Dydx — Privacy

Information Collection on Dydx

When users interact with Dydx, the platform collects certain categories of information to facilitate service delivery and improve user experience. This information may include wallet addresses, transaction hashes, IP addresses, browser type, device identifiers, and interaction logs generated during a dydx swap or trading session. As a non-custodial exchange, this service does not collect traditional personally identifiable information such as full legal names or government-issued identification unless specifically required by applicable regulatory frameworks. The collection process is designed to be minimal and purpose-driven, ensuring only the data necessary to operate the platform effectively is gathered. Users should be aware that blockchain transactions are inherently public, meaning on-chain activity associated with connected wallet addresses is visible to anyone inspecting the relevant distributed ledger.

How Dydx Uses Your Data

Data collected by this exchange is used primarily to operate, maintain, and improve the platform's technical infrastructure and user-facing features. Specifically, the service uses collected information to process transactions, detect fraudulent or abusive behavior, troubleshoot technical issues, and analyze aggregate usage patterns that inform product development decisions. Dydx may also use anonymized data to generate internal analytics reports that help the team understand how traders interact with the dydx swap interface and other core features. It does not sell user data to third-party advertisers or use personal information for targeted advertising campaigns. Communications related to service updates, security alerts, or governance proposals may also be sent based on voluntarily provided contact details.

Cookies and Tracking Technologies

This exchange uses cookies and similar tracking technologies to enhance the browsing and trading experience on its web interface. These technologies help the platform remember user preferences, maintain session continuity, and gather anonymized analytics about how visitors navigate the site. Functional cookies are essential for the platform to operate correctly, while analytical cookies help the team understand traffic patterns and feature engagement. Users may configure their browser settings to reject or delete cookies at any time, though doing so may affect certain aspects of the platform's functionality. Dydx does not deploy third-party advertising cookies or behavioral tracking scripts designed to build cross-site user profiles for commercial targeting purposes.

Third-Party Data Sharing

Dydx may share certain user data with carefully vetted third-party service providers who assist in operating the platform's infrastructure, including cloud hosting providers, blockchain analytics firms, and security monitoring services. These third parties are contractually bound to process data only as directed by the platform and are prohibited from using shared information for independent commercial purposes. The service may also disclose information when required to do so by applicable law, valid legal process, or government authority, in which case it will endeavor to notify affected users to the extent permitted by law. It does not engage in the sale, rental, or brokerage of personal user data to external parties for marketing or data monetization purposes. Any third-party integrations visible within the interface are subject to the privacy policies of those respective services.

Dydx Data Security Practices

Protecting user data is a top priority for this platform, and it employs industry-standard security measures to safeguard information from unauthorized access, disclosure, or destruction. The exchange implements encryption for data in transit using TLS protocols and applies access controls that restrict internal data access to authorized personnel on a need-to-know basis. Regular security audits and penetration testing are conducted to identify and remediate potential vulnerabilities in both on-chain and off-chain components. Dydx maintains an active bug bounty program that rewards researchers who responsibly disclose security weaknesses in the platform's systems. While no digital system can guarantee absolute security, the service is committed to applying best-practice safeguards and responding promptly to any confirmed security incidents.

Your Rights as a Dydx User

Users of this exchange have certain rights concerning their personal data depending on their jurisdiction and applicable privacy regulations. These rights may include the right to access information the platform holds about them, the right to request correction of inaccurate data, and the right to request deletion of personal information where legally permissible. Since Dydx operates as a non-custodial service, much of the data most relevant to users — namely their on-chain transaction history — exists on public blockchains beyond the platform's control. For off-chain data held by the service, users may submit a formal data rights request through the designated contact channels outlined in this policy. The platform commits to responding to valid requests within the timeframes prescribed by relevant data protection legislation.

Data Retention Policy

This exchange retains user data only for as long as necessary to fulfill the purposes described in this privacy policy or as required by applicable legal obligations. Transactional records and log data may be retained for periods mandated by financial regulations or fraud prevention requirements, even after a user ceases to actively use the platform. Anonymized or aggregated data that cannot reasonably identify an individual may be retained indefinitely for statistical and research purposes. Dydx periodically reviews its data retention schedules to ensure that information is not held beyond its useful or legally required lifespan. Upon a valid deletion request, the platform will take reasonable steps to remove or anonymize personal data from its active systems, subject to any overriding legal retention obligations.

International Data Transfers

As a globally accessible decentralized exchange, Dydx operates infrastructure across multiple geographic regions, which means user data may be transferred to and processed in countries outside the user's country of residence. These international transfers are conducted in accordance with applicable data protection laws, including the implementation of appropriate safeguards such as standard contractual clauses where required. The platform recognizes that different jurisdictions have varying levels of data protection, and it endeavors to maintain consistent security standards regardless of where data is processed. Users located in regions with specific cross-border transfer restrictions, such as the European Economic Area, should be aware that their data may be transferred to countries without equivalent data protection laws. By using this service, users acknowledge and consent to such transfers as described in this policy.

Children's Privacy

Dydx is not designed for or directed at individuals under the age of 18, and the platform does not knowingly collect personal information from minors. The service requires users to confirm their eligibility based on age and jurisdictional requirements before accessing trading features. If the exchange becomes aware that it has inadvertently collected personal data from a person under the applicable age threshold, it will take prompt steps to delete that information from its systems. Parents or guardians who believe their child has provided personal information to this platform are encouraged to contact the designated privacy team immediately. Maintaining a safe environment for adult users and protecting minors from exposure to high-risk financial products is a responsibility the service takes seriously.

Privacy Policy Updates

This privacy policy may be updated periodically to reflect changes in legal requirements, platform features, or data handling practices. When material changes are made, Dydx will provide notice through prominent announcements on the platform's website or through direct communication to users who have provided contact information. The updated policy will include a revised effective date at the top of the document, and continued use of the service after the effective date constitutes acceptance of the updated terms. Users are encouraged to review this policy regularly to stay informed about how their information is being handled. The platform maintains an archive of previous policy versions available upon request, allowing users to understand what has changed over time.

Contact Information for Privacy Inquiries

Users with questions, concerns, or requests related to this privacy policy or the handling of their personal data may contact the Dydx privacy team through the official support channels available on the platform's website at dydx.exchange. The service is committed to acknowledging privacy inquiries promptly and providing substantive responses within the timeframes required by applicable regulations. For data rights requests, users should clearly identify themselves, specify the nature of their request, and provide sufficient information to allow the platform to locate any relevant records. In cases involving disputes about data handling that cannot be resolved through direct contact, users may have the right to lodge a complaint with the relevant data protection supervisory authority in their jurisdiction. The platform values open communication and treats all privacy-related inquiries with confidentiality and respect.

User Consent and Privacy Choices

By accessing and using this exchange, users provide their consent to the data practices described in this privacy policy to the extent permitted by applicable law. Where consent is the legal basis for processing, users retain the right to withdraw that consent at any time without affecting the lawfulness of processing that occurred prior to withdrawal. Dydx provides users with reasonable choices regarding certain data uses, including the ability to opt out of non-essential analytics tracking through browser-level controls or platform settings where available. Withdrawing consent for essential operational data processing may impair the user's ability to access certain features of the service. The platform respects user autonomy and aims to provide clear, meaningful choices about data handling wherever technically and legally feasible.