X-Grok is an innovative on-chain assistant project developed by
xAI, built on the Solana blockchain. It aims to provide users
with a transparent, intelligent, and efficient blockchain
interaction experience through the integration of artificial
intelligence and decentralized technology. We deeply recognize
the importance of privacy protection in the digital era,
especially for users of blockchain and AI services. This Privacy
Policy is designed to comprehensively explain how we collect,
process, store, protect, and disclose your information during
the operation of X-Grok, as well as the rights and choices you
have as a user. We are committed to safeguarding your privacy
with the highest standards, ensuring that your data security and
autonomy are fully respected. This policy applies to all users
interacting with us through the X-Grok website
x-grok.net, application, or related
services.
Effective Date: January 16, 2025 |
Last Updated: March 20, 2025
1. Introduction and Scope
This Privacy Policy applies to all individuals or entities
interacting with the X-Grok ecosystem, including but not limited
to website visitors, on-chain assistant users, token holders
(XGROK), community participants, and users connecting to X-Grok
services via third-party platforms (e.g., Solana wallets or
decentralized exchanges). Through this document, we will explain
our privacy practices involved in providing services and ensure
compliance with relevant global laws and regulations, such as
the General Data Protection Regulation (GDPR), the California
Consumer Privacy Act (CCPA), and other applicable data
protection laws. This policy does not cover the privacy
practices of third-party services (e.g., external wallet
providers or exchanges), and you should refer to their
independent policies.
X-Grok’s core mission is to “unlock the future of blockchain” by
simplifying user experiences through AI-driven assistant
features. To achieve this, we need to process certain data, but
we always adhere to the following principles: minimizing data
collection, ensuring transparency in processing, and
prioritizing user control. The following sections will detail
our specific practices.
2. Information We Collect
To ensure the efficient operation of X-Grok services and meet
your needs, we may collect the following categories of user
information. The collection of this information is strictly
limited to what is necessary, with varying protection measures
applied based on the sensitivity of the data type. Below is a
comprehensive overview of the types of information we may
collect and how they are obtained:
Blockchain-Related Data: When you connect a
Solana wallet (e.g., Phantom, Solflare) to X-Grok, we record
your public wallet address (e.g., 5xyz...abc123). This data is
used to perform on-chain operations (e.g., checking balances,
deploying smart contracts, or transferring funds), but we
never access or store your private keys or seed phrases.
On-chain transaction data (e.g., transaction hashes,
timestamps, amounts) may be publicly recorded on the Solana
blockchain, an inherent feature of blockchain technology
beyond X-Grok’s control.
Interaction Data: When you interact with the
X-Grok assistant (e.g., entering “analyze market trends for
me” or “manage my NFTs”), we record the content of your
instructions, usage time, and frequency to optimize the AI
model’s responsiveness and personalized experience. This data
is typically stored in anonymized or pseudonymized form unless
you explicitly request identity linkage.
Technical Data: We may collect your device
information (e.g., operating system version, browser type), IP
address, access timestamps, and session logs. This data is
used to diagnose technical issues, improve service stability,
and prevent fraudulent activities (e.g., DDoS attacks). We
protect the transmission and storage of this data with
encryption technology.
Voluntarily Provided Information: In certain
scenarios, you may choose to provide additional information,
such as an email address submitted during testnet feedback, a
username or social media handle (e.g., Discord ID, X account)
provided during community events, or inquiries sent through
customer support channels. This information is collected only
when you actively submit it, and its use is strictly limited
to the relevant activity.
Cookies and Similar Technologies: Our website
may use Cookies, Web Beacons, or other tracking technologies
to record your preferences (e.g., language selection), analyze
visit patterns, or provide personalized content. You can
disable Cookies through your browser settings, though this may
affect the availability of some features.
Data from Third-Party Sources: If you
interact with X-Grok through third-party platforms (e.g.,
decentralized exchange Raydium or social media X), we may
indirectly obtain public information (e.g., your public X
posts), but only for identity verification or to respond to
your requests.
We explicitly commit to not collecting data beyond what is
necessary for the service, such as your real name, home address,
phone number, or biometric information, unless you voluntarily
provide it and it is legally permitted. We also do not require
such data as a prerequisite for using X-Grok.
3. How We Use Your Information
The information collected by X-Grok is used solely to support
the core functions of the service, enhance user experience, and
maintain the security and stability of the ecosystem. Below is a
detailed explanation of the specific purposes and legal bases
for using your data:
Providing Core Services: Your wallet address
and interaction instructions are used to perform on-chain
operations, such as querying asset balances, generating smart
contract code, initiating transactions, or managing NFTs.
