← Back to Ring Wallet

Ring Labs Privacy Policy

Last modified: April 13, 2026

This Privacy Policy (the “Policy”) explains how BOTBOT LTD. (“Ring Labs”, the “Company”, “we”, “us” or “our”) collects, uses, and shares data in connection with Ring Wallet, a self-custody cryptocurrency wallet available as a progressive web application at https://wallet.ring.exchange and as a browser extension, and all of our other properties, products, and services (the “Services”). Your use of the Services is subject to this Policy as well as our Terms of Service.

High Level Summary

  • Ring Labs is an incorporated company based in Singapore. Ring Labs complies with applicable Singapore laws and regulations, as well as applicable laws of other jurisdictions where it operates.
  • Ring Wallet is a self-custody wallet. Your private keys and master seed are generated and stored locally on your device. Ring Labs never has access to, stores, or transmits your private keys, master seed, or Passkey credentials.
  • Ring Labs does not collect and store personal data such as first name, last name, street address, date of birth, or similar identifying profile data in connection with normal use of the Services.
  • Ring Labs collects non-identifiable data such as limited off-chain data (for example, browser type and device context) to improve products and user experience.
  • When you submit a blockchain transaction, your wallet address is shared with the RPC provider that processes the request. This is inherent to how blockchain networks operate and is not controlled by Ring Labs.
  • If you use the optional fiat on-ramp feature (powered by MoonPay), you will be redirected to a third-party service that is governed by its own privacy policy. Ring Labs does not receive or store any personal or payment data you provide to MoonPay.
  • If you sign up for emails or notifications, Ring Labs stores your email address for those communications. You can unsubscribe at any time.
  • If you contact us via email or other channels, Ring Labs stores that correspondence. We do not require you to provide any personal data to use the Services.
  • Material privacy updates are reflected in an updated privacy policy.

Data We Collect

Privacy is central to everything we do at the Company. Ring Wallet is designed as a self-custody wallet where sensitive cryptographic material never leaves your device. We do not maintain user accounts and do not collect or store personal data such as your name or internet protocol (“IP”) address.

What We Do NOT Collect

Ring Wallet is architected so that the following data never reaches Ring Labs servers:

  • Private keys and master seed. Your cryptographic keys are derived locally in the browser from your master seed and held in memory only during your active session. They are never transmitted to any server.
  • Passkey credentials. Your WebAuthn Passkey credential (including the embedded master seed) is managed by your device’s platform authenticator and/or cloud keychain. Ring Labs does not have access to this data.
  • Mnemonic phrases. Ring Wallet does not use or generate mnemonic seed phrases.
  • Transaction signing data. All transaction signing occurs locally on your device. The signed transaction is broadcast directly to the blockchain network via RPC providers.

What We May Collect

When you interact with the Services, we may collect:

  • Publicly-available blockchain data. When you use the Wallet to interact with blockchain networks, your publicly-available blockchain address and transaction data become part of the public blockchain ledger. We may access this publicly-available data to provide features of the Services. Note that blockchain addresses are publicly-available data that are not created or assigned by us or any central party, and by themselves are not personally identifying.
  • Information from localStorage and similar technologies. The Wallet stores certain preferences and non-sensitive data in your browser’s localStorage, including: your preferred language, selected chain and wallet index, COSE-format public key for signature verification, imported token addresses, a cached DApp directory, and transaction history cache. This data remains on your device and is not transmitted to Ring Labs servers. The Wallet also uses a service worker for offline caching of static application assets.
  • Transaction history aggregation. When you view your transaction history in the Wallet, the application may send your publicly-available wallet address to our server-side API, which aggregates data from third-party blockchain data services (including, but not limited to, Etherscan, Blockstream, mempool.space, TronGrid, and Solana RPC endpoints) to display your transaction history. Your wallet address is the only data sent in these requests.
  • Device and browser information. We may collect non-identifiable device context such as browser type, browser version, operating system, device type, and screen resolution to improve the Services and diagnose technical issues. We group and analyze this data in aggregate, not as individual user profiles.
  • Information from other sources. We may receive information about wallet addresses or transactions made through the Services from our service providers in order to comply with our legal obligations and prevent the use of our Services in connection with fraudulent or other illicit activities.
  • Correspondence. We will receive any communications and information you provide directly to us via email, customer support, social media, or another support channel (such as Twitter or Discord), or when you participate in any surveys or questionnaires.
  • Information you specifically provide us. If you specifically provide us with information (such as your email address), we may use that information for the purposes described when you provide it to us. We will not attempt to link any information you provide to your wallet address, IP address, or other personal data. You do not need to provide us with any personal data to use the Services.

How We Use Data

We use the data we collect in accordance with your instructions, including any applicable terms in our Terms of Service, and as required by law. We may also use data for the following purposes:

  • Providing the Services. We use the data we collect to provide, maintain, customize and improve our Services and features of our Services.
  • Customer support. We may use information to provide customer support for and answer inquiries about the Services.
  • Safety and security. We may use data to protect against, investigate, and stop fraudulent, unauthorized, or illegal activity. We may also use it to address security risks, solve potential security issues such as bugs, enforce our agreements, and protect our users and Company.
  • Legal compliance. We may use the information we collect as needed or requested by regulators, government entities, and law enforcement to comply with applicable laws and regulations.
  • Aggregated data. We may use some of the information we collect or access to compile aggregated data that helps us learn more about how users use the Services and where we can improve your experience.

