Privacy Policy

Last updated: 07 Dec 2025

This Privacy Policy ("Policy") explains how IXI Labs d.o.o. ("IXI Labs", "we", "us", "our") collects, uses, shares, and stores information when you use:

the Spixi mobile and desktop applications,
the Spixi website at spixi.io and related pages,
and any associated features, content, or software (together, the "Services").

By using the Services you agree to this Policy and to our Terms of Use. If you do not agree with any part of this Policy or our Terms, do not use the Services.

This Policy does not apply to:

third-party websites or services you access through the Services, or
information you provide to us via separate channels (for example direct email or offline), except where we explicitly state otherwise.

1. Who we are

The Services are operated by:

IXI Labs d.o.o.
A company registered in Slovenia
Email: support@spixi.io

2. Scope – App vs website

There are two main contexts:

1. Spixi App

Peer-to-peer messaging, IXI wallet and Mini Apps.
No phone number or email is required to create an account.
We do not have access to your local message history or wallet keys.

2. Spixi Website (spixi.io)

Marketing pages, download links, Help Center and contact forms.
Uses cookies and analytics and may collect information you actively submit.

Unless stated otherwise, this Policy covers both and calls them the "Services".

3. Information we collect

3.1 Information you provide directly

Examples include:

User information – name, display name, domain name or social media handles if you choose to share them.
Feedback and correspondence – information you provide when you contact us for support, respond to surveys or participate in research, report a problem, or otherwise communicate with us.
Newsletter / marketing preferences – if you subscribe to updates or a newsletter (where offered).

You are not required to provide this information in order to use the Spixi App itself.

3.2 Information we get from others

We may receive information about you from:

third-party services you use to interact with us (e.g. email providers, social platforms),
analytics or error-reporting services,
partners or community platforms referring you to Spixi.

We may combine this with information we collect directly to operate and improve the Services.

3.3 Information collected automatically (Log Data)

When you use the website, we may automatically collect ("Log Data") such as:

IP address and approximate location,
device, OS, and browser type,
pages visited, time and date, time spent on pages,
search terms and links clicked,
referrer URL and other usage statistics.

We use this to operate, secure and improve the Services, and may engage third parties (for example analytics providers) to analyse it in aggregated or anonymised form.

3.4 Cookies and similar technologies

The website uses cookies and similar technologies to:

remember your preferences (including cookie choices),
keep basic functionality working,
analyse how visitors use the site.

Types of cookies we may use:

First-party cookies – set by us to provide a personalised and secure experience.
Third-party cookies – set by analytics or embedded services (for example, Google Analytics).
Session cookies – deleted when you close your browser.
Persistent cookies – stored until they expire or you delete them.

Examples of cookies that may be used include analytics cookies such as _ga, _gid, _gat_*, and our own preference cookie (e.g. SpixiCookieAgreed).

You can control or delete cookies via your browser settings. Blocking some cookies may affect how the site works. Where required, you can also manage or withdraw your cookie consent via the cookie banner / settings on our site.

We may use analytics services (such as Google Analytics) to understand how the website is used. These services may collect information using cookies and similar tools. For details on how Google processes data, see their published privacy policy.

3.5 Information related to the Spixi App and Ixian blockchain

Spixi is built on the Ixian platform and interacts with a distributed ledger (blockchain). When you use the App:

You generate one or more Spixi / IXI addresses, which are pseudonymous cryptographic identifiers.
Your transactions, and certain related metadata, may be recorded on the Ixian blockchain and will be visible to anyone who accesses the network.

Key points:

You can interact with Spixi without providing real-world identity data to IXI Labs.
Blockchain records are public, transparent and often immutable. They may be stored or analysed by third parties and are generally difficult or impossible to modify or delete.
Your message history is stored locally on your device. IXI Labs does not store or read your messages.

Because of the nature of blockchain, some privacy rights (such as deletion/erasure) may not be technically possible to fully apply to on-chain data.

4. How we use the information

We use information we collect for purposes including:

Providing and operating the Services – Running the website, responding to support requests, delivering downloads.
Communications – Responding to your emails, sending service notices, and sending newsletters or promotional information about Spixi or related services only where you have opted in or where we are otherwise allowed to do so by law.
Improving and securing the Services – Monitoring usage, troubleshooting issues, preventing abuse, and improving performance and user experience.
Analytics – Understanding aggregate usage trends (for example visits, pages viewed) to optimise our site and documentation.

