Hypercall Privacy Policy

1. Introduction

This Privacy Policy explains how Synapse Foundation, its applicable affiliates, successors, designees, governance-authorized parties, and service providers, collectively Hypercall, we, us, or our, collect, use, disclose, store, and otherwise process information in connection with the Hypercall website-hosted application, APIs, interfaces, market data services, RFQ systems, order-entry systems, account interfaces, support channels, community channels, developer tools, and related services that link to this Privacy Policy, collectively, the Services.

Distributed Systems LTD (DSML) and other vendors, contractors, contributors, delegates, affiliates, infrastructure providers, data processors, or service providers may process information for or in connection with Synapse Foundation, $SYN token governance, governance-authorized parties, the Services, the Application, or the Protocol. Except where expressly stated otherwise, DSML acts as a vendor or service provider and not as the primary entity responsible for this Privacy Policy.

This Privacy Policy applies when you visit a Hypercall website, connect a wallet, use the Application, use an API, submit or cancel orders, request or accept quotes, use RFQ functionality, authorize an agent, use a session key, interact with support, participate in rewards or incentive programs, or otherwise interact with the Services.

By using the Services, you acknowledge this Privacy Policy. If you do not agree with this Privacy Policy, you must not use the Services.

2. Information we collect

We may collect information directly from you, automatically from your device or usage of the Services, from blockchain networks, from public sources, from service providers, from counterparties or market participants, and from other third parties.

2.1 Information you provide

We may collect information you provide to us, including:

  1. email address;
  2. name, entity name, role, or business contact information;
  3. Telegram handle, Discord username, X/Twitter handle, GitHub username, or other social or messaging identifiers;
  4. support requests, feedback, bug reports, incident reports, dispute communications, and other messages you send us;
  5. onboarding responses, eligibility attestations, jurisdictional attestations, sanctions attestations, sophistication representations, or other compliance information;
  6. market-maker, builder, liquidity provider, affiliate, referral, trading competition, grants, rewards, or incentives information;
  7. any other information you choose to provide.

2.2 Wallet, account, trading, and blockchain information

We may collect information related to wallets, accounts, subaccounts, blockchain activity, and trading activity, including:

  1. wallet addresses, public keys, account addresses, subaccount identifiers, agent addresses, session-key identifiers, API key metadata, and delegated signer metadata;
  2. wallet connection events, signatures, signed messages, nonces, authorizations, approvals, revocations, and authentication events;
  3. deposits, withdrawals, transfers, collateral movements, smart contract interactions, transaction hashes, block numbers, timestamps, chain identifiers, gas data, and other public blockchain data;
  4. order history, order submissions, order amendments, order cancellations, time-in-force settings, client order IDs, fills, executions, partial fills, rejected orders, failed orders, and related metadata;
  5. RFQ requests, RFQ responses, quote history, quote accepts, quote expiries, quote-provider activity, package legs, auto-accept parameters, auction results, and counterparty or liquidity-provider metadata;
  6. positions, balances, collateral, account equity, margin mode, initial margin, maintenance margin, available capital, portfolio-margin calculations, scenario results, Greeks, marks, theoretical values, implied volatility data, liquidation status, liquidation history, auction details, settlement history, expiry data, and risk metrics;
  7. market data access logs, API logs, WebSocket usage logs, rate-limit events, error logs, latency data, and endpoint usage;
  8. blockchain analytics data, wallet-screening results, sanctions-screening results, transaction-monitoring data, market-surveillance data, fraud-risk signals, and compliance-review notes.

2.3 Device, network, and usage information

We may automatically collect information when you access or use the Services, including:

  1. IP address;
  2. approximate geolocation derived from IP address or other technical signals;
  3. device type, browser type, operating system, language settings, time zone, device identifiers, mobile carrier, internet service provider, screen size, and system configuration;
  4. referring URLs, pages viewed, links clicked, session events, feature usage, search queries, user flows, timestamps, and analytics events;
  5. cookie identifiers, local storage identifiers, pixels, software development kit identifiers, and similar tracking technologies;
  6. crash logs, performance logs, server logs, security logs, debug logs, diagnostics, and error reports;
  7. VPN, proxy, relay, remote desktop, automation, bot, emulator, suspicious-device, or anonymization indicators.

