Privacy Policy

Effective Date: April 8, 2026

This Privacy Policy describes how Move Industries, Inc., a Delaware corporation ("Move Industries," "Company," "we," "us," or "our"), collects, uses, discloses, retains, and otherwise processes information in connection with the Motion browser extension wallet and any related websites, software, interfaces, features, or services we provide in connection with Motion (collectively, the "Services").

Motion is a non-custodial browser extension wallet designed to allow users to generate or import wallets, manage private keys or key shares through local device storage or supported third-party wallet infrastructure, sign transactions client-side, and interact with blockchain networks and decentralized applications. We do not custody digital assets, do not control user transactions, and do not have unilateral access to your private keys. Blockchain technology is public and decentralized by design, and your use of the Services necessarily involves information that may be public, persistent, and outside our control.

By accessing or using the Services, you acknowledge that you have read and understand this Privacy Policy.

1. Definitions

For purposes of this Privacy Policy:

  • "Applicable Data Protection Law" means, as applicable, the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the UK GDPR, the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CPRA"), and other applicable privacy, data protection, and electronic communications laws.
  • "Blockchain Data" means information recorded on a public blockchain or otherwise visible through blockchain infrastructure, including wallet addresses, transaction hashes, smart contract interactions, and related public metadata.
  • "dApp" means a decentralized application, protocol, smart contract interface, or similar third-party service accessible through the Services.
  • "Digital Asset" means a cryptoasset, token, coin, NFT, or similar blockchain-based asset.
  • "Personal Information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person, household, or device, and includes "personal data" as that term is used under the GDPR and "personal information" as that term is used under the CPRA, as applicable.
  • "Services" has the meaning given in the introduction.
  • "Wallet" means a non-custodial software wallet, browser extension wallet, key management interface, or related cryptographic signing tool made available through the Services.
  • "Website" means any website controlled by the Company and used in connection with Motion.
  • "User," "you," and "your" mean any individual or entity that accesses or uses the Services.

2. Scope of Policy

This Privacy Policy applies to Personal Information processed by the Company in connection with the Services.

This Privacy Policy does not apply to:

  • public blockchain networks or Blockchain Data not controlled by us;
  • third-party wallets, wallet infrastructure, dApps, smart contracts, or protocols;
  • third-party websites, products, or services that are not controlled by us; or
  • information that is processed independently by third parties under their own terms and privacy policies.

Those third parties are responsible for their own privacy practices, and we encourage you to review their policies carefully.

3. Information We Collect

We collect information in a limited manner consistent with the operation of a non-custodial wallet product.

3.1 Information You Provide

We may collect information that you voluntarily provide to us, such as:

  • name;
  • email address;
  • support communications;
  • feedback;
  • bug reports;
  • survey responses;
  • account or profile information, if any such feature is made available; and
  • any other information you choose to provide through the Services or by contacting us.

3.2 Wallet and Blockchain Information

If you use the Wallet or interact with blockchain functionality through the Services, we may collect or receive:

  • wallet address;
  • public transaction references;
  • limited wallet event data;
  • network name;
  • token symbol, where whitelisted and necessary for the relevant feature;
  • success or failure flags;
  • sanitized error categories;
  • extension version; and
  • related technical metadata needed to provide, secure, support, or improve the Services.

We may associate a wallet address with an anonymous persistent UUID or other internal identifier for analytics, security, support, and product improvement purposes. We do not use the wallet address as our primary analytics identifier.

We do not intentionally collect transaction amounts, counterparties, full transaction payloads, or full wallet balance histories as a behavioral analytics feed. We also do not intentionally collect dApp URLs, query strings, or path-level browsing data from dApp interactions.

3.3 Usage and Event Information

We may collect limited event-level usage data, including:

  • onboarding events, such as installation, wallet creation, and backup verification;
  • engagement events, such as unlock success or failure and general page views;
  • transaction-related events, such as send or swap success or failure, without amounts;
  • dApp interaction events, such as connect, sign, approve, or reject; and
  • settings events, such as network switching or locking.

This information is used for product analytics, troubleshooting, security, and service improvement.

3.4 Device and Technical Information

We may automatically collect:

  • browser type and version;
  • operating system;
  • extension version;
  • device type;
  • language preferences;
  • log data;
  • diagnostic and crash data;
  • performance data;
  • runtime identifiers;
  • IP address; and
  • approximate location information (such as country, region, or city) derived from IP address or similar technical signals, including as provided by our analytics providers.

We do not intentionally collect precise GPS location or other fine-grained geolocation data. However, our service providers may derive more granular approximate location information (such as city-level data) from IP address or similar signals.

