Privacy Policy

Last Updated on Date: 05-28-2026

Nexium (the “Nexium”, “We” “Us” or “Our”) is committed to protecting User’s (“You”, “Your” or “User”) privacy and implementing industry-leading security measures. Soul Super Wallet (the “App”) is a decentralized, non-custodial wallet, meaning we do not collect, store, or control users' biometric data, digital assets, or data. This Policy sets out our commitment and explains in detail what information we may gather from your visit to https://soulverse.world/ or avail the Services by downloading the apk file of the App (the "Website" or "Platform") and, why and how your information may be processed when you use our Services. This Privacy Policy (the “Policy”) outlines the limited data interactions within the App, how such data is used, and users’ rights regarding their information.

The terms of this Policy are applicable to you for accessing our Services as detailed in our Terms & Conditions document that can be accessed via the App. The terms that are capitalized and not defined in this Privacy Policy have been defined in the Terms and Conditions.

1. About the App

1.1 Nexium is an innovative decentralised identity ecosystem designed for Users with full control over their digital sovereignty. It is a Self-Sovereign Identity (SSI), allowing Users to authenticate themselves seamlessly across multiple Platforms without repeatedly entering credentials, this eliminated the needs for mnemonic based private keys by leveraging biometric authentication, which ensures greater security, ease of use, and eliminates the risks associated with password-based systems. The Nexium ecosystem is a fully decentralised, open-source, and portable enabling Users to integrate secure and cost effective identity management solutions to their products and Services.

1.2 As a part of the Platform, Nexium provides access to the App, which is a non-custodian wallet, designed to allow You to manage your decentralised digital assets and credentials, which can be accessed through authorised devices running the appropriate iOS or Android operating systems.

1.3 Soul Super Wallet is a blockchain-based decentralised application (DApp), a comprehensive wallet that allows the Users to manage their digital assets, including cryptocurrencies and NFTs, issue and verify credentials, and interact with decentralized networks within the secure environment of Nexium. The wallet would be able to hold both SSI and all crypto assets such as Bitcoin, Ethers, and NFTs. SoulScan, which eliminates the need for typical seed phrases and passwords; and SoulID, which is one-of-a-kind identification, which shall help the Users to govern their own digital identities without relying on centralized authority.

2. Information we collect

2.1 For this purpose of this Policy, “Data” shall mean any information, whether true or not, that relates to an identifiable individual. This includes, but is not limited to:

• 2.1.1 Information that can be used to identify an individual directly or indirectly;
• 2.1.2 Data collected by Nexium, either directly or indirectly, through its Platform;
• 2.1.3 Biometric data that may be used for authentication purposes;
• 2.1.4 Financial data, including blockchain-related transactions;
• 2.1.5 User identities, including SoulID™ and interactions within the Platform; and
• 2.1.6 Any other information that Nexium may have access to in connection with the provision of its Services.

2.2 No Collection, Storage, or Use of Data

Nexium does not collect, use, store, or disclose any Data as defined above. As a non-custodial ecosystem, Nexium is designed to uphold user privacy and digital sovereignty by ensuring that all interactions remain decentralized and under user control. However, certain limited, non-identifiable data may be processed in specific instances to facilitate interactions within the ecosystem. These instances include:

2.2.1 Blockchain Transactions: The Soul Super Wallet enables users to execute transactions on decentralized networks. However, Nexium does not store any transaction details, wallet balances, or any associated user data. All transaction records are stored directly on the blockchain, which is a public and immutable ledger. Users are advised to review the privacy characteristics of the respective blockchain networks they interact with.

2.2.2 Third-Party collaborations: If users choose to interact with third-party services (such as KYC (Know Your Customer), KYB (Know Your Business), fiat on/off-ramping providers, decentralized applications, or external authentication services), those service providers may collect, use, and process data under their own privacy policies. Nexium Soul Super Wallet does not control how these third parties handle user data, and users are encouraged to review the respective privacy policies of such providers before engaging with them.

2.3 Facial Images and Biometric Authentication Data

When You create, log in to, recover, or delete a wallet using SoulWallet, the App may collect photographic images of Your face (“facial images” or “images”) through Your device’s camera. This is done only after You have explicitly granted camera permission.

