🎉

GLSH Token Presale is LIVE!

Buy

Sign in to access your account

Sign In
glasshaus
glasshausglasshaus
Legal

Privacy Policy

Last Updated: October 17, 2025•Version: 1.0

1. Introduction

This Privacy Policy describes how Glasshaus Technology, LLC, a Wyoming limited liability company (“Glasshaus,” “we,” “us,” or “our”), collects, uses, shares, and protects personal information when you use our website located at glasshaus.app (the “Site”), mobile applications, and/or other platforms (collectively, the “Services”).

By accessing or using our Services, you agree to this Privacy Policy. If you do not agree with our policies and practices, do not use our Services.

Data Controller: For personal information collected through the Services, Glasshaus Technology, LLC is the data controller.

2. Information We Collect

2.1 Information You Provide to Us

Account Information

When you create an account, we collect:

  • Email address
  • Password (hashed and encrypted, never stored in plain text)
  • Name (if provided)
  • Account preferences and settings

Wallet Information

When you connect a Cardano wallet:

  • Wallet addresses (stake address and payment addresses)
  • Wallet provider name (e.g., Lace, Eternl, Nami)
  • Public keys (for transaction verification)

Important: We never collect or have access to your private keys, seed phrases, or wallet passwords. You maintain full custody of your digital assets.

KYC/AML Information (Will be Collected by Broker-Dealer)

Before purchasing property tokens (securities), you will be required to complete identity verification through our registered broker-dealer partner (when property token offerings become available, expected Q1-Q2 2026). The broker-dealer will collect:

  • Full legal name
  • Date of birth
  • Social Security Number or Tax Identification Number
  • Residential address
  • Phone number
  • Government-issued photo identification
  • Selfie for liveness verification
  • Source of funds information
  • Bad actor disqualification information (required for Regulation A)
  • Additional verification as required for non-accredited investors

Critical: This information will be collected and stored by our broker-dealer partner, not by Glasshaus Technology, LLC. The broker-dealer will be the data controller for KYC information. We will receive only verification status (verified/pending/rejected) and will not store your KYC documents or sensitive identity information.

Current Status: As property token offerings are not yet available and we are in the process of establishing our broker-dealer partnership, KYC/AML verification is not currently required. This section describes future practices.

Communications

When you contact us or sign up for updates, we collect:

  • Email address
  • Name (if provided)
  • Message content
  • Communication preferences

2.2 Information We Collect Automatically

Usage Data

When you use our Services, we automatically collect:

  • IP address
  • Device information (type, model, operating system)
  • Browser type and version
  • Pages visited and features used
  • Time and date of access
  • Referring website
  • Click patterns and navigation paths

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. Types of cookies we use:

  • Essential Cookies: Required for basic functionality (authentication, security)
  • Analytics Cookies: Help us understand how users interact with the platform (Google Analytics, Vercel Analytics)
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling essential cookies may impair your ability to use certain features.

2.3 Information from Blockchain

We collect publicly available information from the Cardano blockchain:

  • Transaction hashes and history
  • Token holdings (property tokens, GLSH tokens)
  • Smart contract interactions
  • Wallet addresses and balances

Public by Nature: This information is publicly visible on the Cardano blockchain and cannot be deleted or modified due to blockchain immutability. Wallet addresses are pseudonymous but may be linkable to your identity if you associate your wallet with your account.

3. How We Use Your Information

We use your information for the following purposes:

3.1 Providing Services

  • Create and maintain your account
  • Process transactions and manage investments
  • Display your portfolio and investment performance
  • Facilitate wallet connections and blockchain interactions
  • Provide customer support

3.2 Security and Fraud Prevention

  • Verify your identity (in coordination with broker-dealer)
  • Detect and prevent fraud, money laundering, and other illegal activities
  • Protect against unauthorized access to accounts
  • Monitor for suspicious activity
  • Comply with legal obligations (KYC/AML, sanctions screening)

3.3 Communications

  • Send transactional emails (account confirmations, investment receipts, distribution notifications)
  • Send service-related announcements (platform updates, maintenance, security alerts)
  • Send marketing communications (with your consent, opt-out available)
  • Respond to your inquiries and support requests

3.4 Analytics and Improvement

  • Analyze platform usage and user behavior
  • Improve Services, features, and user experience
  • Conduct research and development
  • Generate aggregated, anonymized statistics

