Back to Home

Privacy Policy

Knox Privacy Policy | Last Updated: 28 January 2026

This Privacy Notice (the “Policy”) explains how GasHawk, Inc. (“Knox Labs”, the “Company”, “we”, “us”, or “our”), together with independent contributors and infrastructure providers acting on its behalf, process limited technical and pseudonymous data when you access www.knox.finance or interact with any related front-end components that enable interaction with decentralized smart contracts (the “Interface”).

By accessing or using the Interface, you acknowledge that you have read and understood this Policy. If you do not agree, you should not use the Interface.

The Interface is fully non-custodial. We do not create user accounts, custody digital assets, request KYC documentation, or collect personal identity data.

For clarity, this Privacy Notice applies only to the Interface. It does not apply to the underlying Knox protocol or smart contracts, which are decentralized, autonomous, and deployed on public blockchain networks outside the control of Knox Labs. All onchain transactions and blockchain data are public, immutable, and not processed, controlled, or governed by this Policy.

1. Personal Data We Collect

We collect only limited categories of pseudonymous and technical data, including:

(a) Wallet data, such as public blockchain addresses, transaction metadata, and interactions with smart contracts via the Interface.

(b) Device and usage data, such as IP address, browser type and version, operating system information, timestamps, request headers, and error logs.

(c) Access-control data, such as high-level IP-derived location signals, network identifiers, autonomous system numbers, and wallet-screening results used solely to enforce sanctions, compliance, or geographic access restrictions.

(d) Support communications voluntarily provided by users via email or other contact methods.

(e) Aggregated or de-identified information that cannot reasonably identify any individual.

(f) Certain technical data, such as IP addresses, may be considered ‘personal data’ under some data-protection laws, even where the Company does not use such data to identify individuals.

We do not collect names, government-issued identification, precise geolocation data, biometric information, or other sensitive categories of personal data. This section also serves as a ‘Notice at Collection’ for purposes of the California Consumer Privacy Act, as amended.

2. Public Blockchain Transparency

Blockchain networks are public by design. Wallet addresses, transaction histories, balances, and smart-contract interactions are publicly visible and may be accessed, indexed, analyzed, or associated with other information by third parties.

The Company does not anonymize, obfuscate, or otherwise prevent third parties from viewing or analyzing public blockchain data. To the extent that a wallet address or transaction history can be linked to you by third parties, such linkage occurs independently of the Company and outside the scope of this Policy.

3. How We Use Technical Data

We use technical and pseudonymous data only for the following purposes:

Operate & Secure the Interface

To enable wallet connections, protect against abuse, and ensure availability and functionality.

Performance & Diagnostics

To monitor reliability, debug errors, and analyze high-level traffic patterns.

Compliance Controls

To apply geographic, sanctions-based, or regulatory restrictions as required by applicable law and the Terms of Use.

Support Responses

To respond to voluntary inquiries or communications submitted by users.

Aggregated Insights

To produce anonymized or non-identifiable data for research, transparency, or ecosystem analysis.

We do not sell personal data, conduct behavioral advertising, or engage in automated decision-making that produces legal or similarly significant effects.

3A. Purpose Limitation for Access-Control Data

IP address data, high-level location signals, wallet-screening results, and similar access-control information are processed solely for security, sanctions compliance, abuse prevention, and enforcement of access restrictions where required or reasonably necessary under applicable law.

Such data is not used for marketing, profiling, behavioral advertising, or personalization.

4. Legal Bases for Processing

We process technical and pseudonymous data in accordance with applicable U.S. federal and state laws, including the laws of the State of Delaware, as well as other applicable privacy and consumer-protection frameworks.

Where foreign data-protection laws apply to a particular user (including, where relevant, the General Data Protection Regulation (GDPR)), we rely on the following legal bases:

(a) providing technical access to the Interface;

(b) the Company’s legitimate interests, including security, fraud prevention, diagnostics, and service improvement;

(c) compliance with legal or regulatory obligations, including sanctions enforcement; and

(d) user consent, but only where explicitly provided for optional communications.

(e) The Company may process or store data in the United States or other jurisdictions where service providers are located. Where required by applicable law, the Company relies on appropriate safeguards, such as standard contractual clauses, to support such transfers.

5. Disclosure of Data

We may disclose limited data to the following categories of recipients:

Service Providers

Infrastructure, hosting, analytics, or security providers operating under confidentiality obligations.