These operations are necessary to fulfill our service
agreement with you.
Optimizing AI Performance: Interaction and
technical data are anonymized and used to train and improve
X-Grok’s AI models, such as enhancing natural language
understanding or the accuracy of market trend predictions.
This process is based on our legitimate interest in improving
services and does not identify you personally.
User Support and Communication: Voluntarily
provided information (e.g., email) is used to respond to your
inquiries, send service updates (e.g., mainnet launch
notifications), or invite you to community events (e.g.,
airdrops). Such use is based on your explicit consent, which
you may withdraw at any time.
Security and Fraud Prevention: IP addresses,
session logs, and technical data are used to detect abnormal
activities (e.g., malicious attacks, multi-account abuse) and
protect the security of users and the system. This use is
based on our legitimate interest in maintaining service
integrity and legal obligations.
Statistics and Research: We may use
anonymized data for statistical analysis or academic research
(e.g., blockchain usage trends) to advance xAI’s mission of
“accelerating human scientific discovery.” This data is not
linked to any individual identity and is only used in
aggregated form.
Personalized Experience: Cookies and
preference data are used to remember your settings (e.g.,
language, theme) or recommend relevant features (e.g., DeFi
optimization suggestions). This use is based on your consent
or service necessity.
We will never use your information for unauthorized commercial
purposes, such as selling data to third parties or sending
unrelated advertisements. Our use of data strictly adheres to
the “purpose limitation” principle, ensuring that every
processing activity has a clear legal basis.
4. Data Storage and Protection
X-Grok employs multi-layered technical and administrative
measures to ensure the highest level of protection for your data
during storage and transmission. Below is a detailed description
of the specific protection mechanisms we implement:
On-Chain Data: Public data stored on the
Solana blockchain (e.g., wallet addresses, transaction
records) is protected by the blockchain’s distributed ledger
technology, offering decentralization, immutability, and high
availability. We do not additionally store or modify this
data, acting only as an intermediary for service execution.
Off-Chain Data: Interaction data, technical
data, and voluntarily provided information are stored on
secure cloud servers, encrypted at rest using the AES-256
standard and during transmission using the TLS 1.3 protocol.
The physical locations of the servers span multiple
jurisdictions (e.g., the US, EU), complying with local data
protection regulations.
Access Control: Only authorized X-Grok team
members (who have undergone background checks and signed
confidentiality agreements) can access off-chain data, with
permissions minimized. All access activities are logged in
audit trails and reviewed periodically.
Anonymization and Pseudonymization:
Non-essential identifying data (e.g., IP addresses) is
anonymized or pseudonymized (e.g., hashed) immediately after
collection to reduce the risk of data breaches.
Data Retention Period: Off-chain data is
retained only as long as necessary for the service—e.g.,
interaction data is kept for no more than 12 months, technical
logs for no more than 6 months, and voluntarily provided
information is destroyed immediately upon your request.
On-chain data is permanently retained due to blockchain
characteristics but is not linked to your identity.
Disaster Recovery: We implement data backup
and disaster recovery plans to ensure data integrity in the
event of hardware failure or cyberattacks. Backup data is also
encrypted and periodically tested for recovery.
Third-Party Security Audits: X-Grok’s storage
systems and smart contract code undergo regular independent
third-party security audits (e.g., CertiK, Quantstamp) to
identify and address potential vulnerabilities.
While we strive to protect your data, please note that no online
system is entirely immune to risks (e.g., hacking). In the event
of a data breach, we will notify affected users within 72 hours
as required by law and take remedial actions.
5. Data Sharing and Disclosure
X-Grok strictly limits data sharing, disclosing information only
when necessary and legally justified. Below is a comprehensive
explanation of our data-sharing practices:
Service Providers: We may share anonymized or
encrypted data with third-party technical partners, such as
cloud storage provider AWS, blockchain node service providers,
or analytics tool vendors. These partners are bound by strict
data processing agreements, processing data only per our
instructions and not for other purposes.
On-Chain Publicity: Operations executed via
the Solana blockchain (e.g., transactions) are visible to all
network participants, an inherent feature of blockchain. We do
not additionally share this data but remind you of the public
nature of on-chain activities.
Legal and Regulatory Requirements: If we
receive a court order, regulatory investigation, or other
legally binding request, we may need to disclose data. In such
cases, we will: (1) assess the legality of the disclosure; (2)
minimize the scope of disclosure as much as possible; and (3)
notify you in advance where legally permitted.