3.5 Legal Compliance

  • Comply with legal obligations and regulations
  • Respond to legal requests (subpoenas, court orders)
  • Enforce our Terms of Service
  • Protect our rights, property, and safety

4. How We Share Your Information

We share your information in the following circumstances:

4.1 Broker-Dealer Partner (Pending)

When property token offerings become available (expected Q1-Q2 2026), we will share limited information with our registered broker-dealer partner to facilitate property token transactions:

  • Name and email address
  • Investment transaction details
  • Wallet addresses (for token delivery)
  • Transaction history (for regulatory compliance and reporting)

The broker-dealer will collect additional KYC information directly from you and will be the data controller for that information. We are currently in the process of establishing our broker-dealer partnership. No information is currently shared with any broker-dealer as property tokens are not yet offered.

4.2 Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Hosting and Infrastructure: Vercel, AWS, or similar (website hosting)
  • Email Services: SendGrid, Mailchimp, or similar (transactional and marketing emails)
  • Analytics: Google Analytics, Vercel Analytics (usage analytics)
  • Customer Support: Support ticketing and chat services
  • Payment Processing: Stripe or similar (for any fiat payments)

These service providers are contractually obligated to use your information only for providing services to us and to implement appropriate security measures.

4.3 Property Managers (Limited)

For property token holders, we may share limited information with property management companies for operational purposes:

  • Number of token holders (for distribution calculations)
  • Aggregated ownership information

We do NOT share individual investor names or personal details with property managers.

4.4 Legal Compliance

We may disclose your information if required by law or in response to:

  • Subpoenas, court orders, or legal process
  • Law enforcement or government requests
  • Protecting our rights, property, or safety
  • Preventing fraud or illegal activity
  • Enforcing our Terms of Service

4.5 Business Transfers

In the event of a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our website of any change in ownership or use of your personal information.

4.6 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Blockchain and Data Immutability

5.1 Public Blockchain Data

When you interact with the Cardano blockchain (connecting wallet, receiving tokens, making transactions), certain information becomes publicly and permanently visible:

  • Your wallet addresses
  • Token holdings and balances
  • Transaction history
  • Smart contract interactions

Important: Blockchain data is immutable and cannot be deleted, modified, or hidden. This is a fundamental characteristic of blockchain technology, not a limitation of our platform.

5.2 Pseudonymity vs. Anonymity

Wallet addresses are pseudonymous (not directly linked to your identity) but are not anonymous:

  • If you associate your wallet with your account, we can link on-chain activity to you
  • If you share your wallet address publicly, others may link transactions to you
  • Blockchain analysis firms can potentially link wallet addresses to identities

Exercise caution when sharing wallet addresses publicly or linking them to personally identifiable information.

5.3 Right to Erasure Limitations

Due to blockchain immutability, we cannot delete or modify:

  • On-chain transaction records
  • Token ownership records
  • Smart contract interactions
  • Wallet addresses on the blockchain

We CAN delete off-chain data we control (account information, email address, usage data). See Section 9 for your data rights.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

6.1 Security Measures

  • Encryption: All data encrypted in transit (TLS/SSL) and at rest (AES-256)
  • Password Security: Passwords hashed using bcrypt with salt
  • Access Controls: Limited employee access on need-to-know basis
  • Network Security: Firewalls, intrusion detection, regular security audits
  • Regular Updates: Security patches applied promptly
  • Monitoring: Automated monitoring for suspicious activity

6.2 Wallet Security

We never have access to your wallet's private keys or seed phrase. You are solely responsible for:

  • Safeguarding your private keys and seed phrase
  • Using strong passwords for your wallet
  • Enabling two-factor authentication (if available)
  • Verifying transaction details before signing
  • Not sharing your private keys with anyone

We cannot recover lost or stolen private keys. Loss of private keys may result in permanent loss of your tokens.

6.3 Limitations

While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security. You provide information at your own risk.

7. Data Retention

We retain your personal information for as long as necessary to provide Services and comply with legal obligations:

  • Account Data: Duration of account plus 7 years (for legal/tax requirements)
  • Transaction Records: 7 years minimum (SEC and tax requirements)
  • KYC Data: Held by broker-dealer per their retention policy (typically 5-7 years after account closure)
  • Blockchain Data: Permanent (immutable)
  • Marketing Data: Until you opt out or request deletion
  • Usage Logs: 12-24 months

After retention periods expire, we securely delete or anonymize personal information unless longer retention is required by law.

