Privacy Policy

Effective date: 14 May 2026. This policy applies to the KXCO Armature block explorer and all associated web properties operated by Knightsbridge Group.

1. Who We Are

Knightsbridge Group (“we”, “us”, “our”) is the data controller for personal data processed in connection with the KXCO Armature block explorer and related services.

For the purposes of the EU General Data Protection Regulation (GDPR), UK GDPR, and equivalent legislation, Knightsbridge Group determines the purposes and means of processing personal data collected through this platform.

Privacy enquiries: legal@knightsbridge.asia

2. Data We Collect

We collect personal data only to the extent necessary to operate the service. The categories are:

Category	Data elements	Source	Required?
Technical log data	IP address, browser type, page requested, timestamp, referrer	Automatically collected	Operational
Contact enquiries	Name, work email address, organisation, message content	Provided by you via contact form or email	Voluntary
Blockchain query data	Wallet addresses, transaction hashes, block numbers entered into search	Provided by you via explorer search	Voluntary
Support correspondence	Email address, content of support communications	Provided by you via email	Voluntary

We do not collect payment card data, government identity documents, biometric data, or special-category personal data. We do not run advertising networks or behavioural profiling.

Note on blockchain data: Wallet addresses and transaction hashes submitted to the explorer are used solely to retrieve and display public blockchain data. This data is already publicly available on-chain and is not stored by us beyond standard server log retention.

3. How We Use Your Data

We use the data we collect for the following purposes:

Operating the service — serving explorer pages, processing blockchain queries, maintaining uptime.
Security and fraud prevention — detecting and blocking abusive traffic, rate limiting, incident investigation.
Responding to enquiries — processing contact form submissions and email correspondence.
Legal compliance — meeting obligations under applicable law, including responding to lawful regulatory requests.
Service improvement — analysing aggregate, anonymised usage patterns to improve performance and content.

We do not sell personal data. We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects.

4. Legal Basis for Processing (GDPR / UK GDPR)

For individuals in the European Economic Area, the United Kingdom, and other jurisdictions that require a lawful basis for processing personal data, we rely on the following:

Processing activity	Lawful basis	Article (GDPR)
Server log collection / security	Legitimate interests — operating a secure service	6(1)(f)
Responding to contact enquiries	Legitimate interests / performance of a contract (pre-contractual)	6(1)(b) / 6(1)(f)
Legal compliance	Legal obligation	6(1)(c)
Service analytics (aggregated)	Legitimate interests — improving the service	6(1)(f)

Where we rely on legitimate interests, we have conducted a balancing test. You may request a copy of our legitimate interests assessment by contacting legal@knightsbridge.asia.

5. Data Retention

Data category	Retention period	Basis
Server access logs	90 days	Security incident investigation window
Contact / support correspondence	3 years from last contact	Legitimate interests; potential legal claims
Legal hold data	Duration of legal proceedings + statutory period	Legal obligation

At the end of the applicable retention period, personal data is securely deleted or anonymised.

7. International Data Transfers

Knightsbridge Group operates internationally. Your personal data may be transferred to and processed in countries outside your country of residence, including countries that may not provide the same level of data protection as your home jurisdiction.

Where we transfer personal data originating in the European Economic Area, United Kingdom, or Switzerland to third countries, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
UK International Data Transfer Agreements (IDTAs) where applicable
Adequacy decisions recognised by the relevant supervisory authority

For California residents: we do not sell personal information as defined under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA).

For Singapore residents: our processing practices are designed to comply with the Personal Data Protection Act 2012 (PDPA) and its 2020 amendments.

For residents of other jurisdictions with applicable privacy legislation (including Thailand PDPA, India DPDP Act, Brazil LGPD, Canada PIPEDA/Law 25): we apply the principles set out in this policy and comply with applicable local requirements. Please contact us if you have jurisdiction-specific questions.

8. Your Rights

Depending on your location, you may have the following rights in relation to your personal data. To exercise any right, contact legal@knightsbridge.asia. We will respond within 30 days (or the period required by applicable law).

Right	Jurisdiction	What it means
Access	EEA / UK / Singapore / most jurisdictions	Request a copy of personal data we hold about you.
Rectification	EEA / UK / most jurisdictions	Request correction of inaccurate or incomplete personal data.
Erasure	EEA / UK (Article 17 GDPR)	Request deletion of your personal data where there is no overriding legal basis to retain it.
Restriction	EEA / UK (Article 18 GDPR)	Request that we restrict processing while accuracy or legal basis is disputed.
Portability	EEA / UK (Article 20 GDPR)	Receive personal data you provided to us in a structured, machine-readable format.
Object	EEA / UK (Article 21 GDPR)	Object to processing based on legitimate interests or for direct marketing. We will stop unless we have compelling grounds.
Withdraw consent	Where processing is consent-based	Withdraw consent at any time without affecting the lawfulness of prior processing.
Opt out of sale	California (CCPA/CPRA)	We do not sell personal information. No opt-out is required, but you may contact us to confirm.
Non-discrimination	California (CCPA/CPRA)	You will not be discriminated against for exercising privacy rights.
Lodge a complaint	EEA / UK / Singapore	Complain to your local supervisory authority (e.g. ICO in the UK, your national DPA in the EU, PDPC in Singapore).

We may need to verify your identity before processing a request. We will not charge a fee unless a request is manifestly unfounded or excessive.

9. Cookies & Tracking Technologies

The KXCO Armature block explorer uses only technically necessary cookies and does not deploy advertising cookies, tracking pixels, or third-party analytics scripts by default.

Cookie / technology	Purpose	Duration	Essential?
Session storage	Preserving user preferences within a session (e.g. search state)	Session	Yes
Server logs	IP address and request logging for security and operations	90 days	Yes

We do not use Google Analytics, Meta Pixel, LinkedIn Insight Tag, or equivalent third-party tracking technologies. If this changes, this policy will be updated and users in jurisdictions requiring consent will be presented with a consent mechanism before any non-essential tracking begins.

10. Security

We implement technical and organisational measures appropriate to the risk of processing, including encryption in transit (TLS), access controls, and network-level segmentation. KXCO Armature infrastructure applies post-quantum cryptographic protections at the transaction layer — see our Quantum Preparedness page for details.

No transmission over the internet is entirely secure. If you believe your personal data has been compromised, contact us immediately at security@knightsbridge.asia.

11. Children

This service is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that personal data has been collected from a child without verified parental consent, we will delete it promptly. Contact legal@knightsbridge.asia if you believe this has occurred.

12. Changes to This Policy

We may update this policy from time to time. Material changes will be indicated by a revised effective date at the top of this page. Where required by law, we will provide additional notice (for example, by email or prominent site notice). Continued use of the service after a policy update constitutes acceptance of the revised terms where permitted by applicable law.

We recommend reviewing this page periodically. Prior versions are available on request.

13. Contact Us

For all privacy-related enquiries, data subject access requests, and complaints:

Organisation: Knightsbridge Group

Privacy contact: legal@knightsbridge.asia

Legal notices: legal@knightsbridge.asia

Security disclosures: security@knightsbridge.asia

EEA residents who are not satisfied with our response have the right to lodge a complaint with their national data protection supervisory authority. UK residents may contact the Information Commissioner’s Office (ICO) at ico.org.uk. Singapore residents may contact the Personal Data Protection Commission (PDPC) at pdpc.gov.sg.