Privacy Policy

Last Updated: December 30, 2025

Fresh Field ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, purchase Investment NFTs, or interact with our platform.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide when:

• Creating an Account: Email address, name, contact information
• Completing KYC/AML: Government-issued ID, proof of address, accreditation documents (for US investors)
• Making an Investment: Wallet address, investment amount, tier selection
• Contacting Support: Email correspondence, support tickets, feedback
• Participating in Governance: Voting preferences, forum posts, community engagement

1.2 Information Collected Automatically

When you visit our website, we automatically collect:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages viewed, time spent, click patterns, referral sources
• Cookies: Session cookies, preference cookies, analytics cookies (see Section 8)
• Wallet Interactions: Wallet address, transaction hashes, NFT holdings

1.3 Blockchain Data

Certain information is recorded on public blockchains:

• Wallet addresses involved in transactions
• NFT transfers and ownership history
• Smart contract interactions
• Revenue distribution transactions

Note: Blockchain data is public, permanent, and cannot be deleted or modified.

2. How We Use Your Information

We use collected information for the following purposes:

2.1 Investment Operations

• Processing NFT purchases and transfers
• Verifying investor accreditation and compliance
• Distributing monthly revenue payments
• Managing equity stakes and governance rights
• Sending investment updates and reports

2.2 Legal Compliance

• Meeting KYC/AML requirements
• Complying with securities regulations (SEC, international)
• Preventing fraud and money laundering
• Responding to legal requests and court orders
• Maintaining required records (e.g., 7 years for financial records)

2.3 Communication

• Sending monthly production reports
• Providing quarterly financial updates
• Notifying about governance votes
• Responding to support inquiries
• Sending important announcements (security, policy changes)

2.4 Platform Improvement

• Analyzing website usage to improve user experience
• Identifying and fixing technical issues
• Developing new features and services
• Conducting surveys and research

3. Information Sharing and Disclosure

3.1 We Share Information With:

Party	Purpose	Data Shared
KYC/AML Providers	Identity verification	ID documents, address proof
Payment Processors	Cryptocurrency distributions	Wallet addresses, payment amounts
Legal/Accounting	Compliance, tax reporting	Investment details, tax forms
Cloud Services	Data storage, hosting	Encrypted user data
Analytics Providers	Website analytics	Anonymized usage data

3.2 Legal Requirements

We may disclose your information if required to:

• Comply with legal obligations, court orders, or government requests
• Enforce our Terms and Conditions
• Protect rights, property, or safety of Fresh Field, users, or the public
• Investigate fraud or security issues

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you before your information is transferred and becomes subject to a different privacy policy.

3.4 What We Don't Do

• ❌ We do not sell your personal information to third parties
• ❌ We do not share data for marketing purposes without consent
• ❌ We do not use your data for unrelated commercial purposes

4. Data Security

4.1 Security Measures

We implement industry-standard security measures:

• Encryption: TLS/SSL for data in transit, AES-256 for data at rest
• Access Controls: Multi-factor authentication, role-based access
• Infrastructure: Secure cloud hosting with redundancy and backups
• Monitoring: 24/7 security monitoring and intrusion detection
• Third-Party Audits: Regular security assessments by external firms

4.2 Smart Contract Security

• Smart contracts audited by reputable security firms
• Bug bounty program for vulnerability disclosure
• Multi-signature wallets for treasury management
• Regular security reviews and updates

5. Data Retention

We retain your information for different periods based on type and purpose:

Data Type	Retention Period	Reason
Account Information	Duration of relationship + 7 years	Legal/regulatory requirements
KYC/AML Documents	7 years after last transaction	Financial regulations
Investment Records	10 years after exit	Securities law compliance
Transaction Data	Permanent (on blockchain)	Blockchain immutability
Communications	3 years	Support and dispute resolution
Analytics Data	26 months	GDPR compliance

6. Your Privacy Rights

6.1 Access and Portability

You have the right to:

• Request a copy of all personal data we hold about you
• Receive your data in a structured, machine-readable format
• Transfer your data to another service provider

