Privacy Policy

1. General Provisions

This Personal Data Processing Policy describes how Dalora processes and protects personal data collected through the Dalora website, dashboard, API, mobile application, Android APK, QR synchronization flows, and related services.

The Policy is prepared with regard to Russian personal data law requirements effective as of March 2026, including data localization and applicable information security obligations.

2. Purposes of Processing

• account access and service operation;
• QR-based synchronization between the mobile application and the web interface;
• device, node, telemetry, and infrastructure accounting;
• fraud prevention, duplicate scan prevention, and service security;
• processing support and privacy requests;
• compliance with applicable legal requirements.

3. Legal Grounds

Processing is based on consent where required, contract performance or pre-contractual steps at the user request, compliance with legal obligations, and the lawful interests of the operator where permitted by applicable law.

4. Scope and Categories of Data

• wallet address, nickname, account linkage and sync history;
• device identifiers, app version, build number, model, manufacturer, and service logs;
• LoRa / mesh node identifiers, node names, hardware model, telemetry, battery level, SNR, RSSI, and last activity time;
• profile and activity data such as Caps balance, level, Caps totals, online time, streaks, achievements, and connected devices;
• technical website data such as IP address, browser data, cookies, local storage, and request logs;
• data provided in support and privacy requests.

5. Data Subject Rights

• access information about processing;
• request rectification, blocking, or deletion;
• withdraw consent where processing relies on consent;
• object to processing where applicable;
• file a complaint with the competent authority or court.

6. Processing, Storage, Transfer, and Destruction

Data may be processed both automatically and manually. Primary collection and storage of personal data of Russian citizens is carried out using databases located in the Russian Federation where required by law.

Data is retained only for as long as necessary for the relevant purpose, legal compliance, and protection of rights, after which it is deleted, anonymized, or destroyed unless further retention is legally required.

7. Security Measures

• access control and authentication;
• logging, incident handling, backup, and recovery procedures;
• protection of data exchange channels between mobile and web components;
• technical and organizational safeguards corresponding to data volume, threat model, and applicable law, including 152-FZ and, where applicable, 187-FZ.

8. Operator Information

• Operator: Dalora.
• Privacy contact email: privacy@dalora.tech.
• Phone, postal address, TIN, and OGRN are not published in the current project version and should be added by the operator before a public legal release if required.

9. Cookies and Trackers

Dalora uses cookies, local storage, and similar technical identifiers required for interface functionality, language and theme preferences, session continuity, authorization state, and dashboard operation.

10. Transfers to Third Parties

Dalora may engage hosting, infrastructure, authentication, wallet connection, and similar service providers where necessary for service operation and where permitted by applicable law.

11. Automated Processing and Profiling

Dalora uses automated processing for QR validation, version checks, wallet ownership checks, duplicate scan prevention, device state display, statistics, and security functions. No solely automated decisions with legal effect are declared unless separately disclosed.

12. Policy Duration and Changes

This Policy remains effective until replaced by a new version. The operator may amend it at any time by publishing an updated version on the website.

13. Contact Details for Requests

Privacy requests, consent withdrawal notices, deletion requests, and other data protection inquiries should be sent to privacy@dalora.tech.