Privacy Policy
Last updated: June 29, 2026
This Privacy Policy explains how Hanko (“Hanko,” “we,” “us” or “our”) collects, uses, discloses and safeguards your information when you visit our website, create an account, or use our proposals, agreements, invoicing and payments services (collectively, the “Services”). By using the Services you agree to the practices described here.
1. Information we collect
We collect information in three ways:
- Information you provide. Account details (name, email, business name), the contents of proposals, agreements and invoices you create, contact details of clients you bill, and messages you send us.
- Information collected automatically. Device and browser data, IP address, pages viewed, and usage patterns, collected through cookies and similar technologies (see our Cookie Policy).
- Information from third parties. Data from payment processors, identity and compliance providers, blockchain networks, and analytics partners that help us operate the Services.
2. How we use your information
- Provide, maintain and improve the Services;
- Process payments and reconcile on-chain and fiat transactions;
- Verify identity and meet anti-money-laundering, sanctions and other legal obligations;
- Communicate with you about your account and support requests;
- Detect, prevent and address fraud, abuse and security issues;
- Analyze usage to understand and improve the product.
3. Legal bases for processing
Where the GDPR or similar laws apply, we process personal data on the basis of performance of a contract, compliance with a legal obligation, your consent (which you may withdraw at any time), and our legitimate interests in operating and securing the Services.
4. How we share information
We do not sell your personal information. We share it with:
- Service providers (hosting, analytics, payment and compliance vendors) acting on our instructions;
- Counterparties you transact with, such as the clients you invoice;
- Authorities when required by law, regulation or valid legal process;
- A successor entity in connection with a merger, acquisition or sale of assets.
5. Blockchain transactions are public
When you send or receive payments on a public blockchain, the transaction, wallet addresses and amounts are recorded on a public, immutable ledger that we do not control and cannot alter or delete. Information written to a blockchain may be permanent and visible to anyone.
6. Data retention
We keep personal data for as long as your account is active and as needed to provide the Services, then retain it only as required to comply with legal, tax, accounting and dispute-resolution obligations.
7. Security
We use administrative, technical and organizational measures designed to protect your information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
8. International transfers
We may process and store information in countries other than your own. Where required, we rely on appropriate safeguards such as standard contractual clauses for cross-border transfers.
9. Your rights
Depending on where you live, you may have rights to access, correct, delete, port, or restrict the processing of your personal information, and to object to certain processing. Residents of the EEA/UK (GDPR) and California (CCPA/CPRA), among others, have specific rights. To exercise them, contact us using the details below.
10. Children
The Services are not directed to individuals under 18, and we do not knowingly collect personal information from children.
11. Changes to this policy
We may update this Privacy Policy from time to time. We will post the revised version here and update the “Last updated” date above.
12. Contact us
Questions about this policy or your data? Reach us through our contact page or at contact@gizmolab.io.