TCCA Privacy Policy

Effective Date: 10th of August, 2025
Last Updated: 10th of August, 2025

1. Introduction

This Privacy Policy explains how TCCA.dev (“we,” “our,” or “us”) collects, uses, discloses, and safeguards your information when you visit our website at https://tcca.dev (“Service”). This policy applies to all visitors, users, and others who access or use our Service.

2. Information We Collect

2.1 Information You Provide Directly

Account Information: Username, email address, password (hashed)
Profile Information: Display name, bio, profile picture, social media links
Communication Data: Messages, feedback, support requests
Transaction Information: Wallet addresses, transaction hashes (publicly available on blockchain)

2.2 Information Collected Automatically

Technical Information: IP address, browser type, device information, operating system
Usage Data: Pages visited, time spent, click patterns, referral sources
Cookies and Tracking Technologies: Session cookies, analytics cookies, preference cookies

2.3 Information from Third Parties

Blockchain Data: Publicly available transaction and wallet information
Social Media: Information from connected social media accounts (with your consent)
Analytics Providers: Aggregated usage statistics and demographics

3. How We Use Your Information

3.1 Primary Uses

Provide and maintain our Service
Process and facilitate NFT transactions
Authenticate users and prevent fraud
Communicate with you about our Service
Improve and optimize our Service
Comply with legal obligations

3.2 Marketing and Communications (with consent)

Send newsletters and updates about our NFT collections
Notify you about new features or promotions
Provide customer support and respond to inquiries

3.3 Legal Basis for Processing (GDPR)

Consent: Marketing communications, optional features
Contract Performance: Account management, transaction processing
Legitimate Interests: Service improvement, fraud prevention, analytics
Legal Compliance: Regulatory requirements, law enforcement requests

4. Information Sharing and Disclosure

4.1 We Do Not Sell Your Personal Information

We do not sell, trade, or rent your personal information to third parties for monetary consideration.

4.2 Service Providers

We may share information with trusted third-party service providers who assist us in:

Website hosting and maintenance
Payment processing
Email communications
Analytics and performance monitoring
Customer support

4.3 Legal Requirements

We may disclose your information when required by law or to:

Comply with legal processes or government requests
Protect our rights, property, or safety
Prevent fraud or security threats
Enforce our Terms of Service

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4.5 Blockchain Transparency

Blockchain transactions are inherently public. Transaction data, wallet addresses, and NFT ownership information are permanently recorded on public blockchains.

5. International Data Transfers

5.1 Cross-Border Processing

Your information may be processed in countries other than your country of residence. We ensure adequate protection through:

Standard Contractual Clauses (SCCs)
Adequacy decisions by the European Commission
Other appropriate safeguards as required by applicable law

5.2 GDPR Protections

For users in the European Economic Area (EEA), we comply with GDPR requirements for international transfers.

6. Data Security

6.1 Security Measures

We implement appropriate technical and organizational measures to protect your information:

Encryption in transit and at rest
Access controls and authentication
Regular security audits and monitoring
Employee training on data protection

6.2 Limitation of Security

No method of transmission or storage is 100% secure. We cannot guarantee absolute security of your information.

7. Your Rights and Choices

7.1 GDPR Rights (EEA Users)

Access: Request copies of your personal information
Rectification: Correct inaccurate or incomplete information
Erasure: Request deletion of your personal information
Portability: Receive your information in a portable format
Restriction: Limit how we process your information
Objection: Object to processing based on legitimate interests
Withdraw Consent: Revoke consent for consent-based processing

7.2 California Privacy Rights (CCPA/CPRA)

California residents have additional rights including:

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of sale/sharing of personal information
Right to non-discrimination for exercising privacy rights

7.3 General Rights (All Users)

Update account information
Unsubscribe from marketing communications
Disable cookies through browser settings
Request information about our data practices

7.4 Exercising Your Rights

To exercise your rights, contact us at [privacy email]. We will respond within the timeframes required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

Essential Cookies: Necessary for basic website functionality
Analytics Cookies: Help us understand how users interact with our Service
Preference Cookies: Remember your settings and preferences
Marketing Cookies: Used for targeted advertising (with consent)

8.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

8.3 Third-Party Analytics

We use services like Google Analytics to understand user behavior. These services may use cookies and collect information according to their own privacy policies.

9. Data Retention

9.1 Retention Periods

Account Data: Retained while your account is active and for up to 7 years after deletion
Transaction Data: Permanently stored on blockchain networks
Analytics Data: Aggregated data retained for up to 2 years
Marketing Data: Until you unsubscribe or object

9.2 Legal Requirements

We may retain information longer when required by law or for legitimate business purposes such as fraud prevention.

10. Children’s Privacy

Our Service is not intended for children under 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If we learn we have collected information from a child, we will delete it promptly.

11. Third-Party Links and Services

Our Service may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

12. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. We will notify you of material changes by:

Posting the updated policy on our website
Sending email notifications (for significant changes)
Displaying prominent notices on our Service

13. Contact Information

13.1 General Privacy Questions

Email: devteam@tcca.dev
Website: https://tcca.dev

13.2 Data Protection Officer (if applicable)

For GDPR-related inquiries:
DPO Email: devteam@tcca.dev

13.3 EU Representative (if applicable)

If we do not have an establishment in the EU but process EU personal data:
EU Representative: devteam@tcca.dev

14. Regional Specific Information

14.1 European Economic Area (EEA)

Legal basis for processing as outlined in Section 3.3
Your rights under GDPR as outlined in Section 7.1
Our commitment to Privacy Shield principles (if applicable)

14.2 California, United States

We do not sell personal information as defined by CCPA
Your California Consumer Privacy Act rights as outlined in Section 7.2
Shine the Light law disclosures available upon request

14.3 Other Jurisdictions

We comply with applicable privacy laws in all jurisdictions where we operate. If you have specific questions about privacy rights in your region, please contact us.

This Privacy Policy is effective as of the date first written above and was last updated on 10th of August, 2025. By using our Service, you acknowledge that you have read and understood this Privacy Policy.