We do not sell your personal information.

5. Sharing of your information

We do not share or sell your personal information to third parties except as described here:

Affiliates – We may share information with our affiliates and group companies where necessary for the purposes in this Policy (for example, to operate shared infrastructure).
Service providers – We may use third-party vendors for hosting, analytics, email delivery and support tools. They process information on our behalf and are required to protect it and use it only for the tasks we assign.
Legal, protection and safety – We may disclose information if we reasonably believe it is necessary to comply with a law, regulation, legal process, or government request; enforce our Terms or protect our rights, property, or safety; detect, prevent, or address fraud, security or technical issues.
Business transfers – If we are involved in a merger, acquisition, or asset sale, information may be transferred as part of that transaction, subject to continued protection in line with this Policy.

6. Legal bases for processing (EU/EEA & UK)

Where the EU/EEA GDPR, the UK GDPR or similar laws apply, we rely on the following legal bases to process personal data:

Performance of a contract – for example, when we respond to support inquiries or provide you with Services you request.
Legitimate interests – such as securing and operating our infrastructure, understanding usage, preventing abuse, and improving the Services, provided these interests are not overridden by your rights.
Consent – for optional activities like certain cookies, newsletters or marketing communications. You can withdraw consent at any time, which will not affect processing already carried out.

We may transfer personal data outside the EU/EEA or UK. Where we do, we use appropriate safeguards (such as standard contractual clauses) where required by law.

7. Notice to California residents

If you are a resident of California, you may have certain rights under California law (including the California Consumer Privacy Act, as amended). Depending on the circumstances, these may include the right to:

request information about the categories and specific pieces of personal information we have collected about you;
request deletion of your personal information, subject to certain exceptions;
opt out of certain types of data sharing where applicable.

You also have the right to contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs at 1625 North Market Blvd., Sacramento, CA 95834, Telephone: (916) 445-1254 or (800) 952-5210.

We do not sell personal information as "sale" is defined under California law.

To exercise any rights, contact us at support@spixi.io.

8. Your rights

Depending on your location, you may have some or all of the following rights in relation to your personal data:

Access – request confirmation we process your data and obtain a copy.
Rectification – request correction of inaccurate or incomplete data.
Deletion ("right to be forgotten") – request deletion of data we hold, subject to legal obligations and technical limitations (for example, blockchain records).
Restriction – request we restrict processing in certain circumstances.
Portability – request certain data in a machine-readable format.
Objection – object to processing based on legitimate interests, and to direct marketing.
Withdraw consent – where processing is based on consent, withdraw it at any time.

If you wish to exercise any of these rights, or if your contact details change, email us at support@spixi.io. We will respond as required by applicable law, typically within one month.

These rights apply to personal data we control. They do not allow us to alter or delete information that is permanently recorded on the Ixian blockchain.

9. Data retention

We keep personal data only as long as reasonably necessary for the purposes described in this Policy, including to operate the Services, comply with legal and regulatory obligations, resolve disputes and enforce agreements.

When we no longer need data, we take reasonable steps to delete or anonymise it.

You may also request deletion of your personal data (see "Your rights" above). Where we are obliged by law to keep certain data for longer, we will retain only what is necessary.

10. Security

We use reasonable technical and organisational measures to protect the information we control against loss, misuse and unauthorised access.

However, no online service can be completely secure. Security of your own devices (passwords, OS updates, malware protection, backups) is critical, especially when using the Spixi App and your wallet.

If you believe your account, device, or wallet has been compromised, secure your environment and contact us.

11. Children's privacy

The Services are not directed to children under 16, or any higher age required by applicable law, and we do not knowingly collect personal information from them.

If you believe a child has provided us with personal information, please contact us so we can take appropriate steps.

12. Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page.

If we make material changes, we may provide additional notice (for example, via the website). Your continued use of the Services after the updated Policy becomes effective means you accept the changes.

We encourage you to review this page periodically.

13. Contact

If you have any questions about this Policy, your information, or your rights, please contact us:

Email: support@spixi.io
Website: https://www.spixi.io