PRIVACY POLICY

0. HOW THE NEFTWERK PROTOCOL WORKS

Neftwerk Inc. operates as blockchain protocol infrastructure. Neftwerk does not sell artworks, does not act as a payment processor, and does not collect or store payment instrument data. Payment processing, fiat in/out, and KYC/AML compliance are handled exclusively by Coinflow, our licensed third-party payment processing partner. Galleries and authorized sellers credentialed on the Neftwerk Protocol are the merchants of record for all artwork transactions. By using the Services, you acknowledge this layered structure and agree to also review Coinflow’s Privacy Policy and the terms of the gallery or seller from whom you are transacting. Gallery information and respective policies are available in-app.

Neftwerk Privacy Policy

Last updated June 23, 2026

This Privacy Notice for Neftwerk Inc. (“we,” “us,” or “our”) describes how and why we might access, collect, store, use, and/or share (“process”) your personal information when you use our services (“Services”), including when you:

  • Visit our website at https://www.neftwerk.com or any website of ours that links to this Privacy Notice

  • Download and use our mobile application (My Pocket Gallery), or any other application of ours that links to this Privacy Notice

  • Use My Pocket Gallery, an art wallet that helps galleries and collectors securely track provenance, execute seamless transactions, and digitally manage collections

  • Engage with us in other related ways, including any marketing or events

Reading this Privacy Notice will help you understand your privacy rights and choices. Contact us at neftwerk@neftwerk.com with all questions and concerns

1. WHAT INFORMATION DO WE COLLECT?

Personal Information You Disclose to Us

We collect personal information that you voluntarily provide when you register, express interest in our Services, participate in activities, or contact us. This may include:

  • Name, email address, username or display name

  • Profile information

  • Wallet addresses

  • Uploaded content (including artwork records and provenance data)

  • Communications with us

Payment Data

Neftwerk does not collect, process, or store payment instrument data, including credit card numbers, bank account information, or other financial data. All payment processing, fiat in/out, and KYC/AML compliance are handled exclusively by Coinflow, our licensed payment processing partner. By transacting through the Services, you agree to Coinflow’s Privacy Policy, available at https://coinflow.cash/privacy. Please review Coinflow’s policy to understand how your payment data is handled.

Blockchain and Transaction Information

Transactions conducted through blockchain-based systems may be publicly visible and permanently recorded on distributed ledgers. We may collect and process public wallet addresses, transaction hashes, blockchain metadata, and payment routing information. Because blockchain networks are decentralized and public, we cannot modify, delete, or control information stored on-chain.

Automatically Collected Information

When you use the Services, we may automatically collect device information, browser type, operating system, IP address, usage activity, referral URLs, crash logs and diagnostics, and analytics data.

Gallery Information

When you use the Services, you will be interacting with vendors not directly affiliated with Neftwerk.  Galleries may collect additional information with transactions.  For more information on a given vendor’s privacy policy and data usage, please navigate to their page in-app or contact them directly at listed contact information.

2. HOW DO WE PROCESS YOUR INFORMATION?

We process your personal information to: facilitate account creation and authentication; deliver and facilitate services; respond to user inquiries; send administrative information; fulfill and manage orders; enable user-to-user communications; and save or protect vital interests. We process information only when we have a valid legal reason to do so.

3. LEGAL BASES FOR PROCESSING

Under GDPR and UK GDPR, we rely on the following legal bases: Consent; Performance of a Contract; Legal Obligations; and Vital Interests. Canadian users: we rely on express or implied consent as applicable, with exceptions permitted by law.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

A. Service Providers

Third-party vendors including cloud hosting providers, analytics services, payment processors (see Section 1, Payment Data), customer support tools, and security and fraud prevention vendors.

B. Legal and Compliance Purposes

We may disclose information to comply with applicable law, respond to legal requests, protect rights, safety, or property, or investigate fraud or security incidents.

C. Business Transfers

Information may be transferred in connection with mergers, acquisitions, financing, asset sales, bankruptcy, or restructuring.

D. Public Blockchain Activity

Blockchain transaction data may be publicly accessible and visible to third parties by the nature of distributed ledger systems.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

We use cookies and similar tracking technologies solely to maintain the security and operation of our Services, prevent crashes, fix bugs, and save your preferences. Neftwerk does not use behavioral tracking technologies for advertising purposes and does not permit third parties to serve targeted advertising through the Services.

6. INTERNATIONAL DATA TRANSFERS

Our servers are located in the United States. We comply with the EU-US Data Privacy Framework and Swiss-US Data Privacy Framework as set forth by the US Department of Commerce. If you are in the EEA, UK, or Switzerland, your information may be transferred to the US; we take all necessary measures to protect it in accordance with this Notice and applicable law.

7. HOW LONG DO WE KEEP YOUR INFORMATION?

We keep personal information only as long as necessary for the purposes outlined in this Notice, unless a longer period is required by law. When there is no ongoing legitimate need to process your information, we will delete or anonymize it.

8. HOW DO WE KEEP YOUR INFORMATION SAFE?

We implement appropriate technical and organizational security measures. Neftwerk may utilize zero-knowledge proof systems and related cryptographic architectures to: authenticate or validate activities without exposing underlying personal information; reduce unnecessary transmission of sensitive data; support privacy-preserving protocol interactions; and enhance user control over digital identity and permissions.

Where feasible, our systems are designed to minimize direct access to user data by Neftwerk itself. However, no electronic transmission or information storage can be guaranteed 100% secure. You should only access the Services within a secure environment.

9. DO WE COLLECT INFORMATION FROM MINORS?

We do not knowingly collect data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 years old. If we learn that data from users under 18 has been collected, we will deactivate the account and delete such data. Please contact neftwerk@neftwerk.com for minor data concerns.

10–15. PRIVACY RIGHTS, DO-NOT-TRACK, US STATE RIGHTS, UPDATES, CONTACT

These sections are retained as drafted. They are legally sound and cover GDPR, UK GDPR, Canadian, and US state rights accurately.

16. CONTACT

Neftwerk Inc., 1316 S Mole St, Philadelphia, PA 19146, United States. neftwerk@neftwerk.com

17. POLICY REVIEW AND UPDATES 

This Policy is reviewed and approved by the Chief Executive Officer, Francesca Augustine at least annually, and updated upon material regulatory changes, new product launches, or significant findings from independent reviews.