Privacy Policy

Last updated: April 29th, 2024

Plume Network Inc. a Delaware corporation (“Plume”, “we”, “us”, or “our”), respects and protects the privacy of those users and developers (“you”, “your”, “Users”, and “Developers”, as relevant) who explore and use our website-hosted user interface (the “Interface”) any related content and functionality offered to you through our website located at, and any other website operated on which this Privacy Policy (as amended from time to time, this “Privacy Policy”) is posted (collectively, the “Site”) and through our related technologies (collectively, the Interface and the Site, including all existing and any updated or new features, functionality, and technology, our “Services”).

This Privacy Policy describes how we collect, use, and disclose personal information when you use our Services. Please note that we do not control websites, applications, or services operated by third parties, and we are not responsible for their actions. We encourage you to review the privacy policies of the other websites, decentralized applications, and services you use to access or interact with our Services.


We collect the following personal information when providing our Services:

Information you provide:

  • Your public wallet address (“Wallet Address”);
  • Publicly available blockchain data (“Blockchain Data”); and
  • Where you agree to engage in our surveys or sign up to receive marketing communications, we may ask for the following “Basic User Information”:some text
    • Name;
    • Email;
    • Social media handles; and
    • Business name.

Information Collected Automatically:

  • App, Browser, and Device Information;
  • Information about the device, operating system, and browser you’re using;
  • Other device characteristics or identifiers (e.g., plugins, the network you connect to); and
  • IP address/derived location information.

Information we obtain from Affiliates and third parties:

  • Blockchain Data: We may analyze public blockchain data, including timestamps of transactions or events, transaction IDs, digital signatures, transaction amounts, and wallet addresses.
  • Information from Analytics Providers: We receive information about your Site usage and interactions from third-party analytics providers. This includes browser fingerprint, device information, and IP address.
  • Error Tracking Data: We utilize information from third-party service providers to provide automated error monitoring, reporting, alerting, and diagnostic capture for Service and Site errors to allow User or Developers to build more effectively on the Platform.


We may use your personal information for the following purposes or as otherwise described at the time of collection. If you reside outside the United Kingdom or European Economic Area (“EEA”), the legal bases on which we rely in your country may differ from those listed below.


We provide you with choices regarding our use of your personal data for marketing and advertising purposes. You will receive marketing communications from us if you have subscribed for an account with us and you have not opted out of receiving that marketing. All of our marketing communications to you contain an opt-out option and you can opt out at any time. Please note that the opt out will not affect the lawfulness of processing that has taken place before the opt out.

Third-Party Marketing

We will get your explicit opt-in consent before we share your personal data with any company outside of Plume for marketing purposes.

Opting Out

You can ask us to stop sending you marketing messages at any time by contacting us at at any time.

Opting Out of Geolocation

If you have previously allowed us to access your geolocation data, you can stop making geolocation available to us by visiting your mobile device’s settings for the Services or the “settings” page for the Services.


You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. 

Change of Purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your personal data for an unrelated purpose, we will notify you and obtain your consent to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.


We share certain information about you with service providers, partners, and other third parties in order to help us provide our Services. Here is how:

  1. Affiliates. Basic User Information that we process and collect may be transferred between Affiliates, Services, and employees affiliated with us as a normal part of conducting business and offering our Services to you.

  1. Linked Third-Party Websites or Services. When you use third-party services (like when you connect your self-custodial wallet to decentralized applications on the Platform) or websites that are linked through our Services, the providers of those services or products may receive information about you (like your wallet address). Please note that when you use third-party services or connect to third-party websites which are not governed by this Privacy Policy, their own terms and privacy policies will govern your use of those services and products.

  1. Professional advisors, industry partners, authorities, and regulators. We share with our advisors, regulators, tax authorities, law enforcement, government agencies, and industry partners when needed to:
  • respond pursuant to applicable law or regulations, court orders, legal process, or government requests;
  • detect, investigate, prevent, or address fraud and other illegal activity or security and technical issues; and
  • protect the rights, property, and safety of our Users, Developers, Affiliates, or others, including to prevent death or imminent bodily harm.

  1. Vendors and Third-Party Service Providers. When we share information with third-party service providers to help us provide our Services, we require them to use your information on our behalf in accordance with our instructions and terms and only process as necessary for the purpose of the contract.


We retain your information as needed to provide our Services, comply with legal obligations, or protect our or others’ interests. While retention requirements vary by country, we maintain internal retention policies based on how information needs to be used. This includes considerations such as when the information was collected or created, whether it is necessary in order to continue offering you our Services or to protect the safety, security, and integrity of our Services, and whether we are required to hold the information to comply with our legal obligations.