The facial image is captured in Your browser, encoded as a base64 JPEG, and transmitted over HTTPS/TLS to SoulWallet’s secure backend infrastructure at api-gateway.soulverse.us. The backend processes the image to derive a mathematical biometric vector representation used for wallet authentication, identity matching, wallet recovery, and account deletion verification.

Facial images may be collected and used during the following events:

• Wallet creation, to generate the biometric vector that anchors the wallet identity.
• Wallet login or re-authentication, to verify the User’s identity.
• Wallet recovery, to restore wallet access where applicable.
• Wallet deletion, to verify the User before deleting the biometric record.

The image is not retained on the User’s device after capture. It is captured, encoded, transmitted for the applicable authentication operation, and then released from memory.

3. Any Data processed within the Nexium ecosystem is strictly limited to ensuring secure, private, and seamless interactions between users and decentralized technologies. Nexium’s role is limited to facilitating such interactions without retaining or processing user-specific Data beyond what is technically necessary for secure authentication and transaction execution.

4. How do we use the Data?

We do not collect, store or process your Data, however, We may disclose or share your information, without notice, for the primary purposes for which it was collected in accordance with this Policy, including, without limitation:

• 4.1. where you have consented to such disclosure or sharing;
• 4.2. where permitted under the applicable British Virgin Islands laws;
• 4.3. where it is necessary to protect and defend the rights or property of Nexium and/or its users;
• 4.4. where it is necessary to act under exigent circumstances to protect the personal safety of other users on the Platform or the App, or the general public visiting the Platform or the App;
• 4.5. in order to enhance Your experience with our App; and
• 4.6. improve the functionality, reliability and efficiency of our Services.

4.7 How Facial Images Are Processed and Protected: Facial images are used solely to generate or match the User’s biometric vector for the purpose of authenticating the User to their own self-custody wallet. They are not used for advertising, analytics, profiling, marketing, or any purpose unrelated to wallet authentication, recovery, deletion, or security.

Facial images are transmitted only over encrypted HTTPS/TLS connections to SoulWallet’s own backend infrastructure. They are not transmitted to advertising networks, analytics providers, data brokers, marketing partners, third-party identity providers, or external facial-recognition services.

Before submitting a facial image, the App may run a liveness check locally in the browser using face-detection models. Raw video frames, intermediate detection data, rejected images, and browser camera streams are not transmitted off the User’s device. Only the confirmed facial image required for the relevant authentication event is transmitted.

Users may revoke camera access at any time through their browser or device settings. Without camera access, certain wallet creation, login, recovery, or deletion features may not function.

Facial images may be collected and used during the following events:

• Wallet creation, to generate the biometric vector that anchors the wallet identity.
• Wallet login or re-authentication, to verify the User’s identity.
• Wallet recovery, to restore wallet access where applicable.
• Wallet deletion, to verify the User before deleting the biometric record.

The image is not retained on the User’s device after capture. It is captured, encoded, transmitted for the applicable authentication operation, and then released from memory.

5. SoulScan & Biometric Authentication

Soul Super Wallet incorporates SoulScan, a decentralized authentication mechanism replacing traditional seed phrases and SoulID, that governs the User’s digital identities without relying on the centralized authority.

• Decentralized Authentication: SoulScan leverages facial recognition for secure wallet access without centralized data storage.
• Biometric Privacy: Biometric data (e.g., Face ID) is processed on the user’s device and is never stored on centralized servers.
• Recovery Mechanism: Since no biometric data are centrally stored, recovery is facilitated through SoulScan’s decentralized authentication method.

6. Third-Party Integrations

Soul Super Wallet enables users to interact with decentralized applications (dApps) and third-party services, including:

• Blockchain Networks for transaction processing.
• Fiat On/Off-Ramp Providers for cryptocurrency purchases and conversions.
• Credential Verification Services for identity-based interactions, including Know Your Customer (KYC) and Know Your Business (KYB) processes.