Legal or Regulatory Authorities

Where required by applicable law, regulation, sanctions regimes, or court order.

Successor or Governance Entities

A future foundation, DAO, or governance focused entity may assume responsibility for the Interface.

With Your Consent

Any additional disclosure expressly authorized by you.

We may also share aggregated or anonymized information that cannot reasonably identify any individual.

5A. Third-Party Wallet Providers

The Interface enables connections to third-party self-custodial wallet providers (such as MetaMask, WalletConnect, or similar tools). These wallet providers operate independently of the Company and are governed by their own privacy policies and terms.

The Company does not control, monitor, or assume responsibility for the data-collection, storage, security, or privacy practices of any third-party wallet provider and disclaims all liability arising from their handling of personal data.

6. Cookies and Local Storage

The Interface may use minimal cookies or local storage strictly for technical and functional purposes, such as maintaining user preferences or enabling essential features.

These technologies are not used for advertising, cross-site tracking, behavioral profiling, or the sale of personal data. You may disable cookies through your browser settings, although certain Interface functions may not operate correctly.

The Interface does not respond to “Do Not Track” signals, consistent with prevailing U.S. privacy standards.

7. User Rights

User rights vary depending on applicable law. Knox Labs processes only limited technical and pseudonymous data, which often does not constitute “personal information” subject to access, deletion, or correction rights under U.S. state privacy laws.

Where foreign data-protection laws apply (including the GDPR), users may have certain rights with respect to personal data voluntarily provided to the Company, such as rights of access, rectification, erasure, restriction of processing, or withdrawal of consent where consent was the legal basis.

These rights apply only to data within the Company’s possession and control. They do not extend to blockchain addresses, transaction records, or on-chain data, which are public, immutable, and not controlled by the Company.

Requests may be submitted to [email protected]. We will assess and respond in accordance with applicable law.

7A. Exclusion of On-Chain Data from User Rights

User rights under applicable data-protection laws apply only to data that the Company can reasonably access and control.

Such rights do not extend to public blockchain data, including wallet addresses, transaction histories, balances, or smart-contract interactions, which are publicly available, immutable, and not controlled or processed by the Company.

8. Security

The Company implements commercially reasonable administrative, technical, and physical safeguards designed to protect the limited data processed through the Interface. These measures are appropriate to the non-custodial and pseudonymous nature of the Interface and may include encryption in transit, access controls, system monitoring, environment segregation, and periodic security reviews.

Knox Labs does not custody digital assets, access private keys, seed phrases, recovery credentials, or wallet passwords, and does not store authentication credentials.

Users are solely responsible for the security of their wallets, devices, and private keys. The Company makes no representations regarding the security of blockchain networks, smart contracts, or third-party wallets, which operate independently of the Interface.

9. Data Retention

We retain data only for periods reasonably necessary for operation, security, compliance, or legitimate business purposes.

  • Technical logs are generally retained for up to 30 days, unless longer retention is required for security, sanctions enforcement, or abuse prevention.

• Access-control records are retained only as long as necessary to enforce restrictions or meet legal obligations.

• Support communications may be retained for up to three years from the last interaction, or longer if required for legal or regulatory purposes.

• Aggregated or anonymized data may be retained indefinitely.

On-chain data is permanent, public, and outside the Company’s control.

10. Age Eligibility

The Interface is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 13, in accordance with the Children’s Online Privacy Protection Act (COPPA). If such information is identified, we will take reasonable steps to delete it.

11. Third-Party Wallets and External Links

The Interface may enable connections to third-party wallets, websites, or services. These operate independently of the Company or its subsidiaries and are governed by their own terms and privacy policies.

Knox Labs does not control or endorse third-party services and disclaims responsibility for their data-handling practices.

12. Transfer of Operator Entity

The Company may transfer operation of the Interface to a successor entity, including a foundation or governance structure. Any such entity will assume the role of operator, and continued use of the Interface constitutes acceptance of this Policy as transferred.

13. Changes to This Policy

We may update this Policy at any time. The “Last Updated” date reflects the current version. Continued use of the Interface after updates constitutes acceptance of the revised Policy.

14. Contact

For questions regarding this Policy or permitted data-related requests, contact:

[email protected]

Requests will be reviewed and handled in accordance with applicable law and the scope of data within the Company’s possession and control.