Business Transfers: In the event of a merger,
acquisition, or asset sale involving X-Grok, relevant data may
be transferred to the new entity, but we will ensure it
remains protected under this Privacy Policy and inform users
in advance.
No Commercial Sharing: We explicitly commit
not to sell, lease, or trade your data to third parties for
advertising, marketing, or other commercial purposes.
We periodically review all data-sharing agreements to ensure
partners comply with data protection standards and reserve the
right to terminate partnerships at any time.
6. Your Rights and Choices
As an X-Grok user, you have extensive rights over your data, and
we are committed to providing you with full control and
transparency. Below is a detailed explanation of your specific
rights and how to exercise them:
Right to Access: You may request a copy of
the off-chain data we hold about you (e.g., email, IP address)
at any time. By emailing x-grok@x-grok.net, we will provide a
free report within 30 days.
Right to Rectification: If you find
inaccuracies in the information we hold (e.g., an incorrect
username), you may request corrections, and we will verify and
update it as soon as possible.
Right to Erasure: You may request the
deletion of all non-on-chain data (e.g., interaction records,
email), which we will execute within 7 business days of your
request, unless legally required to retain it (e.g., tax
records). On-chain data cannot be deleted due to blockchain
characteristics.
Right to Restrict Processing: If you object
to data processing, you may request a temporary restriction,
and we will suspend related activities during verification.
Right to Data Portability: You may request
your off-chain data in a structured, machine-readable format
(e.g., CSV) for transfer to another service.
Right to Object: You may object to data
processing based on legitimate interests (e.g., analytics
optimization) at any time, and we will respect your choice
unless there are compelling reasons to continue.
Right to Withdraw Consent: For processing
based on consent (e.g., notification emails), you may withdraw
consent via account settings or by contacting us, without
affecting the legality of prior processing.
On-Chain Transparency: You can independently
view public data related to your wallet address via Solana
blockchain explorers (e.g., Solscan) without relying on
X-Grok.
Cookies Management: You can disable Cookies
through your browser settings or refuse non-essential Cookies
upon your first website visit, without affecting core service
functionality.
To exercise these rights, please contact us as outlined in
Section 8. If you believe we have not adequately respected your
rights, you may file a complaint with your local regulatory
authority (e.g., an EU data protection agency).
7. Minors and Privacy
X-Grok services are not intended for individuals under 18 (or
the legal age in your jurisdiction). We do not knowingly collect
data from minors. If we discover a minor has used our services
without guardian consent, we will immediately delete the related
information. Parents or guardians are encouraged to supervise
minors’ online activities and report any issues via
privacy@x-grok.ai.
8. International Data Transfers
X-Grok operates globally, and your information may be
transferred or stored across multiple countries/regions,
including but not limited to the US, EU, and Singapore. To
ensure the legality and security of cross-border transfers, we
take the following measures:
Standard Contractual Clauses: We sign
GDPR-compliant standard contracts with service providers to
ensure recipients provide equivalent protection levels.
Adequacy Certification: We prioritize storing
data in regions recognized as having “adequate data
protection” (e.g., the EU).
User Notification: If data is transferred to
regions with lower protection levels, we will inform you and
seek consent prior to transfer, unless the transfer is
necessary for the service (e.g., on-chain operations).
You may contact us to learn about the specific locations of data
storage and their protection measures.
9. Updates and Notifications to the Privacy Policy
As the X-Grok ecosystem expands and technology advances, this
Privacy Policy may be updated periodically. Any significant
changes (e.g., collecting new data types or altering sharing
policies) will be communicated to you in advance via:
Updated policies will take effect 7 days after publication,
unless your consent is required (e.g., for new data processing
purposes), in which case we will seek your permission via
pop-ups or email. We recommend periodically reviewing this page
for the latest version.
10. Legal Disclaimer
This Privacy Policy does not constitute a legal contract between
you and X-Grok but is binding as part of the service terms. We
strive to ensure data security and compliance but are not liable
for losses due to force majeure (e.g., cyberattacks, natural
disasters) or user actions (e.g., leaking private keys). Using
X-Grok services indicates your understanding and acceptance of
the public nature and risks of blockchain technology.
The interpretation of this policy belongs to xAI. In case of
conflict with applicable laws, the law prevails. We reserve the
right to adjust the policy within legal limits.
Conclusion: X-Grok is dedicated to providing
you with a secure, intelligent on-chain experience, and privacy
protection is our unwavering commitment. Thank you for choosing
X-Grok—let’s unlock the future of blockchain together!