Legal
Privacy Policy
Last updated: May 2026 · Effective: upon publication
AI-FI is committed to protecting your privacy. We collect only the data necessary to operate the platform. We never sell your personal data to third parties.
1. Data Controller
The data controller is the AI-FI Foundation, operating ai-fi.trade. Contact: info@ai-fi.trade
2. Data We Collect
| Data |
Source |
Purpose |
| First name, last name | Registration / Application | Account identification, communications |
| Email address | Registration / Newsletter | Authentication, OTP codes, notifications, newsletters |
| Country | Application form | Regulatory compliance verification |
| Social media handles / URLs | Application form | Top Leader qualification assessment |
| Password (hashed) | Registration | Authentication — never stored in plain text |
| Referral code / referred by | Registration | MLM network tracking and rewards |
| Wallet address (Phantom) | Wallet connection | On-chain token operations |
| Session data (JWT token) | Authentication | Secure session management |
3. How We Use Your Data
- Providing and operating the AI-FI platform and dashboard
- Sending transactional emails (OTP codes, password reset, referral notifications, order confirmations)
- Processing Top Leader applications and communicating selection results
- Operating the MLM referral system and calculating rewards
- Sending newsletters (only with your explicit consent)
- Complying with applicable legal and regulatory obligations
4. Data Retention
- Account data: retained for the duration of your membership + 3 years after closure
- Application data (non-members): 12 months from submission
- Newsletter subscriptions: until unsubscription
- Password reset tokens (Redis): 1 hour TTL, single use
- OTP codes: deleted immediately after use or expiry
5. Data Sharing
We do not sell, rent, or trade your personal data. We may share data with:
- Email service provider (Gmail SMTP) — to send transactional emails
- Legal authorities — only when required by applicable law
- Solana blockchain — wallet addresses and token transactions are public by nature of the blockchain
6. Security
- All passwords are hashed with bcrypt (industry standard)
- Sessions managed via signed JWT tokens (NextAuth v5)
- Two-factor authentication (2FA) available via TOTP or OTP email
- Database access restricted to internal network (127.0.0.1)
- HTTPS enforced via Let's Encrypt SSL on all connections
- Automated daily database backups with 7-day retention
7. Your Rights (GDPR)
If you are a resident of the European Union or a country with equivalent privacy laws, you have the following rights:
- Right of access — request a copy of the data we hold about you
- Right to rectification — correct inaccurate data via your dashboard Settings page
- Right to erasure — request deletion of your account and associated data
- Right to data portability — receive your data in a structured, machine-readable format
- Right to withdraw consent — unsubscribe from newsletters at any time
To exercise these rights, contact: info@ai-fi.trade
8. Cookies
AI-FI uses only strictly necessary cookies for session management (NextAuth session cookie). We do not use tracking, advertising, or analytics cookies.
The language preference is stored in your browser's localStorage — this is not a cookie and is not transmitted to our servers.
9. Updates to This Policy
We may update this Privacy Policy to reflect changes in our practices or applicable law. Material changes will be communicated via email and in-app notification at least 7 days in advance.