Privacy Notice

Last updated May 19, 2025

This Privacy Notice for Nori ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services (the "Services"), including when you:

  • Register or log in via social account
  • Trade tokens using our swipe-to-trade interface
  • Configure notifications or interact with our in-App features

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services.

SUMMARY OF KEY POINTS

This summary provides key points from our Privacy Notice. You can find more details by clicking the links in the Table of Contents below.

  • What personal information do we process? We collect data you provide (e.g., name, email), device and usage data, transactional metadata, and identity-verification info.
  • Do we process sensitive personal information? No. We do not collect special categories of personal data.
  • Do we collect information from third parties? Only for compliance (e.g., KYC/AML) from trusted providers.
  • How do we process your information? To operate and improve the App, send notifications, prevent fraud, and comply with laws.
  • When and with whom do we share your personal information? With service providers, regulators, affiliates, and only with your consent for marketing.
  • What are your rights? Access, correction, deletion, portability, and objection, as permitted by law.
  • How do you exercise your rights? Via the in-App Privacy Settings or by emailing privacy@noriswipe.io.

TABLE OF CONTENTS

  • WHAT INFORMATION DO WE COLLECT?
  • HOW DO WE PROCESS YOUR INFORMATION?
  • WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
  • DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
  • HOW DO WE HANDLE YOUR SOCIAL LOGINS?
  • IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
  • HOW LONG DO WE KEEP YOUR INFORMATION?
  • DO WE COLLECT INFORMATION FROM MINORS?
  • WHAT ARE YOUR PRIVACY RIGHTS?
  • CONTROLS FOR DO-NOT-TRACK FEATURES
  • DO WE MAKE UPDATES TO THIS NOTICE?
  • HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
  • HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short: We collect personal information that you provide when you register, trade, or contact us.

We collect the information you voluntarily provide when you:

  • Register or log in via Google, Facebook, or Twitter (name, email address, profile picture)
  • Configure notification preferences or subscribe to promotional messages
  • Contact customer support or participate in surveys

All personal information you provide must be accurate and up-to-date.

Information automatically collected

In Short: Some information — such as your IP address and device characteristics — is collected automatically when you use Nori.

When you visit, use, or navigate the App, we automatically collect device and usage data, including:

  • IP address, operating system, device model, and locale
  • App performance and crash reports
  • Analytics events (e.g., swipes made, tokens viewed)
  • Transaction metadata (timestamps, transaction hashes)

This data helps us secure the App, optimize performance, and improve your experience.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to deliver, improve, and secure Nori, to communicate with you, and to comply with legal obligations.

We use your data for purposes such as:

  • Core App Functionality: Create/manage your non-custodial wallet, execute token trades, and send push notifications (price alerts, trade status).
  • Personalization & Improvement: Tailor content, suggest tokens, refine onboarding flows, and plan multi-chain integrations.
  • Analytics & Research: Analyze usage trends to fix bugs, add features, and optimize UX.
  • Security & Fraud Prevention: Detect suspicious activity, enforce rate limits, and perform KYC/AML checks where required by law.
  • Compliance: Retain transaction and identity data to satisfy anti-money-laundering and tax regulations.

We only process your information when we have a valid legal basis: consent, contract performance, legal obligation, or legitimate interest.

3. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share your information in specific situations and with select third parties.

We may share your data with:

  • Service Providers: Cloud hosting, analytics, push-notification services, and KYC/AML vendors—each under confidentiality obligations.
  • Business Transfers: In connection with mergers, acquisitions, or asset sales, your data may be transferred as an asset, subject to this Privacy Notice.
  • Affiliates: Bronix Inc. and its subsidiaries or joint ventures, under the same data protection standards.
  • Legal Authorities: To comply with subpoenas, court orders, or government requests, or to protect our rights and the safety of users.
  • Your Consent: When you opt in to share data with marketing partners or participate in co-branded promotions.

4. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and similar tracking technologies to collect and store your information.

We use cookies, web beacons, and mobile identifiers to:

  • Remember your login state and preferences
  • Analyze engagement and performance metrics
  • Prevent fraud and assist with crash diagnostics

Third-party analytics and advertising partners may also deploy tracking technologies for in-App analytics and personalized ad delivery. For more details, see our Cookie Notice.

5. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

In Short: If you choose to sign in with a social account, we receive certain profile information about you.

When you log in via Google, Facebook, or Twitter, we obtain:

  • Basic profile data (name, email, profile picture)
  • Any additional permissions you grant (e.g., public friend list)

We use this information solely to create and manage your Nori wallet and streamline onboarding. We do not store your social credentials or use them for other purposes. Review your social provider's privacy policy for their data practices.

6. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

In Short: We may transfer, store, and process your information in countries other than your own.

Our servers and those of our service providers are located in the United States, Europe, and other jurisdictions. If you access Nori from outside these regions, your information may be transferred across borders. We implement appropriate safeguards (e.g., Standard Contractual Clauses) to protect your data in transit and at rest, in compliance with applicable law.

7. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We retain your data as long as necessary to fulfill the purposes outlined in this Notice, unless otherwise required by law.

  • We delete or anonymize data when no longer needed for app operations, analytics, or legal compliance.
  • Transaction and identity-verification records may be retained for up to 7 years to satisfy tax and regulatory requirements.
  • If immediate deletion is not possible (e.g., archived backups), we will isolate the data from active use until secure deletion is feasible.

8. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect personal data from children under 18.

Our Services are intended for users aged 18 or older. If you believe we have collected data from a minor, please contact us at privacy@noriswipe.io. We will promptly deactivate the account and delete the minor's data from our records.

9. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, or object to our processing of your personal information.

  • Access & Portability: Request a copy of your data in a machine-readable format.
  • Correction: Ask us to update inaccurate or incomplete information.
  • Deletion: Request erasure of your personal data, subject to legal obligations.
  • Objection & Restriction: Opt out of processing based on legitimate interests or withdraw consent.
  • Opt-Out of Marketing: Unsubscribe from promotional emails or in-App messages at any time via Settings.

To exercise any of these rights, email privacy@noriswipe.io or use the in-App Privacy Settings menu.

10. CONTROLS FOR DO-NOT-TRACK FEATURES

Most mobile operating systems and browsers offer Do-Not-Track ("DNT") settings. Nori does not currently respond to DNT signals. If a standard for honoring DNT is adopted in the future, we will update this Privacy Notice accordingly.

11. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this Notice as necessary to stay compliant with relevant laws.

We may update this Privacy Notice periodically. The updated version will be indicated by a revised "Last updated" date at the top. If we make material changes, we may notify you by posting a notice in the App or sending a push notification or email. We encourage you to review this Notice from time to time.

12. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this Notice, you may contact us by post at:

Bronix Inc.

Ankara Technology Bridge

Ayranci, Bilkent Cyberpark No. 22

06550 Çankaya, Ankara

Turkey

Or via email at privacy@noriswipe.io.

13. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on applicable law, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent. These rights may be limited in some circumstances by law.

To exercise any of these rights, please:

  • Submit a data subject access request via the in-App Privacy Settings or email privacy@noriswipe.io.
  • Specify which right you wish to exercise (e.g., access, correction, deletion, portability, restriction).
  • Provide sufficient details for us to identify you and the data in question.

We will respond to your request in accordance with applicable data protection laws.