Privacy Policy
Last Updated: December 26, 2025 • Version 1.0
This Privacy Policy explains how Lucky Jade Mining Corp ("we," "us," "our") collects, uses, and protects data from your Lucky Jade Miner™ hardware and website usage.
1. Information We Collect
1.1 Hardware Telemetry Data (Automatically Collected)
Your Lucky Jade Miner™ hardware automatically transmits performance data to our telemetry service:
| Data Type | Examples | Purpose | Legal Basis |
|---|---|---|---|
| Hardware UUID | Unique 128-bit identifier | Device tracking, anti-counterfeit | Legitimate interest (GDPR Art. 6(1)(f)) |
| Performance Metrics | Hashrate, shares, errors | Product improvement | Contract performance (Art. 6(1)(b)) |
| Hardware Health | Temperature, voltage, frequency | Warranty validation | Contract performance (Art. 6(1)(b)) |
| System Info | OS, driver version, timezone | Compatibility, support | Contract performance (Art. 6(1)(b)) |
| IP Address | IPv4/IPv6 address | Geolocation, clone detection | Legitimate interest (Art. 6(1)(f)) |
Frequency: Telemetry transmitted every 5 minutes while device is active.
Transmission: Encrypted HTTPS to api.luckyjademining.com
1.2 User-Provided Information (Optional)
If you create an account on our website:
- Email address (Required) - Account authentication, warranty registration, alerts
- Display name (Optional) - Dashboard personalization
- Location (Optional) - Location-based features
- Alert preferences (Optional) - Notification settings
1.3 Data We Do NOT Collect
We explicitly do NOT collect:
- Wallet addresses, private keys, or seed phrases
- Mining pool credentials
- Personal browsing history outside our website
- Financial information (handled by third-party payment processors)
- Precise geolocation without explicit consent
2. Legal Basis for Processing (GDPR Article 6)
2.1 Contract Performance (Article 6(1)(b))
Warranty Agreement: By purchasing a Lucky Jade Miner™, you enter a warranty contract that REQUIRES telemetry for verifying product authenticity, diagnosing issues, and delivering performance updates.
You may opt-out of telemetry, but this may void warranty coverage per our Terms of Service.
2.2 Legitimate Interest (Article 6(1)(f))
We have legitimate business interests in:
- Anti-Counterfeit Protection: Detecting cloned hardware via UUID duplication
- Security: Preventing fraudulent warranty claims
- Product Quality: Aggregating anonymous performance data for improvements
2.3 Consent (Article 6(1)(a))
We obtain explicit consent for:
- Optional precise location tracking
- Marketing communications (newsletter, announcements)
- Non-essential website cookies (analytics, marketing)
3. How We Use Your Data
3.1 Anti-Counterfeit Protection
If the same UUID is detected on multiple systems simultaneously, we flag it as potential counterfeit, alert our security team, and may disable affected devices.
3.2 Warranty Validation
When you submit a warranty claim, we verify:
- Product authenticity (cryptographic signature validation)
- Usage history (uptime, temperature, error rates)
- Whether telemetry was active during failure period
3.3 Product Improvement
We aggregate anonymous performance data to develop voltage/frequency calibration curves, optimize thermal management, and improve future hardware designs.
3.4 Customer Support
Support engineers may access your telemetry data to diagnose failures, recommend configuration changes, and validate RMA requests.
4. Data Sharing
4.1 We Do NOT Sell Your Data
We do NOT sell, rent, or trade your personal data to third parties for marketing purposes.
4.2 Service Providers (Data Processors)
We share data with service providers under Data Processing Agreements:
- Vercel: Website hosting, edge functions (USA, GDPR-compliant)
- Database Provider: Telemetry storage (EU/USA)
- Email Service: Alert delivery (SendGrid/Resend)
- Auth0: User authentication and identity management
4.3 White-Label OEM Partners
If you purchased from an authorized OEM partner, they may access telemetry for devices they sold (limited to their branded units).
5. Data Retention
| Data Type | Retention Period | Reason |
|---|---|---|
| Active device telemetry | 90 days (raw data) | Warranty validation, support |
| Aggregated statistics | 5 years | Product analytics |
| Account information | Until deletion requested | Account services |
| Hardware UUIDs | Indefinite (anonymized after deletion) | Anti-counterfeit protection |
| Warranty records | Warranty period + 3 years | Legal compliance |
6. Your Rights (GDPR Chapter III)
6.1 Right to Access (Article 15)
Request a copy of all data we hold about you via our Data Subject Access Request portal.
6.2 Right to Erasure (Article 17)
Request deletion of personal data. Note: Hardware UUIDs retained in anonymized form for anti-counterfeit protection (legitimate interest exception under Article 17(3)(f)).
6.3 Right to Data Portability (Article 20)
Export your telemetry data in JSON format via your account dashboard.
6.4 Right to Object (Article 21)
Disable telemetry at any time. Note: This may affect warranty coverage per our Terms of Service.
6.5 Right to Lodge a Complaint (Article 77)
If you believe we violated GDPR, you may file a complaint with your national Data Protection Authority. Find your DPA: EDPB Members
7. Data Security
We implement security measures including:
- TLS 1.3 encryption for all data transmission
- AES-256 database encryption at rest
- Role-based access control (RBAC)
- Audit logging of all data access
- Regular security audits and penetration testing
8. Children's Privacy
Lucky Jade products are NOT intended for individuals under 18 years of age. We do not knowingly collect data from children. If you believe a child provided us data, contact privacy@luckyjademining.com for immediate deletion.
9. California Privacy Rights (CCPA)
California residents have additional rights:
- Right to Know: Categories and specific pieces of personal information collected
- Right to Delete: Request deletion of personal information
- Right to Opt-Out of Sale: We do NOT sell personal information (no opt-out needed)
- Right to Non-Discrimination: No penalty for exercising CCPA rights
10. International Data Transfers
Your data may be processed in the United States and European Union. For EU data transfers to non-EU countries, we use Standard Contractual Clauses (SCCs) approved by the EU Commission.
11. Changes to This Policy
We may update this Privacy Policy to reflect changes in practices or legal requirements. Material changes will be notified via email (if registered) or website banner for 30 days.
12. Contact Us
Data Controller:
Lucky Jade Mining Corp
Data Protection Officer (DPO):
- Email: privacy@luckyjademining.com
- Postal: Lucky Jade Mining Corp, Data Protection Officer
For Privacy Requests:
- Data export: DSAR Portal
- Data deletion: Privacy Settings
- Email: privacy@luckyjademining.com
Response Time: We respond to privacy requests within 30 days (may extend to 60 days for complex requests, with notification).
Quick Reference: Your Privacy Rights
- ✓ Access: Request copy of your data
- ✓ Correct: Update inaccurate information
- ✓ Delete: Request data deletion (UUID retained for anti-counterfeit)
- ✓ Export: Download your data in JSON format
- ✓ Object: Disable telemetry (may affect warranty)
- ✓ Withdraw Consent: Unsubscribe from marketing emails anytime
Version 1.0 • Effective Date: January 1, 2026
Legal Notice: This Privacy Policy has been prepared for informational purposes and should be reviewed by qualified legal counsel and a Data Protection Officer before being put into effect. GDPR compliance requires ongoing monitoring and updates.