How We Share Data

We may share or disclose the data we collect:

  • With RPC and blockchain data providers. When you submit a blockchain transaction or query, your wallet address and transaction data are sent to the RPC node provider that processes the request. The Wallet may use multiple providers depending on the blockchain network, including but not limited to Alchemy, Infura, and various public RPC endpoints. For transaction history, your wallet address is sent to blockchain data services such as Etherscan, Blockstream, mempool.space, TronGrid, and BlockCypher. This is inherent to how blockchain networks and data services operate. Ring Labs does not control how these providers handle your data; please consult their respective privacy policies.
  • With fiat on-ramp providers. If you use the optional fiat on-ramp feature, you will be redirected to MoonPay (or another third-party provider) in a separate browser window. Ring Labs shares only the API key, selected currency codes, and a redirect URL with MoonPay. Any personal data, identity verification, or payment information you provide to MoonPay is governed by MoonPay’s Privacy Policy. Ring Labs does not receive or store any personal or payment data you provide to MoonPay.
  • With feedback and survey platforms. The Wallet may include embedded feedback forms powered by third-party platforms (such as Tally). Any information you voluntarily submit through such forms is sent directly to the third-party platform and is governed by its own privacy policy. Ring Labs does not control or process this data on its servers.
  • With other service providers. We may share information with our service providers and vendors to assist us in providing, delivering, and improving the Services.
  • To comply with our legal obligations. We may share your data in the course of litigation, regulatory proceedings, compliance measures, and when compelled by subpoena, court order, or other legal procedure. We may also share data when we believe it is necessary to prevent harm to our users, our Company, or others, and to enforce our agreements and policies, including our Terms of Service.
  • Safety and security. We may share data to protect against, investigate, and stop fraudulent, unauthorized, or illegal activity. We may also use it to address security risks, solve potential security issues such as bugs, enforce our agreements, and protect our users, Company, and ecosystem.
  • Business changes. We may transfer or share data to another entity in the event of a merger, acquisition, bankruptcy, dissolution, reorganization, asset or stock sale, or other business transaction.
  • With your consent. We may share your information any other time you provide us with your consent to do so.

We do not share your information with any third parties for any marketing purposes whatsoever.

Cookies and Tracking Technologies

Ring Wallet does not currently use cookies, analytics SDKs, advertising pixels, or third-party tracking technologies. The Wallet uses browser localStorage to store application preferences and cached data locally on your device as described in the “What We May Collect” section above. This data is not transmitted to Ring Labs or any third-party analytics provider.

If we introduce cookies or third-party tracking technologies in the future, we will update this Policy to describe the specific technologies used, their purposes, and your opt-out options. Third-party DApps accessed through the Wallet’s built-in DApp browser may independently set cookies or use tracking technologies; such usage is governed by those DApps’ own privacy policies.

Third-Party Links and Sites

We may integrate technologies operated or controlled by other parties into parts of the Services. The Wallet’s DApp browser allows you to access third-party decentralized applications, and the Wallet may include embedded third-party content such as feedback forms (powered by Tally or similar platforms) and fiat on-ramp services (such as MoonPay). Please note that when you interact with these other parties, including when you access DApps through the built-in browser, those parties may independently collect information about you and solicit information from you. You can learn more about how those parties collect and use your data by consulting their privacy policies and other terms.

Data Retention

Because Ring Wallet is a self-custody application that does not maintain user accounts on its servers, data retention operates differently from traditional web services:

  • On-device data (localStorage). Application preferences, cached transaction history, imported token lists, and other locally-stored data persist on your device until you clear your browser data, uninstall the application, or manually remove the data. Ring Labs does not control or have access to this data.
  • Blockchain data. Transaction data recorded on public blockchains is permanent and immutable. Neither Ring Labs nor any other party can modify or delete on-chain data.
  • Correspondence. If you contact us via email or other channels, we retain your correspondence for as long as necessary to address your inquiry and for our legitimate business purposes, such as legal compliance and dispute resolution.
  • Aggregated data. Aggregated, de-identified data that cannot be used to identify any individual may be retained indefinitely for product improvement and analytical purposes.
  • Server-side caches. Transaction history data retrieved from third-party providers is temporarily cached on our servers for performance purposes and is automatically purged on a short time-to-live basis (typically minutes).

Do Not Track

Some web browsers transmit “Do Not Track” (DNT) signals to the websites and other online services with which the browser communicates. There is currently no universally accepted standard for how to interpret and respond to DNT signals. Because Ring Wallet does not currently use cookies or third-party tracking technologies, the Wallet’s behavior does not change in response to DNT signals. If we adopt tracking technologies in the future, we will update this section to describe our response to DNT signals.

