Privacy Policy
Effective Date: July,24, 2025
Introduction
NEXUS (“we,” “our,” or “us”) takes the protection of personal data (“Personal Data”) very
seriously. Please read this Privacy Policy carefully.
This Privacy Policy explains how we process the personal information collected when you
access the service, your rights regarding your personal data, and how to contact us if you
have any questions. We handle your personal information responsibly and in accordance
with applicable laws and regulations.
By using, accessing, linking to, or engaging with the service, you consent to the collection,
use, disclosure, storage, and security of your information as described in this policy. If you
do not agree with this policy, please do not use, access, or link to the service.
1. Legal Grounds for Processing
There must be a valid basis for using your personal data, which is referred to as the "legal
grounds for processing" under certain laws. We process your personal data based on the
following grounds:
• Your Consent: This means that, as the data subject, you have agreed and consented to
the processing of your personal data for the specified purposes.
• Legal Obligation: The processing of your personal data is necessary for us to comply with
our legal obligations.
• Legitimate Interest: This refers to cases where the processing is necessary for pursuing
our legitimate interests, except when such interests are overridden by the interests or
fundamental rights and freedoms of the data subject, requiring the protection of your
personal data. Our legitimate interests generally include:
∘ Product improvement and research & development
∘ Marketing and promotion
∘ Security and fraud prevention
∘ Legal compliance
∘ Business operations
2. Collection of Personal Data
We collect the following personal data. The types of personal data we collect may vary
depending on how you use or interact with our services. The information below is essential
for providing our services, and without it, we will not be able to provide the requested
services. We do not collect additional categories of personal data without informing you.
• Information You Provide to Us
∘ Transaction information: Information necessary to complete transactions on our
services, such as wallet address, Nickname, transaction number, amount or quantity,
transaction date/time or timestamp, and other on-chain activity related to publicly
available wallet addresses, including blockchain activity data.
∘ Information provided for customer support inquiries: Email address, Nickname,
wallet address, and other information related to the inquiry, which may include
payment details.
• Information indirectly collected during your use of the service
∘ We provide social login functionality using Google, Apple. However, we do not
collect the user's name, email address, profile information, or similar data during this
process. The login process is handled entirely by the respective social login
providers, and we receive only a value that allows us to identify the logged-in user.
∘ In order to provide Ramp services, we receive certain information from the game,
such as the names and quantities of in-game assets associated with your account,
as well as the account status (e.g., whether it is in good standing or subject to any
restrictions). This information is used solely for the purpose of providing services
such as Mint or Burn that you choose to use.
• Technical Information Collected During Your Use of the Service
∘ App, browser, and device information: IP address, device information (such as
model name, advertising ID, OS type and version, language settings, mobile carrier,
etc.), referral sources, and GPS-based location data if enabled by the user. For more
details, please refer to the cookie section of this Privacy Policy.
3. Purposes of Using Personal Data
We may process your personal data for the following purposes:
• To Provide and Operate Our Services: Your personal data is used to provide the
services, communicate regarding service usage, fulfill orders, and for other customer support
purposes.
• To Safeguard Our Services and User Information: Your personal data is used to identify
and address violations, investigate suspicious activities, detect, prevent, and respond to
harmful or illegal actions, and detect fraudulent activities.
• To Respond to Customer Support Inquiries: Your personal data may be used to manage
your inquiries and requests by sending emails or communicating with you in other ways.
• To Send In-App Marketing Communications: Your personal data may be used,
depending on your consent, to send you information related to our services, such as news,
promotions, and other updates.
• To Improve Service Quality: Your personal data may be used for analytical purposes to
help us better understand app downloads and usage patterns, allowing us to enhance the
quality of our services.
• To Comply with Legal and Regulatory Obligations: Your personal data may be used to
enforce our service terms, comply with laws, legal processes, or legal obligations, exercise
or defend legal claims, detect, prevent, or address fraud, comply with requests from law
enforcement, regulatory, and tax authorities (both domestic and international), resolve
security or technical issues, or otherwise protect the property and legal rights of the
company or others.