3.5 Information from Third Parties

We may receive information from third parties that support the Services, including:

  • wallet infrastructure providers, such as MPC or embedded wallet providers;
  • analytics providers, such as Mixpanel or equivalent services;
  • blockchain RPC providers;
  • indexing providers;
  • hosting and cloud providers; and
  • other service providers or connected services you authorize.

These providers may process certain technical information (such as IP address or device data) and may derive or enrich data, including approximate location information, in accordance with their own technologies and configurations.

4. Legal Bases for Processing

If you are located in the EEA, the United Kingdom, or another jurisdiction that requires a legal basis for processing Personal Information, we process Personal Information only where we have a lawful basis to do so.

Depending on the context, our legal bases may include:

  • Contract Performance. We process Personal Information to provide the Services you request, including wallet functionality, transaction support, account features, and user support.
  • Legitimate Interests. We process Personal Information to operate, secure, protect, improve, and analyze the Services; detect fraud and abuse; troubleshoot issues; and defend our legal rights, provided that our interests are not overridden by your rights and freedoms.
  • Consent. Where required by law, we rely on your consent for certain analytics, cookies, or other optional processing activities. You may withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
  • Legal Obligation. We process Personal Information where necessary to comply with applicable law, regulation, court order, subpoena, or other legal process.
  • Vital Interests. In rare cases, we may process Personal Information where necessary to protect someone's vital interests.
  • Public Interest / Official Authority. Where applicable, we may process information for reasons of substantial public interest or in connection with official authority obligations, to the extent permitted by law.

If you are in California, our collection, use, and disclosure of Personal Information are governed by the CPRA and other applicable law, and the categories of information we collect and use are described in this Privacy Policy.

5. How We Use Information

We do not intentionally collect analytics data prior to obtaining consent where such consent is required by applicable law. We may use Personal Information and other information we collect for the following purposes:

  • to provide, operate, and maintain the Services;
  • to enable wallet creation, import, signing, connection, and display functionality;
  • to authenticate users and maintain sessions;
  • to support blockchain interactions and dApp connectivity;
  • to provide customer support and respond to inquiries;
  • to analyze use of the Services and improve functionality, reliability, and user experience;
  • to detect, prevent, and respond to fraud, abuse, malware, unauthorized access, and security incidents;
  • to comply with legal and regulatory obligations;
  • to enforce our terms, policies, and rights;
  • to conduct internal research, debugging, and analytics; and
  • to carry out any other purpose disclosed at the time of collection or otherwise permitted by law.

We may use analytics data to understand how users interact with Motion, including installation, onboarding completion, unlock success or failure, dApp connection events, signing behavior, and similar product interactions. This helps us improve the Services and identify technical problems.

6. Blockchain Data Disclosure

Blockchain data is public, persistent, and generally immutable. Accordingly:

  • Blockchain Data may be visible to anyone;
  • Blockchain Data may be copied, indexed, analyzed, or republished by third parties;
  • we cannot delete, modify, or restrict access to Blockchain Data once it is recorded on-chain; and
  • we cannot guarantee anonymity, confidentiality, or unlinkability for blockchain activity.

Wallet addresses, transaction histories, and other blockchain interactions may be associated with your identity by us or by third parties using analytics, network metadata, exchange records, device data, or other sources outside our control.

7. Non-Custodial Wallet Explanation

The Wallet is non-custodial software. This means:

  • you control your wallet and its private keys or key shares;
  • we do not custody your Digital Assets;
  • we do not have unilateral access to your private keys, seed phrase, or recovery materials;
  • we do not control or initiate transactions on your behalf; and
  • we cannot recover lost keys or reverse confirmed blockchain transactions.

If you use third-party wallet infrastructure, that provider may use MPC, encrypted key shares, device authentication, or similar mechanisms. The provider's processing of information is governed by its own privacy policy and terms, and we are not responsible for that provider's independent practices.

8. Sharing of Information

We may share information in the following circumstances:

  • We may share information with vendors and service providers that perform services for us, including hosting, analytics, security, support, diagnostics, communications, and professional services.
  • We may share information with wallet infrastructure providers that support wallet creation, signing, authentication, recovery, or related functions.
  • We may share information with RPC providers, node operators, indexers, and similar infrastructure providers to support blockchain interactions and service reliability.
  • If you connect the Wallet to a dApp or third-party service, information may be shared with that service at your direction or as necessary to provide the requested functionality.
  • We may disclose information where we believe in good faith that disclosure is necessary to comply with law or legal process, protect rights or safety, investigate fraud or abuse, or enforce our agreements.
  • We may disclose information in connection with a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, subject to applicable law.
  • We may share aggregated, de-identified, or otherwise non-identifiable information for analytics, research, reporting, and product improvement.