2.4 Information from third parties

We may receive information from third parties, including:

  1. blockchain networks, indexers, RPC providers, block explorers, and analytics providers;
  2. wallet providers, wallet-connect providers, infrastructure providers, API providers, market data providers, oracle providers, and execution-related service providers;
  3. geolocation providers, VPN/proxy detection providers, fraud-prevention providers, sanctions-screening providers, wallet-screening providers, transaction-monitoring providers, and market-surveillance providers;
  4. market makers, quote providers, liquidity providers, builders, affiliates, counterparties, liquidators, and other market participants;
  5. cloud hosting providers, database providers, analytics providers, logging providers, monitoring providers, customer-support tools, communications tools, and security providers;
  6. law enforcement, regulators, courts, governmental authorities, professional advisers, auditors, and compliance advisers;
  7. public sources, social platforms, community forums, GitHub, Discord, X/Twitter, Telegram, and other websites or services.

2.5 Information we do not want

We do not ask for your seed phrase or private keys. You must never provide us with your seed phrase or private keys. If you disclose your seed phrase or private keys to anyone, you may lose control of your wallet and assets.

We do not intentionally collect sensitive personal information unless required or appropriate for a specific legal, compliance, security, support, or dispute-resolution purpose. If you provide sensitive information voluntarily, we may process it as needed for the purpose for which you provided it or as otherwise permitted by law.

3. How we use information

We may use information for the following purposes:

  1. to provide, operate, maintain, administer, and improve the Services;
  2. to enable wallet connection, authentication, account views, order submission, order cancellation, RFQ functionality, quote-provider functionality, API access, WebSocket access, agent authorization, session-key functionality, market data, and support;
  3. to process, validate, route, reject, cancel, review, monitor, or otherwise administer orders, RFQs, quotes, fills, positions, collateral, withdrawals, deposits, settlements, liquidations, margin checks, and account activity;
  4. to calculate, display, monitor, or audit balances, positions, margin, liquidation risk, settlement values, marks, Greeks, implied volatility, risk metrics, fees, rebates, rewards, points, builder-code attribution, and incentives;
  5. to assess eligibility, jurisdictional restrictions, sanctions risk, wallet risk, source-of-funds risk, VPN/proxy use, restricted-person status, and compliance requirements;
  6. to conduct blockchain analytics, wallet screening, sanctions screening, transaction monitoring, fraud prevention, market surveillance, market-integrity review, security review, risk review, liquidation review, settlement review, RFQ review, mistrade review, erroneous-transaction review, and compliance review;
  7. to detect, prevent, investigate, and respond to fraud, manipulation, wash trading, self-trading, artificial volume, oracle manipulation, settlement manipulation, liquidation manipulation, rewards abuse, sanctions evasion, security incidents, misuse of the Services, breaches of the Terms of Use or Trading Rules, and unlawful activity;
  8. to apply access restrictions, geoblocking, wallet restrictions, API restrictions, rate limits, risk controls, market-integrity controls, security controls, or compliance controls;
  9. to provide customer support, respond to inquiries, troubleshoot bugs, investigate incidents, communicate administrative information, and send service notices;
  10. to administer trading competitions, rewards, incentives, referral programs, builder codes, market-maker programs, grants, campaigns, and related eligibility or anti-abuse checks;
  11. to analyze usage trends, performance, reliability, product experience, feature adoption, market quality, liquidity, API behavior, and operational issues;
  12. to develop, test, train, debug, secure, and improve systems, models, risk engines, market-data systems, monitoring systems, APIs, documentation, and user interfaces;
  13. to enforce the Terms of Use, Trading Rules, API rules, data usage rules, market-maker rules, and other policies;
  14. to comply with legal obligations, regulatory requests, court orders, sanctions obligations, law-enforcement requests, tax obligations, audit obligations, and dispute-resolution obligations;
  15. to exercise, establish, or defend legal rights;
  16. to complete business transactions, financings, restructurings, mergers, acquisitions, asset sales, assignments, or similar transactions;
  17. for any other purpose disclosed to you or permitted by law.