4. Retention Period of Information
We retain your personal data for the period necessary to fulfill the purposes outlined in this
Privacy Policy or as instructed by you. This includes retaining data for legal, accounting, or
other obligations. However, exceptions apply in cases where longer retention periods are
required or permitted by law, and we may retain your personal data for the duration
necessary for legal claims, complaints, lawsuits, or regulatory procedures.
5. Sharing Personal Data with Third Parties
We may share your personal data with external processors when necessary for the
operation of our services. This includes collaborating with third parties to provide services
such as hosting, service maintenance, network management, cybersecurity, and support.
We may use external analytics services such as adjust, and may use cloud service providers
for data storage and service operation.
When you use the Ramp service, we may share certain transaction information—such as
your wallet address, the name of in-game assets, and the amount of assets used—with the
relevant game company.
6. International Transfer of Your Personal Data
We are a global service provider based in South Korea. If you are not residing in South
Korea, your personal data will be transferred internationally when using our services. South
Korea has been recognized with an adequacy decision under the GDPR, confirming that it
provides an equivalent level of data protection as EU member states.
When transferring personal data outside South Korea, we will make reasonable efforts to
ensure that appropriate protective measures are in place in accordance with DPA
requirements to protect the rights of data subjects.
7. Disclosure of Your Personal Data
We may disclose your personal data to the extent required by legal obligations or when we
believe in good faith that disclosure is necessary to comply with legal processes. In such
cases, the receiving entity may not be able to ensure the same level of security for your
personal data.
Additionally, we may disclose your personal data in connection with the transfer of business
or corporate restructuring.
8. Your Rights as a Data Subject
You have specific rights regarding the personal data we collect and process. You may
exercise these rights concerning the personal data we process about you.
• Right of Access or Right to be Informed
This means you have the right to obtain information from us about our data processing
activities concerning you (e.g., how we collect and use your personal data, retention periods,
sharing entities, etc.).
You have the right to confirm whether we are processing personal data about you, and if so,
to obtain a copy of such personal data along with certain related information.
In some cases, we may refuse your access request. In such instances, we will provide the
reasons for the refusal.
• Right to Rectification or Correction
You have the right to request the correction of any inaccuracies in the personal data we hold
about you (or your child) without undue delay, as well as the completion of incomplete
personal data.
If you are unable to modify the information yourself through your account settings, please
contact us, and we will do our best to modify the personal data on your behalf.
• Right to Deletion or Erasure
You have the right to request the anonymization, deletion, or removal of your personal
information when appropriate. In such cases, we will delete your personal data unless we
have overriding legitimate interests or legal requirements to continue processing it. We will
also inform you of the reasons if we refuse a deletion request.
• Right to Restrict the Processing of Your Personal Data
This is known as the "right to restrict processing." You have the right to request that your
personal data is only used or stored for specific purposes. This right applies in certain cases,
such as when you believe the data is inaccurate or that the processing activity is unlawful.
• Right to Object to Processing
If we process your personal data based on legitimate interests or for direct marketing
purposes, you have the right to object to such processing of your personal data.
Except in the following cases, we will cease processing your personal data:
(i) If we have strong legal grounds for processing that override your interests, rights, and
freedoms, or
(ii) If the processing is necessary for the establishment, exercise, or defense of legal claims.
• Right to Data Portability
If we process your personal data based on a contract with you or your consent, you have the
right to receive your personal data in a structured, commonly used, and machine-readable
format, or to request the transfer of this personal data to a third party.
• Right to Withdraw Consent
If we rely on your consent as the legal basis for processing your personal data, you can
withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of
processing based on consent before its withdrawal.
If you have consented to sharing your details with third parties and wish to withdraw this
consent, please contact the relevant third parties to modify your preferences.
• Right to Non-Discrimination
We will not discriminate against you for exercising any of your rights provided to you under
law..
• Identity and Authority Verification
To respond appropriately to your privacy rights requests, we may need to verify your identity
and may request additional information. The personal data provided for this purpose will only
be used to verify your identity or authority to make the request.
