Privacy Policy
This Privacy Policy (the “Policy”) explains how firstswap.io (“firstswap.io”, the “Company”, “we”, “us” or “our”) collects, uses, and shares data in connection with the firstswap.io web app and/or website and all of our other properties, products, and services (the “Services”). Your use of the Services is subject to this Policy as well as our Terms of Service.
Nature of Service
FirstSwap.io is primarily a non-custodial DeFi interface. Users retain control of private keys. Certain services (such as cross-chain routing or exchange settlement) may involve limited, automated, short-term custody strictly for execution and settlement purposes. Such custody is technical, temporary, and does not create a deposit or fiduciary relationship.
Operator and Jurisdiction
This website (firstswap.io) is operated by WEMLAB OÜ, Tallinn, Estonia. This Privacy Policy applies solely to firstswap.io. Other entities within the broader ecosystem operate independently under their own legal frameworks and policies.
Data Collection
No user accounts, registration, or email onboarding are required. The site does not send marketing emails.
Automatically collected data may include IP address, device/browser information, and technical logs necessary for security and performance.
Blockchain transactions are public by design. Wallet addresses and transaction data are visible on public ledgers but are not linked to personal identity by the platform.
How we use it
Site functionality only. No retention on-site; no emails sent.
Cookies
The website may use minimal cookies or similar technologies for analytics, security, and basic functionality. No behavioral advertising or user profiling is conducted.
Data Sharing
None by us. Hosts may log anonymously. Limited data may be processed by infrastructure providers (hosting, analytics, RPC services) strictly for operational purposes.
Phishing and Security
The platform will never request private keys, seed phrases, or remote access. Users must verify the correct domain before connecting wallets and carefully review all transaction approvals.
Third Party Cookies
We use services provided by Google and other third parties that use tracking technology such as cookies, deviceID, and localStorage, to collect information about your use of the Services and our interactions with you. You can opt out of having your online activity and device data collected through these third-party services, including by:
Blocking cookies in your browser by following the instructions in your browser settings. For more information about cookies, including how to see the cookies on your device, manage them, and delete them, visit www.allaboutcookies.org.
Blocking or limiting the use of your advertising ID on your mobile device through the device settings.
Using privacy plug-ins or browsers. Certain browsers and browser extensions can be configured to block third-party cookies and trackers.
Using the platform opt-out provided by Google at https://adssettings.google.com. You can learn more about how Google uses your information by reviewing Google’s privacy policy at https://policies.google.com/privacy.
Using advertising industry opt-out tools on each device or browser where you use the Services, available at http://optout.aboutads.info and http://optout.networkadvertising.org.
Third-Party Links and Sites
We may integrate technologies operated or controlled by other parties into parts of the Services. For example, the Services may include links that hyperlink to websites, platforms, and other services not operated or controlled by us. Please note that when you interact with these other parties, including when you leave the Site, those parties may independently collect information about you and solicit information from you. You can learn more about how those parties collect and use your data by consulting their privacy policies and other terms.
Security
We implement and maintain reasonable administrative, physical, and technical security safeguards to help protect data from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of information about you. You are responsible for all of your activity on the Services, including the security of your blockchain network addresses, cryptocurrency wallets, and their cryptographic keys.
Age Requirements
The Services are intended for a general audience and are not directed at children. We do not knowingly receive personal information (as defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) from children. If you believe we have received personal information about a child under the age of 18, please contact us at [email protected]
Disclosures for European Union Data Subjects.
We process personal data for the purposes described in the section titled “How We Use Data” above. Our bases for processing your data include: (i) you have given consent to the process to us or our service provides for one or more specific purposes; (ii) processing is necessary for the performance of a contract with you; (iii) processing is necessary for compliance with a legal obligation; and/or (iv) processing is necessary for the purposes of the legitimate interested pursued by us or a third party, and your interests and fundamental rights and freedoms do not override those interests.
Your rights under the General Data Protection Regulations (“GDPR”) include the right to (i) request access and obtain a copy of your personal data, (ii) request rectification or erasure of your personal data, (iii) object to or restrict the processing of your personal data; and (iv) request portability of your personal data. Additionally, you may withdraw your consent to our collection at any time. Nevertheless, we cannot edit or delete information that is stored on a particular blockchain. Information such as your transaction data, blockchain wallet address, and assets held by your address that may be related to the data we collect is beyond our control.
To exercise any of your rights under the GDPR, please contact us at [email protected] We may require additional information from you to process your request. Please note that we may retain information as necessary to fulfill the purpose for which it was collected and may continue to do so even after a data subject request in accordance with our legitimate interests, including to comply with our legal obligations, resolves disputes, prevent fraud, and enforce our agreements.
Your rights
Access, rectification, erasure, restriction, portability, objection, consent withdrawal. Complain to your national DPA.
Additional Notice to California Residents (“CCPA Notice”)
The California Consumer Privacy Act of 2018 (“CCPA”) requires certain businesses to provide a CCPA Notice to California residents to explain how we collect, use, and share their personal information, and the rights and choices we offer California residents regarding our handling of their information.
Privacy Practices.
We do not “sell” personal information as defined under the CCPA. Please review the “Sharing and Disclosure of Information” section above for further details about the categories of parties with whom we share information.
Privacy Rights.
The CCPA gives individuals the right to request information about how we have collected, used, and shared your personal information. It also gives you the right to request a copy of any information we may maintain about you. You may also ask us to delete any personal information that we may have received about you. Please note that the CCPA limits these rights, for example, by prohibiting us from providing certain sensitive information in response to access requests and limiting the circumstances under which we must comply with a deletion request. We will respond to requests for information, access, and deletion only to the extent we are able to associate, with a reasonable effort, the information we maintain with the identifying details you provide in your request. If we deny the request, we will communicate the decision to you. You are entitled to exercise the rights described above free from discrimination.
Submitting a Request.
You can submit a request for information, access, or deletion to [email protected]
Identity Verification.
The CCPA requires us to collect and verify the identity of any individual submitting a request to access or delete personal information before providing a substantive response.
Authorized Agents.
California residents can designate an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming their authority.
Changes to this Policy
If we make material changes to this Policy, we will notify you via the Services. Nevertheless, your continued use of the Services reflects your periodic review of this Policy and other Company terms, and indicates your consent to them.
Contact
Privacy inquiries: [email protected]
Last updated: February 17, 2026.