9. Third-Party Services

The Services may integrate with or link to third-party wallets, dApps, protocols, bridges, analytics tools, and blockchain infrastructure. Those services are independent from us. We do not control their privacy practices, terms, or security. Your use of third-party services is at your own risk and subject to the applicable third party's terms and privacy policy.

10. Cookies, Analytics, and Similar Technologies

We may use cookies, SDKs, pixels, local storage, tags, scripts, or similar technologies in connection with the Services or related web properties. We may use analytics providers, including Mixpanel or equivalent services, to measure usage, diagnose issues, and improve the Services. We may use event-level analytics to understand how users interact with Motion, including onboarding, unlock behavior, dApp interaction, transaction success or failure, and settings usage. We do not intentionally use analytics to collect transaction amounts, counterparties, full transaction payloads, precise location data, or full dApp URLs, query strings, or path-level browsing data from dApp interactions.

Where required by law, we will obtain your consent before enabling analytics or similar tracking technologies and will provide you with the ability to withdraw that consent at any time. Depending on your device, browser, or product settings, you may be able to disable or limit certain analytics or tracking features. If you do so, some features of the Services may not function properly.

Where required by applicable law (including in the European Economic Area and United Kingdom), we will not enable analytics or similar tracking technologies until you have provided your consent. In such jurisdictions, analytics features are disabled by default and will only be activated after you affirmatively opt in. You may withdraw your consent at any time through available settings.

11. Data Retention

We retain Personal Information only for as long as reasonably necessary to:

  • provide and maintain the Services;
  • fulfill the purposes described in this Privacy Policy;
  • comply with legal, accounting, tax, audit, and regulatory obligations;
  • resolve disputes;
  • enforce our agreements; and
  • protect against fraud, abuse, or security incidents.

Retention periods vary depending on the category of information, our legal obligations, the sensitivity of the information, and our operational needs. Where appropriate, we may delete, de-identify, archive, or pseudonymize information.

We cannot delete or modify Blockchain Data recorded on public blockchains.

12. International Data Transfers

We are based in the United States, and we may process information in the United States and other countries where we or our service providers operate. If you are located outside the United States, your information may be transferred to jurisdictions with different data protection laws. Where required by Applicable Data Protection Law, we use appropriate safeguards for such transfers, which may include:

  • standard contractual clauses;
  • data processing agreements;
  • supplementary measures; or
  • other lawful transfer mechanisms.

13. Your Rights

Depending on your location, you may have certain rights regarding your Personal Information, subject to applicable law. These may include:

  • access;
  • correction;
  • deletion;
  • portability;
  • restriction;
  • objection;
  • withdrawal of consent; and
  • the right to opt out of certain processing, including certain analytics, profiling, or targeted advertising where applicable.

If you are in the EEA or UK, you may have additional rights under the GDPR or UK GDPR, including the right to lodge a complaint with your local supervisory authority. If you are a California resident, you may have rights to know, access, correct, delete, and opt out of certain sharing or use of Personal Information, as well as the right to limit use of sensitive personal information where applicable. We do not sell Personal Information in the conventional sense. However, certain analytics or tracking activities may be considered a "sale," "sharing," or similar concept under California law, depending on how they are implemented and used. If so, you may have the right to opt out.

Your rights generally apply only to off-chain Personal Information that we control. We cannot delete, correct, or restrict Blockchain Data or compel third parties to modify public blockchain records. To exercise your rights, contact us using the information in the Contact Information section below. We may need to verify your identity and may deny requests where permitted by law. We will not discriminate against you for exercising your rights under applicable law.

You may also disable analytics or similar tracking features through available settings in the Services, where such functionality is provided.

14. Security

We use reasonable administrative, technical, and organizational measures designed to protect information in our possession or control. However, no security system is perfect, and we cannot guarantee absolute security. You are responsible for securing your device, browser, wallet, private keys, recovery materials, passwords, and connected accounts. You should verify all transaction details and take appropriate precautions against phishing, malware, and social engineering.

15. Children's Privacy

The Services are not intended for use by children, and we do not knowingly collect Personal Information from children under 18. If we learn that we have collected Personal Information from a child under 18, we will take appropriate steps to delete it as required by law.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or the Services. If we make material changes, we may provide notice by posting an updated version, updating the effective date, or using other reasonable means. Your continued use of the Services after the effective date of an updated Privacy Policy constitutes your acknowledgment of the updated policy to the extent permitted by law.

17. Contact Information

If you have questions about this Privacy Policy or our privacy practices, or if you would like to exercise your rights, you may contact us at:

Move Industries, Inc.
Attn: Privacy / Legal
Email: legal@moveindustries.xyz