4. Legal bases for processing

Where a legal basis is required, we may process information based on one or more of the following grounds:

  1. Contract: to provide the Services and perform our Terms of Use and Trading Rules;
  2. Legitimate interests: to operate, secure, improve, monitor, and protect the Services; prevent fraud and market abuse; administer markets; support users; enforce rules; and conduct business operations;
  3. Legal obligations: to comply with law, sanctions, regulatory requests, court orders, audits, tax obligations, and similar requirements;
  4. Consent: where we ask for and receive your consent, including for certain cookies, marketing, or optional features where required;
  5. Vital interests or public interest: where necessary to protect safety, prevent harm, or support investigations, if applicable.

5. How we share information

We may share information with the following categories of recipients:

  1. Synapse Foundation, DSML, affiliates, subsidiaries, related entities, successors, assigns, designees, governance-authorized parties, vendors, contractors, delegates, and other service providers;
  2. cloud hosting providers, infrastructure providers, database providers, logging providers, performance monitoring providers, analytics providers, security providers, and communications providers;
  3. wallet infrastructure providers, wallet-connect providers, RPC providers, blockchain indexers, oracle providers, market-data providers, API infrastructure providers, and developer tool providers;
  4. blockchain analytics providers, wallet-screening providers, sanctions-screening providers, geolocation providers, VPN/proxy detection providers, fraud-prevention providers, transaction-monitoring providers, and market-surveillance providers;
  5. customer-support providers, bug-reporting tools, CRM tools, community-management tools, email providers, messaging tools, and feedback tools;
  6. market makers, quote providers, liquidity providers, builders, affiliates, counterparties, liquidators, and other market participants, where needed to operate RFQs, orderbooks, auctions, liquidity programs, builder programs, incentives, settlement, liquidation, or other Services;
  7. professional advisers, lawyers, compliance advisers, auditors, accountants, insurers, banks, and consultants;
  8. regulators, courts, governmental authorities, law enforcement, dispute-resolution bodies, and other authorities where we believe disclosure is required or appropriate;
  9. counterparties to a merger, acquisition, financing, reorganization, bankruptcy, receivership, asset sale, assignment, or similar business transaction;
  10. other persons with your direction or consent.

We may also share aggregated, de-identified, anonymized, or publicly available information for analytics, research, reporting, business, security, compliance, market-quality, or product-development purposes.

6. Cookies and tracking technologies

We may use cookies, pixels, local storage, device identifiers, software development kits, and similar technologies to operate the Services, remember preferences, authenticate sessions, improve performance, prevent fraud, enforce security controls, analyze usage, debug errors, monitor campaigns, and improve the user experience.

Some cookies and similar technologies are necessary for the Services to function. Others may be used for analytics, preferences, performance, or marketing where permitted by law. You may be able to disable cookies through your browser settings, but parts of the Services may not function properly if you do so.

We do not currently respond to “Do Not Track” signals unless required by law because no uniform standard has been adopted. Where legally required, we will honor applicable opt-out mechanisms, such as Global Privacy Control, in accordance with applicable law and technical feasibility.

7. Public blockchain information

Blockchain networks are public or semi-public by design. Wallet addresses, transaction hashes, smart contract interactions, balances, positions, deposits, withdrawals, settlement activity, liquidation activity, and other on-chain data may be visible to anyone and may be copied, indexed, analyzed, linked, commercialized, or retained by third parties without our involvement.

We cannot delete, modify, hide, or reverse public blockchain data. Even if we delete information from our systems, public blockchain data and third-party copies may remain available.

Connecting a wallet to the Services may allow us or third parties to associate your wallet address with other information, such as IP address, device information, trading activity, support communications, social identifiers, or compliance signals.

