Privacy Policy

Last Updated 12 February 2025

Notus API respects your privacy and is committed to protecting the data of its clients and end users. This Privacy Policy explains what information we collect, how we use it, how long we store it, and how we protect your privacy.

By using Notus API, you agree to the terms outlined below.

1.Information We Collect

To ensure the functionality and security of Notus API, we collect and process different types of data related to our clients (companies using the API) and their end users.

When clients integrate Notus API into their systems, we process information necessary for their operations. This includes blockchain wallet addresses, transaction history, and metadata about interactions. These details help our clients analyze user behavior, perform compliance checks, and ensure secure transactions.

Additionally, we collect API usage data, including request logs, accessed endpoints, and response times. This data allows us to monitor API performance, detect issues, and improve our services. However, Notus API does not store private keys or sensitive user authentication data, ensuring that control over assets remains with the end users.

2. How We Use the Data

The data collected through Notus API serves operational and security purposes. Primarily, we use this information to facilitate onchain transactions, ensure API stability, and provide our clients with insights into their user activity. We do not engage in data monetization, targeted advertising, or unnecessary data sharing.

Security monitoring is a key part of our data usage. By analyzing API logs and transactional metadata, we can detect anomalies, prevent fraud, and maintain a reliable service. Additionally, clients rely on the processed data to comply with financial regulations and implement identity verification protocols.

3. Legal Basis for Processing Data

We process data in accordance with the Lei Geral de Proteção de Dados (LGPD - Brazilian General Data Protection Law, Law 13.709/2018). The processing of personal data is legally justified under different bases, including:

Contractual necessity – To fulfill our obligations as an API provider.

Compliance with legal obligations – When required to adhere to regulatory frameworks.

Legitimate interest – To ensure system integrity, optimize performance, and improve security.

We only retain and use data for the time strictly necessary to provide our services, and we offer mechanisms for users to request data review or deletion when applicable.

4. Data Storage and Security

At Notus API, we implement advanced security measures to prevent unauthorized access, leaks, and data loss. All collected data is encrypted, and access is restricted to authorized personnel only. Our infrastructure undergoes regular security audits to identify vulnerabilities and strengthen protection mechanisms.

We retain data only for as long as it is necessary for the client’s use of the API. If a client discontinues their use of Notus API, their associated data can be deleted upon request. However, anonymized, aggregated data may be used for statistical analysis and service improvement.

5. Data Sharing and Third-Party Access

Notus API operates as a standalone service and does not sell, rent, or share collected data with third parties for marketing or commercial purposes. However, in specific cases, data may be disclosed under legal requirements, such as compliance with judicial orders or regulatory obligations.

If necessary for security reasons, we may also share anonymized technical logs with cybersecurity firms to detect and mitigate potential threats. These cases are strictly limited and do not involve the sharing of personally identifiable information.

6. User Rights Under LGPD

Under LGPD, individuals have the right to access, correct, or delete their data when applicable. Users whose data is processed through Notus API can request access to stored information, contest inaccuracies, and seek clarification on how their data is used.

Clients using Notus API are responsible for informing their users about data processing activities. If an end user wishes to exercise their data rights, they should first contact the client using Notus API. For direct inquiries, our support team is available at support@notus.team.

7. Use of Cookies and Tracking Technologies

Unlike web-based platforms, Notus API does not use cookies or tracking technologies to monitor user activity across websites. However, we log API request metadata, including IP addresses and timestamps, solely for security and performance optimization purposes. This information is not used for behavioral tracking or advertising.

8. International Data Transfers

Depending on server locations and infrastructure providers, data processed through Notus API may be transferred outside Brazil. When this occurs, we ensure compliance with LGPD’s international data transfer requirem