# Privacy Policy

### 1. Controller and contact details

The controller is alphayield.ai, with a registered office in Portugal.

Legal references: GDPR, Articles 12–13; Articles 37–39 (DPO); Law No. 58/2019.

***

### 2. What data we process

We may process:\
(i) technical browsing data (IP, logs, cookies),\
(ii) data provided by the user (e.g. email for contact/support), and\
(iii) public on-chain data where the user interacts with blockchain networks (addresses, hashes and transaction events).

Legal references: GDPR, Article 13(1)(c); Law No. 41/2004, Article 5.

***

### 3. Purposes and legal bases

We process data to operate and make the Website/Services available; ensure security and fraud prevention; provide support; collect metrics based on consent where required; comply with legal obligations and respond to authorities; and defend rights in proceedings and disputes.

Legal references: GDPR, Article 6(1)(a), (b), (c) and (f); Article 5 (principles); Article 21 (objection).

***

### 4. Recipients and processors

We may share data with providers (hosting, security, support, analytics), advisers and authorities where legally required, ensuring contracts and confidentiality where applicable.

Legal references: GDPR, Article 28 (processors); Article 13(1)(e).

***

### 5. International transfers

Where data are processed outside the EEA, we will apply appropriate transfer mechanisms and supplementary measures where applicable.

Legal references: GDPR, Articles 44–49.

***

### 6. Retention periods

We retain data only for the period necessary for the purposes and for compliance with legal obligations (e.g. logs for \[ ]). On-chain data may remain publicly accessible for an indefinite period due to the technical design of the blockchain.

Legal references: GDPR, Article 5(1)(e); Article 13(2)(a).

***

### 7. Data subject rights

The user may exercise the rights of access, rectification, erasure (where applicable), restriction, objection and portability, as well as withdraw consent. The user may also lodge a complaint with the CNPD.

Legal references: GDPR, Articles 15–22 and 77; Law No. 58/2019.

***

### 8. Security and incidents

We apply appropriate technical and organisational measures and, in the event of a personal data breach, we will act in accordance with the law.

Legal references: GDPR, Article 32; Articles 33–34.

***

### 9. Minors

The Services are not intended for minors.

Legal references: GDPR, Article 8 (where applicable).

***

### 10. Automated processing (security/geoblocking)

There may be automated mechanisms for security and compliance (e.g. abuse detection, VPN/proxy detection, geoblocking). We do not carry out automated decisions producing significant legal effects, unless expressly indicated and legally permitted.

Legal references: GDPR, Article 22; Article 13(2)(f).

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://alphayields.gitbook.io/alphayields-docs/legal/privacy-policy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.