitions, if it involves the transfer of personal information, we will require the recipient of personal information to continue to be bound by this policy;

(7) When we have reason to believe that you have violated one or more of the terms of this agreement and caused damage to the Foundation or a third party.

6. Information security

6.1 If we ceases to operate, it will stop collecting your personal information in a timely manner, and announce the notice of suspending its operation on Rainbow Wallet. On top of that, it will delete or anonymize your personal information held within a reasonable period of time.

6.2 To protect your personal information, we use physical and electronic security measures to keep your information secure and secure all connections to industry-standard transport layers.

6.3 We increase internal employee information security training, improve internal compliance, and securely protect your private information by setting secure access to relevant data.

7. Protection of minors

We are particularly sensitive to information that protects minors under the age of 18. Our services are not for minors, and we do not deliberately collect information from minors. If you are a parent or legal guardian of a minor child, we will represent you under the other provisions of this privacy policy. Any information provided to us by a child when using a trust wallet is considered personal information. We make the following special agreement on this:

7.1 Minors should use our related services under the guidance of their parents or guardians.

7.2 Parents and guardians of minors are advised to guide minors to use Rainbow Wallet under the guidance of this policy, the Rainbow Wallet Service Agreement and our other relevant rules.

7.3 Rainbow Wallet will protect the confidentiality and security of minors' personal information in accordance with the laws and regulations of the country or area you reside in.

8. Disclaimer

IRIS Foundation will take reasonable security measures to protect your personal information as far as possible under the state of the art to avoid disclosure, tampering or damage. We uses wireless transmission of data, so it could not ensure the privacy and security of data transmitted over a wireless network.

9. Others

9.1 If you are a user outside Hong Kong SAR, you need to fully understand and comply with all relevant laws, rules and regulations in your jurisdiction and the use of our services.

9.2 If you encounter any problems with the use of personal information during the use of our Services, you can provide us with feedback by sending an email to rainbow@irisnet.org.

9.3 You can view this policy and other Foundation service rules in Rainbow Wallet. We encourage you to review our service agreements and privacy policies each time you visit Rainbow Wallet.

9.4 Any translation of this policy is provided for convenience only and is not intended to be modified by the terms of this policy. If there is any inconsistency between a translation and the English version of this policy, the English version prevails.