International Data Transfers

Ring Labs is based in Singapore. When you use the Services, certain data may be processed in Singapore, the United States, or other jurisdictions where our service providers operate. Specifically:

  • Your publicly-available wallet address may be sent to RPC providers and blockchain data services located in various jurisdictions globally.
  • If you use the optional fiat on-ramp (MoonPay), any data you provide to MoonPay may be processed in accordance with MoonPay’s data transfer practices.
  • Server-side APIs may temporarily process your wallet address in the jurisdiction where our hosting infrastructure is located.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, where data is transferred to a country outside the EEA that has not received an adequacy decision from the European Commission, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or we ensure that the transfer is otherwise lawful under applicable data protection laws.

Data Breach Notification

In the event of a data breach that affects your personal data, we will notify you as required by applicable law. For users in the European Economic Area, we will notify the relevant supervisory authority within 72 hours of becoming aware of a breach, where feasible, and will notify affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms. Our notification shall not be construed as an admission of fault or liability. Because Ring Wallet is a self-custody application and we do not store private keys, master seeds, or Passkey credentials on our servers, a breach of Ring Labs’ infrastructure would not compromise the cryptographic security of your wallet.

Security

We implement and maintain reasonable administrative, physical, and technical security safeguards to help protect data from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of information about you. You are responsible for all of your activity on the Services, including the security of your Passkey credentials, blockchain network addresses, and the cryptographic keys derived from your master seed.

Age Requirements

The Services are intended for a general audience and are not directed at children. We do not knowingly receive personal information (as defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) from children. If you believe we have received personal information about a child under the age of 18, please contact us at hello@ringprotocol.com.

Additional Notice to California Residents (“CCPA Notice”)

The California Consumer Privacy Act of 2018 (“CCPA”) requires certain businesses to provide a CCPA Notice to California residents to explain how we collect, use, and share their personal information, and the rights and choices we offer California residents regarding our handling of their information.

  • Privacy Practices. We do not “sell” personal information as defined under the CCPA. Please review the “How We Share Data” section above for further details about the categories of parties with whom we share information.
  • Privacy Rights. The CCPA gives individuals the right to request information about how we have collected, used, and shared your personal information. It also gives you the right to request a copy of any information we may maintain about you. You may also ask us to delete any personal information that we may have received about you. Please note that the CCPA limits these rights, for example, by prohibiting us from providing certain sensitive information in response to access requests and limiting the circumstances under which we must comply with a deletion request. We will respond to requests for information, access, and deletion only to the extent we are able to associate, with a reasonable effort, the information we maintain with the identifying details you provide in your request. If we deny the request, we will communicate the decision to you. You are entitled to exercise the rights described above free from discrimination.
  • Submitting a Request. You can submit a request for information, access, or deletion to hello@ringprotocol.com.
  • Identity Verification. The CCPA requires us to collect and verify the identity of any individual submitting a request to access or delete personal information before providing a substantive response.
  • Authorized Agents. California residents can designate an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming their authority.

Disclosures for European Union Data Subjects

We process personal data for the purposes described in the section titled “How We Use Data” above. Our legal bases for processing your data under the General Data Protection Regulation (“GDPR”) include: (i) you have given consent for one or more specific purposes; (ii) processing is necessary for the performance of a contract with you; (iii) processing is necessary for compliance with a legal obligation; and/or (iv) processing is necessary for the purposes of the legitimate interests pursued by us or a third party, and your interests and fundamental rights and freedoms do not override those interests.

Your rights under the GDPR include the right to:

  • Access (Art. 15) — request access to and obtain a copy of your personal data;
  • Rectification (Art. 16) — request correction of inaccurate or incomplete personal data;
  • Erasure (Art. 17) — request deletion of your personal data (“right to be forgotten”);
  • Restriction of processing (Art. 18) — request that we limit the processing of your personal data;
  • Data portability (Art. 20) — request your personal data in a structured, commonly used, and machine-readable format;
  • Object to processing (Art. 21) — object to processing based on legitimate interests or for direct marketing;
  • Automated decision-making (Art. 22) — not be subject to a decision based solely on automated processing that produces legal effects or similarly significantly affects you (Ring Wallet does not currently engage in automated decision-making);
  • Withdraw consent — where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal;
  • Lodge a complaint (Art. 77) — lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.

Nevertheless, we cannot edit or delete information that is stored on a particular blockchain. Information such as your transaction data, blockchain wallet address, and assets held by your address that may be related to the data we collect is beyond our control.

To exercise any of your rights under the GDPR, please contact us at hello@ringprotocol.com. We may require additional information from you to process your request. Please note that we may retain information as necessary to fulfill the purpose for which it was collected and may continue to do so even after a data subject request in accordance with our legitimate interests, including to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

Changes to this Policy

If we make material changes to this Policy, we will notify you via the Services. Nevertheless, your continued use of the Services reflects your periodic review of this Policy and other Company terms, and indicates your consent to them.

Contact Us

If you have any questions about this Policy or how we collect, use, or share your information, please contact us at hello@ringprotocol.com.