Privacy and Policy

Alph Network Data Privacy & Information Security Policy

Effective Date: January 1, 2026

Document Reference: DP-V.4.01-2026

1. Executive Summary & Data Controller

This Privacy Policy (the "Policy") outlines the protocols governing the collection, processing, and safeguarding of Personal Identifiable Information (PII) and Metadata by ALPH Network – Investor Portal (the "Data Controller"). This document ensures transparency regarding our interaction with your data during your participation in the ALPH Network (ALPH) ecosystem.

By engaging with our API, interface, or smart contracts, you consent to the processing of data as described herein.

2. Taxonomy of Collected Data

We categorize the data collected into the following distinct classifications:

  • Cryptographic & On-Chain Data: Public wallet addresses, transaction hashes, and smart contract interaction logs. Note: On-chain data is immutable and public by design.

  • Verification Credentials (KYC/B): Government-issued identification, biometric facial recognition hashes, and proof of residence, processed via encrypted secure-tunneling.

  • Systemic Metadata: IPv6 addresses, device fingerprints, browser entropy, and telemetry data utilized for DDoS mitigation and fraud detection.

  • Transactional Ledgering: Historical records of fiat-to-crypto on-ramping and ALPH distribution events.

3. Purpose of Processing (Legal Basis)

Data processing is conducted under the following legal frameworks:

  • Contractual Necessity: To execute token distributions and manage your digital asset ledger.

  • Regulatory Obligation: Compliance with Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) mandates.

  • Legitimate Interest: Optimizing platform UI/UX via anonymized heuristic analysis and securing the network against Sybil attacks.

4. Cryptographic Security & Data Retention

We employ a "Defense in Depth" strategy to ensure data integrity:

  • Encryption Standards: Data at rest is secured via AES-256 encryption; data in transit is protected via TLS 1.3 protocols.

  • Access Control: We utilize a Zero-Trust Architecture; internal access to sensitive PII is restricted to authorized personnel via Multi-Factor Authentication (MFA).

  • Retention Period: We retain PII only for the duration necessary to fulfill regulatory audit requirements (typically 5–7 years), after which data is subjected to secure cryptographic erasure.

5. KYC/AML Third-Party Integration

To maintain compliance, we may utilize decentralized or centralized Identity Providers (IDPs).

  • Data Minimization: We strive to utilize Zero-Knowledge Proof (ZKP) technology where possible to verify eligibility without storing sensitive underlying documents.

  • Sub-Processors: Third-party auditors are bound by Data Processing Agreements (DPA) that meet or exceed the security standards of this Policy.

6. Disclosure of Information

ALPH Network – Investor Portal maintains a strict No-Sale policy regarding user data. Disclosure is limited to:

  • Statutory Requirements: Compelled disclosure via valid judicial warrant or subpoena from recognized regulatory bodies.

  • Network Validators: Necessary broadcast of transaction data to the underlying blockchain protocol.

  • Infrastructure Partners: Cloud hosting (e.g., AWS, Google Cloud) and security firewalls.

7. User Data Sovereignty (Your Rights)

Subject to local jurisdiction (e.g., GDPR, CCPA), you possess the following rights:

  • Right of Portability: Request a machine-readable export of your data.

  • Right of Rectification: Amend inaccurate PII.

  • Right to Erasure ("Right to be Forgotten"): Request deletion of data, provided it does not conflict with statutory record-keeping requirements for financial transactions.

8. Technical Disclaimers

  • Blockchain Immutability: Users acknowledge that data written to the blockchain (e.g., ALPH transfers) is permanent and cannot be deleted or modified by ALPH Network – Investor Portal.

  • External Links: We are not responsible for the privacy hygiene of third-party dApps, hardware wallets, or exchange platforms linked via our ecosystem.

9. Policy Iteration

We reserve the right to update this Policy to align with emerging "Privacy by Design" standards. Significant architectural changes will be communicated via the platform dashboard or registered email.

10. Governance & Contact

For requests concerning Data Access (SAR) or to report a perceived vulnerability, contact our Data Protection Officer (DPO):

Contact: [email protected]

PGP Public Key: Available upon request for encrypted communication

© 2026 ALPH Network – Investor Portal. © 2026 ALPH Network. All rights reserved.