Soul Super Wallet facilitates interactions with third-party services, including blockchain networks, fiat on/off-ramp providers, and credential verification services. These services operate independently, and their data collection practices are governed by their respective privacy policies. Soul Super Wallet assumes no responsibility for the data handling, processing, or potential misuse of user information by third-party services. Users engaging in identity verification processes acknowledge that third-party providers may be subject to legal obligations requiring the storage and processing of personal data.

7. User Privacy & Data Control

Soul Super Wallet is a non-custodial, decentralized wallet that does not store, manage, or have access to user credentials, biometric data, or digital assets. Users retain full control over their authentication and access settings.

• 7.1. Account Deletion: Users may request to disassociate their SoulID™ from the App. However, since SoulScan authentication is secured through decentralized storage, deletion does not permanently erase all authentication data, and recovery may still be possible through re-authentication.
• 7.2. Wallet Access & Loss Risks: Soul Super Wallet cannot retrieve lost wallets, restore private keys, or credentials in case where the Users loses access to their authentication credentials and has failed to backup recovery method, the Soul Super Wallet and the associated assets may be permanently inaccessible.
• 7.3. No Centralized Data Retention: Soul Super Wallet does not store User credentials or transaction history on its servers, as all the authentications occurs on Users’ devices.

7.4. During the registration process, certain user files (including Soul ID™, SoulScan, and SSI Backup Files) are stored using decentralized storage solutions such as IPFS. All files are encrypted, and decryption is possible only through the user’s biometric data (facial recognition). This encrypted storage ensures that, in the event of device loss or theft, the user can securely retrieve and restore their wallet.

8. Security & Risk Mitigation

Soul Super Wallet is built with decentralized security principles; however, users must take precautions to protect their accounts:

• 8.1. Secure Device Usage: Users should ensure their devices remain protected from unauthorized access.
• 8.2. Transaction Awareness: Blockchain transactions are irreversible, and Soul Super Wallet is not responsible for transaction errors or losses due to unauthorized access.
• 8.3. Data Breach Risks: All and any third party integrations may be subject to data breaches beyond our control. Users are advised to review all third party providers’ security policies before engagement.
• 8.4. Privacy Settings: users are advised to keep an eye on the privacy settings within the App in order to control their data sharing preferences and permissions.

Software Vulnerabilities: Users are encouraged to report security issues promptly to help maintain the App’s and Platform’s integrity, avoiding unexpected software bugs or vulnerabilities which may occur. While the app employs industry-standard security measures, users must exercise diligence in managing their authentication credentials.

9. User Representation and Warranties

The Users acknowledge and accept that:

• 9.1. Users' interaction with any third party services and integration, its data collection and disclosure practices are independent from the Platform and the App. The Platform and the App does not control, access, or assume liability of the Data processed by these third party providers;
• 9.2. Any interactions requiring limited, non-identifiable Data processing are necessary for the proper functioning of the Services and are not retained by the Website, Platform or the App;
• 9.3. Certain third-party service providers engaged through the Platform may process data in jurisdictions outside of the User’s country of residence. Such transfers will be governed by the privacy policies of the respective third-party service providers;
• 9.4. Users are solely responsible for safeguarding their authenticating credentials, that is, passwords, private keys, recovery phrases);
• 9.5. The App or the Platform has no ability to restore the access of the credentials in case of failure of the Users to safeguard their credentials;
• 9.6. The App or the Platform uses cookies and similar technologies to enhance user experience, improve the App’s performance, and conduct analytics. Users can control cookie preferences through their browser settings, however, disabling certain cookies may impact the Website’s functionality.

10. Minor

As provided in our Terms and Conditions, our Services are not intended for anyone who is under the age of 18 (eighteen) years or minor under their respective jurisdictions, or where the Services are been accessed (“Minor”) We do not intend to or knowingly collect any data related to the Minor. If you believe that any kind of data has been collected or provided to us, please contact us at connect@soulverse.us

11. Policy Updates

This Privacy Policy may be updated periodically to reflect changes in features, security measures, or compliance requirements, as indicated by “Last Updated on” date at the beginning of this Policy. Users will be notified of significant updates through in-app notifications or official communication channels. By continuing use of the App, Users acknowledge and accept the updated terms as they apply to the Service.

12. Contact Information

For inquiries regarding this Privacy Policy, users may contact:

connect@soulverse.us