8. International transfers

We may process and store information in the Cayman Islands, United States, European Economic Area, United Kingdom, and other jurisdictions where Synapse Foundation, DSML, our affiliates, or our service providers operate. These jurisdictions may have data-protection laws that differ from those in your jurisdiction.

Where required, we use appropriate safeguards for international transfers, such as contractual protections, transfer-impact assessments, standard contractual clauses, or other mechanisms recognized by applicable law.

9. Retention

We retain information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, comply with law, enforce our Terms of Use and Trading Rules, resolve disputes, maintain security, prevent fraud and market abuse, conduct audits, administer rewards or incentives, maintain business records, and improve the Services.

Retention periods may vary depending on the type of information and the purpose of processing. Trading, RFQ, order, API, compliance, sanctions, market-surveillance, liquidation, settlement, and dispute-related records may be retained for longer periods where necessary for legal, regulatory, compliance, audit, tax, market-integrity, security, or dispute-resolution purposes.

We may retain aggregated, anonymized, de-identified, or public blockchain information indefinitely where permitted by law.

10. Security

We use administrative, technical, and organizational measures designed to protect information. However, no system is perfectly secure. We cannot guarantee that information will not be accessed, disclosed, altered, lost, destroyed, or misused.

You are responsible for securing your wallet, private keys, seed phrase, devices, credentials, API keys, session keys, agents, bots, and operational systems. We will never ask for your seed phrase or private keys.

11. Your rights and choices

Depending on your jurisdiction, you may have rights to request access, correction, deletion, portability, restriction, objection, withdrawal of consent, or information about how we process your personal information. You may also have the right to complain to a data-protection authority.

These rights may be limited by law, technical feasibility, our need to retain information for legal, compliance, security, fraud-prevention, market-integrity, audit, tax, dispute-resolution, or operational purposes, and the public nature of blockchain data.

To submit a request, contact us at . We may need to verify your identity, wallet control, jurisdiction, or authority before responding.

12. Marketing and communications

We may send you service, administrative, security, legal, support, and transactional communications. These communications are not marketing and may be necessary to provide the Services.

If you opt in to marketing, community, campaign, or promotional communications, we may send you updates about Hypercall, products, features, campaigns, rewards, events, or related matters. You may opt out of marketing communications where required or permitted by law. Opting out of marketing does not opt you out of service, legal, security, or transactional communications.

13. Children

The Services are not directed to children. You must be at least 18 years old and the age of majority in your jurisdiction to use the Services. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child, we may delete it or take other appropriate steps.

14. Third-party services

The Services may link to, depend on, or interoperate with third-party websites, wallets, applications, protocols, blockchains, RPC providers, indexers, bridges, or other services. We do not control and are not responsible for third-party privacy practices, security practices, content, terms, data collection, or processing. You should review the applicable third-party policies before using third-party services.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Updates are effective when posted or otherwise made available unless a later effective date is stated. Your continued use of the Services after an update means you acknowledge the updated Privacy Policy.

16. Contact

For questions or requests regarding this Privacy Policy, contact us at:

Synapse Foundation
Email:

17. Definitions

Application means the Hypercall website-hosted application, APIs, interfaces, account views, market data services, RFQ systems, order-entry systems, and related infrastructure.

DSML or Distributed Systems LTD means the Cayman Islands entity that may act as a vendor, contractor, contributor, delegate, affiliate, infrastructure provider, development provider, operations provider, data processor, or other service provider to Synapse Foundation, $SYN token governance, governance-authorized parties, the Application, the Protocol, or the Services.

Services has the meaning given in Section 1.

Trading Rules means the rules, policies, schedules, notices, API documentation, market-parameter schedules, fee schedules, oracle and settlement policies, margin and liquidation rules, market-integrity policies, and other operating materials incorporated into the Hypercall Terms of Use.

we, us, and our mean Synapse Foundation and, where the context requires to describe operational processing or service delivery, its affiliates, successors, designees, governance-authorized parties, DSML, service providers, or other persons involved in making available, servicing, administering, or operating the Services.

you and your mean any person or entity that accesses or uses the Services.