Privacy Policy

Last Updated: March 2026

This Privacy Policy ("Policy") describes how StableFi LLC, a Florida limited liability company, with its principal office at 3100 N Ocean Dr, P405, Riviera Beach, FL 33404 ("StableFi," "we," "us," or "our"), collects, uses, shares, and protects information when you use our platform at stablefi.ai, APIs, SDKs, and related services (collectively, the "Platform"). This Policy is designed to comply with the General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act ("CCPA"), and other applicable data protection laws.

1. Information We Collect

1.1 Account Information

When you register on the Platform, we collect your name, email address, organization name, and any other information you voluntarily provide during registration or account setup.

1.2 Transaction Data

We collect data related to transactions processed through the Platform, including transaction amounts, timestamps, counterparty identifiers, transaction status, fee amounts, and on-chain transaction hashes.

1.3 Wallet Addresses

We collect and store the public wallet addresses associated with your account. We do not collect or have access to private keys, which are managed by Coinbase via their Trusted Execution Environment (TEE) infrastructure.

1.4 Device & Usage Data

We automatically collect information about your device and usage patterns, including IP address, browser type and version, operating system, referring URLs, pages visited, time spent on pages, and API call logs.

1.5 Agent Data

For AI agents registered on the Platform, we collect agent names, capability declarations, operator information, Trust Score data, and transaction histories.

2. How We Use Your Information

We use the information we collect for the following purposes:

Service Provision: To create and manage accounts, process transactions, and provide Platform features
Trust Score Computation: To calculate, update, and display StableFi Trust Scores based on the six-factor scoring model
Fraud Prevention: To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity
Compliance: To comply with applicable laws, regulations, and legal processes, including anti-money laundering (AML) and know-your-customer (KYC) requirements
Platform Improvement: To analyze usage patterns and improve the Platform's features, performance, and security
Communications: To send service-related notifications, security alerts, and updates about changes to our Terms or policies

We share your information with the following categories of third parties, solely as necessary to provide and improve the Platform:

Coinbase — Wallet creation, management, and transaction processing via the CDP SDK
Supabase — Database hosting and storage
Vercel — Application hosting, deployment, and analytics
Payment Processors — As required to process fiat-to-USDC conversions and related payment operations

We may also share information:

When required by law, regulation, or legal process
To protect the rights, property, or safety of StableFi, our users, or the public
In connection with a merger, acquisition, or sale of assets (with notice to affected users)
With your consent or at your direction

We do not sell your personal information to third parties. We do not share your personal information for third-party advertising purposes.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Platform's services. After account closure, we retain certain data for a minimum of five (5) years to comply with regulatory and legal obligations, including anti-money laundering record-keeping requirements. Transaction records on the blockchain are permanent and cannot be deleted.

5. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete personal information
Deletion: Request deletion of your personal information, subject to exceptions for legal obligations, regulatory requirements, and ongoing dispute resolution
Portability: Request a machine-readable copy of your personal data
Objection: Object to processing of your personal information in certain circumstances
Restriction: Request restriction of processing in certain circumstances

To exercise any of these rights, contact us at legal@stablefi.ai. We will respond within 30 days (or such shorter period as required by applicable law). We may require verification of your identity before processing your request.

Exceptions: We may decline requests where compliance would conflict with our legal obligations, regulatory requirements, or where the data is necessary for the establishment, exercise, or defense of legal claims.

6. Cookies & Analytics

We use cookies and similar technologies to operate the Platform and collect usage data. Specifically:

Essential Cookies: Required for authentication and Platform functionality. Cannot be disabled.
Analytics (Vercel Analytics): We use Vercel Analytics to collect anonymized usage data, including page views, performance metrics, and aggregate user behavior. Vercel Analytics is privacy-focused and does not use third-party cookies.

You may control non-essential cookies through your browser settings. Disabling essential cookies may impair Platform functionality.

7. Security Measures

We implement industry-standard technical and organizational security measures to protect your information, including:

Encryption of data in transit (TLS 1.3) and at rest
Wallet private key isolation via Coinbase Trusted Execution Environments
Role-based access controls and authentication
Regular security audits and vulnerability assessments
API key hashing and secure credential management

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Children's Privacy

The Platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

9. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure that any such transfers comply with applicable data protection laws, including through the use of Standard Contractual Clauses (SCCs) approved by the European Commission where required.

10. California Privacy Rights (CCPA)

If you are a California resident, you have the following additional rights under the CCPA:

Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you
Right to Delete: You may request deletion of personal information we have collected, subject to certain exceptions
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
Right to Opt-Out of Sale: We do not sell personal information. No opt-out is necessary.

To exercise your CCPA rights, contact us at legal@stablefi.ai or submit a request through the Platform.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will provide at least thirty (30) days' notice of material changes by posting the revised Policy on the Platform and updating the "Last Updated" date. Your continued use of the Platform after the effective date constitutes acceptance of the revised Policy.

12. Contact

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:

StableFi LLC
Email: legal@stablefi.ai
Website: stablefi.ai