8. International Data Transfers

Your information is processed in the United States, where Glasshaus Technology, LLC is based. If you are located outside the United States, please be aware that:

  • Information you provide may be transferred to and processed in the United States
  • United States privacy laws may differ from those in your country
  • By using our Services, you consent to the transfer of your information to the United States

For users in the European Economic Area (EEA) or United Kingdom (UK), we rely on:

  • Your explicit consent to transfer data to the United States
  • Standard Contractual Clauses (SCCs) approved by the European Commission (where applicable with service providers)

9. Your Privacy Rights

9.1 General Rights

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements and blockchain immutability)
  • Portability: Receive your personal information in a structured, machine-readable format
  • Objection: Object to processing of your personal information for certain purposes
  • Restriction: Request restriction of processing in certain circumstances
  • Opt-Out: Unsubscribe from marketing communications

9.2 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request disclosure of categories and specific pieces of personal information collected
  • Right to Delete: Request deletion of personal information (subject to exceptions)
  • Right to Opt-Out: Opt-out of sale of personal information (we do NOT sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

To exercise your California privacy rights, contact us at privacy@glasshaus.app. We will verify your identity before processing requests.

9.3 European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR):

  • All rights listed in Section 9.1
  • Withdraw Consent: Withdraw consent for processing at any time
  • Lodge Complaint: File a complaint with your local data protection authority
  • Data Protection Officer: Contact our DPO at privacy@glasshaus.app

Legal Basis for Processing: We process your data based on:

  • Your consent (marketing communications, analytics cookies)
  • Performance of contract (providing Services)
  • Legal obligations (KYC/AML compliance)
  • Legitimate interests (fraud prevention, platform improvement)

9.4 Exercising Your Rights

To exercise any of these rights:

  • Email us at privacy@glasshaus.app
  • Include your name, email address, and description of request
  • We will verify your identity and respond within 30 days (45 days for complex requests)

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe we have collected information from your child, please contact us at privacy@glasshaus.app, and we will promptly delete such information.

11. Cookie Policy

11.1 Types of Cookies

We use the following types of cookies:

  • Strictly Necessary: Required for platform functionality (cannot be disabled)
  • Performance/Analytics: Help us understand how users interact with the platform
  • Functional: Remember your preferences and settings
  • Targeting/Advertising: We do NOT currently use advertising cookies

11.2 Managing Cookies

You can control cookies through:

  • Browser Settings: Most browsers allow you to refuse or delete cookies
  • Cookie Preferences: Manage non-essential cookies via our cookie banner
  • Opt-Out Tools: Google Analytics opt-out:https://tools.google.com/dlpage/gaoptout

Note: Disabling cookies may impair certain features of the Services.

11.3 Do Not Track

Some browsers have “Do Not Track” features. Currently, there is no industry standard for responding to DNT signals. We do not currently respond to DNT signals but will update this policy if standards emerge.

Our Services may contain links to third-party websites, applications, or services that are not operated by us:

  • Cardano blockchain explorers (Cardanoscan, etc.)
  • Wallet providers (Lace, Eternl, Nami)
  • Social media platforms
  • Partner websites

We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page with updated “Last Updated” date
  • Sending an email notification to registered users
  • Displaying a prominent notice on our website

Material changes will be effective 7 days after posting or notification. Your continued use of the Services after the effective date constitutes your acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Glasshaus Technology, LLC
Privacy Team
Email: privacy@glasshaus.app
General Support: support@glasshaus.app
Website: glasshaus.app

Response Time: We aim to respond to all privacy inquiries within 30 days. For urgent security matters, use “URGENT - SECURITY” in your email subject line.

15. California “Shine the Light” Law

California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. We do NOT share personal information with third parties for their direct marketing purposes.

16. Nevada Residents

Nevada residents may opt out of the sale of certain “covered information” under Nevada law. We do NOT sell covered information as defined by Nevada law. If you are a Nevada resident and have questions, contact us at privacy@glasshaus.app.

Last Updated: October 17, 2025

Terms of Service | Help Center

Privacy Policy | glasshaus