Sardis

Privacy Policy

How Sardis Labs, Inc. collects, uses, discloses, and safeguards your information.

Last updated: March 25, 2026

1. Introduction

Sardis Labs, Inc. ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, APIs, and services.

2. Information We Collect

Information You Provide

  • Account Information: Name, email address, organization name
  • Identity Verification: Government ID, address, date of birth (for KYC)
  • Payment Information: Billing address, payment method details
  • Communications: Messages you send to our support team

Information Collected Automatically

  • Usage Data: API calls, feature usage, error logs
  • Device Information: IP address, browser type, operating system
  • Blockchain Data: Wallet addresses, transaction hashes (public data)
  • Cookies: Session cookies, analytics cookies

Information from Third Parties

  • Identity Verification: Data from Didit (KYC provider)
  • Sanctions Screening: Results from Elliptic (AML provider)
  • Blockchain Data: Public transaction data from blockchain networks

3. How We Use Your Information

We use collected information to provide and maintain our Services, process transactions and manage your account, comply with KYC/AML and other legal requirements, prevent fraud and enforce spending policies, send service-related communications, and improve and personalize our Services.

For users in the EEA, we process personal data based on contract performance, legal obligations, legitimate interests, and consent (for marketing where required).

5. Information Sharing

We may share your information with service providers (Turnkey, Didit, Elliptic, cloud providers), when required by law, or in connection with business transfers.

We Never Sell Your Data. We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Data Retention

  • Account Data: Duration of account + 3 years
  • Transaction Records: 7 years (regulatory requirement)
  • KYC Documents: 5-7 years depending on jurisdiction
  • Audit Logs: 7 years (compliance requirement)
  • Usage Analytics: 2 years (anonymized after)

7. Your Rights

Depending on your location, you may have the right to access, rectification, erasure, portability, objection, restriction, and withdrawal of consent.

Note: Some data (e.g., transaction records, audit logs) cannot be deleted due to regulatory requirements. Blockchain data is permanent and immutable.

8. Data Security

We implement encryption in transit (TLS 1.3) and at rest (AES-256), non-custodial architecture, MPC technology for secure signing, regular security audits, SOC 2 Type II compliance (in progress), and access controls and audit logging.

9. International Transfers

Your data may be transferred to countries outside your jurisdiction, including the United States. We ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) for EEA data.

10. Contact Us

Email: legal@sardis.sh

General Inquiries: contact@sardis.sh

Website: https://sardis.sh

Terms of Service

Terms of Service for Sardis Labs, Inc. payment infrastructure for AI agents.

Acceptable Use Policy

Rules governing the use of Sardis payment infrastructure for AI agents.

On this page

1. Introduction2. Information We CollectInformation You ProvideInformation Collected AutomaticallyInformation from Third Parties3. How We Use Your Information4. Legal Basis for Processing (GDPR)5. Information Sharing6. Data Retention7. Your Rights8. Data Security9. International Transfers10. Contact Us