If submitting a request on behalf of someone else, you must provide proof of authority to act
on their behalf. Please ensure that you provide a valid signed power of attorney, or proof of
parental responsibility or legal guardianship, when contacting us for rights requests.
• Response Time and Format for Your Requests
We will acknowledge receipt of your request within 10 business days and inform you of the
expected response time, including any identity verification or processing delays.
Typically, we will respond to your request within one month from the date of receipt.
However, if more time is required (up to 90 days), we will inform you of the reason for the
delay and the extended time frame.
In some cases, we may be unable to process your request, and we will explain the reasons
in our response.
We do not charge fees to process your request. However, if your request is excessive,
repetitive, or manifestly unfounded, we may charge a fee. In such cases, we will explain the
reasons for the charge and provide a cost estimate before completing your request.
9. Data Security
We take the security of your personal data seriously and have established a dedicated team
with expertise in information security. The members of this team are committed to
safeguarding your data. We implement technical, administrative, and physical measures
designed to protect your personal data, and we will continuously improve and maintain these
measures. These measures include encryption and deletion.
10. Cookies and Other Tracking Technologies
Cookies are small text files that are downloaded to your computer or mobile device and
contain data. Browser cookies and other similar technologies (referred to as "Cookies" in this
cookie policy) allow websites and apps to store information or provide access to information
stored on your device. These technologies are used by most website and app providers to
help users navigate between pages efficiently, ensure the security of web pages or
applications, understand how websites are used, remember user preferences, and generally
improve the user experience.
When you use our services, we may place cookies on your device. More general information
about cookies can be found at www.allaboutcookies.org.
We may also track service usage information when our app is downloaded for the purpose of
improving service quality. If you do not wish to allow such tracking, you may disable it at any
time through your device settings.
11. Children
The Service is not intended for children, and the Company does not knowingly collect
personal information from children. To use the Service, you must be legally capable of
entering into a contract.
12. Right to File a Complaint with a Supervisory Authority
When EU or UK GDPR applies to the processing of your personal data, you have the right to
file a complaint with a supervisory authority if you are not satisfied with how your personal
data is handled.
You can file a complaint with the supervisory authority in the EU member state of your
residence, workplace, or where the alleged GDPR violation occurred. In the UK, you can file
a complaint with the Information Commissioner’s Office (ICO).
13. Changes to This Policy
We reserve the right to amend this Privacy Notice at any time to reflect changes in the law,
our data collection, use or sharing practices or advances in technology. We will make the
revised Privacy Notice accessible throughout the Services. You should review this Privacy
Notice periodically. The “Effective Date” indicated in this Privacy Notice represents the date
it was last updated.
By continuing to access or use the Services, you are confirming you have read and
understand the latest version of this Privacy Notice.
14. Contact Information
If you have any questions about this privacy policy or concerns related to your personal data
or this privacy policy, please contact us at:
• Address:1 , 15F, 10, Daewangpangyo-ro 606beon-gil, Bundang-gu, Seongnam-si,
Gyeonggi-do, South Korea
• Email: privacy@to.nexus
It may take up to one month to respond to your inquiry.
[EU Representative]
We have appointed VeraSafe as our representative for data protection matters in the EU.
You can contact us or VeraSafe regarding any issues related to the processing of personal
data.
• Company: VeraSafe Ireland Ltd.
• Address: Unit 3D North Point House North Point Business Park New Mallow Road Cork
T23AT2P Ireland
• Phone: +420 228 881 031
• Contact Form: https://www.verasafe.com/privacy-services/contact-article-27-representative/
• Email: experts@verasafe.com
• Website: https://www.verasafe.com/about-verasafe/contact-us/
[UK Representative]
We have appointed VeraSafe as our data protection representative in the UK. You can
contact us or VeraSafe regarding any issues related to the processing of personal data.
• Company: VeraSafe United Kingdom Ltd.
• Address: 37 Albert Embankment, London, SE1 7TL, United Kingdom
• Phone: +44 (20) 4532 2003
• Contact Form: https://www.verasafe.com/privacy-services/contact-article-27-representative/
• Email: experts@verasafe.com
• Website: https://www.verasafe.com/about-verasafe/contact-us/