Our Services are not directed to persons under the age of 18, and we do not knowingly request or collect any information about persons under the age of 18. If you are under the age of 18, please do not provide any personal information through the Site or Services. If a User submitting personal information is suspected of being younger than 18 years of age, we will take steps to delete the individual’s information as soon as possible.


To facilitate our global operations, we and our third-party partners and service providers may transfer and store throughout the world, including in the United States.

If you reside in the EEA, Switzerland, or the United Kingdom, we rely upon a variety of legal mechanisms to facilitate these transfers of your personal information (collectively, “European Personal Data”).

  • We rely primarily on the European Commission’s Standard Contractual Clauses to facilitate the international and onward transfer of European Personal Data to third countries.
  • We also rely on adequacy decisions from the European Commission where available and exemptions provided for under data protection law (e.g., Article 49 GDPR).


We incorporate commercially reasonable safeguards to help protect and secure your personal information. However, no data transmission over the Internet, mobile networks, wireless transmission, or electronic storage of information can be guaranteed 100% secure. As a result, we cannot guarantee or warrant the security of any information you transmit to or from the Services, and you provide us with your information at your own risk.

If you have any questions about security on the Services or if you become aware of any unauthorized use of an account or suspect a security breach, notify us immediately via email at If our security system is breached, we will notify you of the breach to the extent required under applicable law.


If you are a resident of or located within the European Economic Area (EEA), you have certain additional data protection rights. These rights include:

  • The right to access, update or delete the information we have on you. Whenever made possible, you can access, update or request deletion of your personal information directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your personal information.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.

Legal Basis for Processing Personal Information Under GDPR

Our legal basis for collecting and using the personal information described in this Privacy Policy depends on the personal information we collect and the specific context in which we collect it.

We may process your personal information because:

  • We need to perform a contract with you;
  • You have given us permission to do so;
  • The processing is in our legitimate interests, and it is not overridden by your rights; or
  • To comply with the law.

Retention of Information

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

We will also retain usage data for internal analysis purposes. Usage data is data collected automatically either generated by the use of the Services or from the Services’ infrastructure itself (for example, the duration of a page visit). Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Services or we are legally obligated to retain this data for longer periods.

Disclosure of Personal Information

Disclosure for Law Enforcement - Under certain circumstances, we may be required to disclose your personal information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

Legal Requirements

We may disclose your personal information in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend our rights or property
  • To prevent or investigate possible wrongdoing in connection with the Services
  • To protect the personal safety of users of the Services or the public
  • To protect against legal liability

Security of Information

The security of your personal information is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Please note that we may ask you to verify your identity before responding to such requests.

Should you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority; however, we hope that we can assist with any queries or concerns you may have about our use of your personal information first.

For more information, please contact your local data protection authority in the EEA.


Under some U.S. state laws, including the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act (CPRA), residents may have the following rights:

Right to Know: The right to request the personal data that we collect, uses or discloses and information about our data practices;

Right to Request Deletion: The right to request that we delete the personal data we have collected about a user; 

Right to Opt-Out of Data Sales: The right to restrict the sale to third parties of a user’s personal data that we have collected; 

Right to Non-Discrimination: The right to not be discriminated against for exercising any of these rights;

Right to Correct Information: The right to update or correct the personal data that we collect;

Right to Limit Use or Disclosure of Sensitive Personal Information: The right to limit the use and disclosure of Sensitive Personal Information (as defined under the CPRA);

Right to Access Information Related to Automated Decision Making: The right to inquire about our logic involved in automated decision-making applied to personal data we collect; and

Right to Opt-Out of Automated Decision-Making Technology: The right to request a user’s removal from having automated decision-making applied to a user’s personal data that we collect.

To request further information pursuant to a user’s “right to know” or to request deletion of personal data pursuant to the user’s “right to request deletion”, please contact us at

We will acknowledge receipt of such request within 10 business days, and provide a substantive response within 45 calendar days, or inform the user of the reason and extension period (up to 90 days) in writing.

Only a user or an authorized agent may make a request related to such user’s personal data. Note that to respond to a user’s requests to access or delete personal data as outlined in applicable state laws, we must verify the user’s identity.


If you have questions or concerns regarding this Privacy Policy, or if you have a complaint, please contact us at


We are constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well. We post any changes we make to our Privacy Policy on this page and, where appropriate, we will provide you with reasonable notice of any material changes before they take effect or as otherwise required by law. The date the Privacy Policy was last updated is identified at the top of this page.


Plume Network Inc., 545 Sutter Street, 304, San Francisco, California, 94102, United States, acts as the controller of your personal data.