6.2 Correction and Deletion

You can:

• Update or correct your personal information
• Request deletion of your data (subject to legal retention requirements)
• Close your account (note: blockchain data cannot be deleted)

6.3 Consent and Objection

• Withdraw consent for marketing communications at any time
• Object to processing based on legitimate interests
• Opt out of non-essential cookies

6.4 Restrictions

Your rights may be limited when:

• We have legal obligations to retain data (KYC, AML, securities law)
• Data is necessary for ongoing investment operations
• Information exists on public blockchains (immutable)
• Deletion would harm other users' rights

6.5 Exercising Your Rights

To exercise these rights, email us at privacy@freshfield.co with:

• Your full name and email address
• Description of your request
• Verification of your identity

We will respond within 30 days.

7. International Data Transfers

7.1 Cross-Border Transfers

Fresh Field operates internationally. Your data may be transferred to and processed in:

• United States (platform hosting)
• European Union (service providers)
• Other jurisdictions where our service providers operate

7.2 Transfer Mechanisms

We ensure adequate protection through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements with all service providers
• Binding Corporate Rules where applicable
• Privacy Shield alternatives and successor frameworks

8. Cookies and Tracking

8.1 Types of Cookies We Use

Cookie Type	Purpose	Duration
Essential	Enable core functionality (login, security)	Session
Preference	Remember your settings and choices	1 year
Analytics	Understand usage patterns (Google Analytics)	2 years
Marketing	Deliver relevant content (optional)	1 year

8.2 Managing Cookies

You can control cookies through:

• Browser settings (block all cookies, delete on exit)
• Our cookie consent banner (opt out of non-essential)
• Third-party opt-out tools (Google Analytics opt-out)

Note: Blocking essential cookies may limit functionality.

9. Third-Party Services

Our platform integrates with third-party services that have their own privacy policies:

9.1 Blockchain Networks

• Ethereum/Polygon: All transactions are public and permanent
• Manifold: NFT minting and marketplace (see Manifold Privacy)

9.2 Wallet Providers

• MetaMask, WalletConnect, Coinbase Wallet
• Each has its own privacy policy and security practices
• We do not control or have access to your wallet private keys

9.3 Analytics

• Google Analytics (anonymized IP, opt-out available)
• Mixpanel (product analytics)

9.4 Communication

• Telegram (community chat - public messages)
• Email providers (encrypted in transit)

10. Children's Privacy

Fresh Field Investment NFTs are not intended for individuals under 18 years of age (or the age of majority in your jurisdiction). We do not knowingly collect information from minors. If we discover we have collected information from a minor, we will delete it immediately.

If you believe a minor has provided us with personal information, please contact us at privacy@freshfield.co.

11. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

11.1 Right to Know

• Categories of personal information collected
• Sources of information
• Business purposes for collection
• Third parties with whom information is shared

11.2 Right to Delete

Request deletion of personal information (subject to legal exceptions)

11.3 Right to Opt-Out

We do not sell personal information. If this changes, we will provide an opt-out mechanism.

11.4 Non-Discrimination

We will not discriminate against you for exercising your CCPA rights.

11.5 Authorized Agent

You may designate an authorized agent to make requests on your behalf.

12. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation:

12.1 Legal Basis for Processing

• Contract: Processing necessary to fulfill investment agreement
• Legal Obligation: KYC/AML compliance, securities regulations
• Legitimate Interest: Fraud prevention, platform security
• Consent: Marketing communications (can be withdrawn)

12.2 Additional Rights

• Right to restriction of processing
• Right to data portability
• Right to object to automated decision-making
• Right to lodge a complaint with a supervisory authority

12.3 Data Protection Officer

For GDPR inquiries, contact our Data Protection Officer at dpo@freshfield.co

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect:

• Changes in our practices or services
• Legal or regulatory requirements
• Technological advancements

We will notify you of material changes via:

• Email to your registered address
• Prominent notice on our website
• Update to the "Last Updated" date at the top

Continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Us

← Back to Home