1. Introduction
EarnAxe ("we," "us," "our," or the "Company") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile applications, and related services (collectively, the "Service").
EarnAxe is a rewarded survey monetization network that connects application developers, publishers, and offerwalls with global survey demand. Our business model involves providing users with opportunities to complete surveys in exchange for rewards.
Geographic Scope: This Privacy Policy complies with:
- The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA)
- The Virginia Consumer Data Protection Act (VCDPA)
- The Colorado Privacy Act (CPA)
- The Connecticut Data Privacy Act (CTDPA)
- The Utah Consumer Privacy Act (UCPA)
- The Delaware Personal Data Privacy Act (DPDPA)
- The Iowa Consumer Data Protection Act (ICDPA)
- The Maryland Online Data Privacy Act (MODPA)
- The Minnesota Consumer Data Privacy Act (MNCDPA)
- The Nebraska Data Privacy Act (NDPA)
- The New Hampshire Privacy Act (NHPA)
- The New Jersey Data Privacy Act (NJDPA)
- The Tennessee Information Protection Act (TIPA)
- The General Data Protection Regulation (GDPR) (EU) 2016/679
- The UK General Data Protection Regulation (UK GDPR)
By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Service.
2. Information We Collect
2.1 Information You Provide to Us
When you use the Service, we may collect the following personal information that you voluntarily provide:
- Registration Information: Username, email address, and password (encrypted).
- Profile Information: Name, date of birth, gender, country/region, postal/zip code, occupation, education level, income range, and other demographic information.
- Survey Responses: Your answers, opinions, feedback, and other content provided in surveys.
- Payment Information: Payment account identifiers (e.g., PayPal email, gift card delivery address) necessary to fulfill rewards. We do not store full bank account or credit card numbers.
2.2 Information We Automatically Collect
When you access or use the Service, we may automatically collect:
- Device Information: Device model, operating system version, unique device identifiers (e.g., IDFA, Android ID), screen resolution, language settings.
- Network Information: IP address, internet service provider, connection type (Wi-Fi/cellular).
- Usage Data: Log data, access times, pages viewed, survey participation history, completion records, reward accrual and redemption activity.
- Geolocation Information: Country/region-level location derived from IP address (for survey matching purposes).
2.3 Information from Third Parties
We may receive information about you from our partners (e.g., app developers, survey publishers) to verify eligibility, prevent fraud, and improve service delivery.
3. How We Use Your Information
We use the information we collect for the following purposes:
- Service Provision & Survey Matching: To match you with appropriate surveys based on your profile, device, and location.
- Fraud Prevention & Verification: To monitor for duplicate participation, geographic anomalies, device irregularities, and completion signal abnormalities to ensure survey data integrity.
- Reward Fulfillment: To calculate points, coins, credits, or other in-app value and facilitate reward redemptions.
- Analytics & Improvement: To analyze user behavior and service usage to optimize our Service and user experience.
- Communication & Support: To send service notifications, survey invitations, reward notifications, and respond to customer support requests.
- Legal Compliance: To comply with applicable laws, regulations, and respond to lawful requests from governmental or regulatory authorities.
4. Legal Bases for Processing (GDPR/UK GDPR)
For individuals located in the European Economic Area (EEA), the United Kingdom, or other jurisdictions requiring a legal basis for processing, we rely on the following legal bases:
- Contractual Necessity: Processing necessary to perform our contract with you (e.g., providing surveys and rewards).
- Legitimate Interests: Processing necessary for our legitimate business interests, including fraud prevention, service improvement, and analytics, provided such interests are not overridden by your data protection rights.
- Consent: Processing based on your explicit consent (e.g., for certain sensitive data processing or marketing communications).
- Legal Obligation: Processing necessary to comply with legal obligations.
5. Sensitive Personal Information
We may collect certain categories of sensitive personal information as defined under applicable state laws. These may include:
- Racial or ethnic origin
- Religious beliefs
- Health data (including reproductive or sexual health information where applicable)
- Sexual orientation
- Gender identity or transgender/non-binary status
- Citizenship or immigration status
- Biometric data
- Precise geolocation data
Processing Sensitive Information: Under the CCPA/CPRA, VCDPA, CPA, CTDPA, and other applicable laws, we will not process sensitive personal information without first obtaining your express opt-in consent, except where otherwise permitted by law. You may withdraw your consent at any time.
Maryland MODPA Compliance: Under the Maryland Online Data Privacy Act, we process sensitive information only when strictly necessary for a consumer-requested service, even with consent. We do not process or share sensitive information unless strictly necessary.
Colorado CPA Compliance: Under the Colorado Privacy Act, we provide notice at or before collecting or processing biometric identifiers and disclose how we use, retain, and disclose such data.
6. Disclosure of Your Information
6.1 To Survey Publishers
We may share anonymized or de-identified survey response data with third-party clients who commission surveys ("Survey Publishers"). Shared data does not include directly identifiable information (e.g., name, email, phone number) unless you have expressly consented to such disclosure within the survey.
6.2 To Service Providers
We may share your information with third-party service providers (e.g., cloud hosting, analytics, payment processors) who perform services on our behalf. These providers are contractually obligated to use your information only as necessary to perform services for us and maintain strict confidentiality.
6.3 Legal Requirements
We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to:
- Comply with a legal obligation, court order, or governmental/regulatory request;
- Protect and defend the rights, property, or safety of EarnAxe, our users, or the public;
- Investigate or prevent fraud, security breaches, or other unlawful activities.
6.4 Business Transfers
In the event of a merger, acquisition, asset sale, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you in advance and ensure the acquiring entity agrees to honor this Privacy Policy.
6.5 We Do Not Sell Your Personal Information
We do not sell your personal information to third parties for their own marketing purposes, except with your explicit opt-in consent. Under applicable state laws (including CCPA/CPRA, VCDPA, CPA, CTDPA, and others), you have the right to opt out of any sale of your personal information.
7. Your Privacy Rights
Under applicable U.S. state privacy laws and the GDPR/UK GDPR, you have the following rights regarding your personal information:
| Right | Description |
|---|
| Right to Know/Access | Request disclosure of the categories and specific pieces of personal information we have collected about you. |
| Right to Delete | Request deletion of your personal information, subject to certain exceptions. |
| Right to Correct | Request correction of inaccurate personal information. (Note: Iowa law does not provide this right.) |
| Right to Data Portability | Request a copy of your personal information in a structured, commonly used, machine-readable format. |
| Right to Opt Out | Opt out of the sale of your personal information, targeted advertising, and certain types of profiling. |
| Right to Opt In | Provide opt-in consent before we process sensitive personal information (required in Virginia, Colorado, Connecticut, and other states). |
| Right to Non-Discrimination | Not be discriminated against for exercising your privacy rights. |
| Right to Withdraw Consent | Withdraw your consent at any time; withdrawal does not affect the lawfulness of processing based on consent before withdrawal. |
| Right to Appeal | Appeal a refusal to take action on a consumer rights request (Colorado, Connecticut, Virginia, and others). |
| Transparency Right | Request a list of third parties that have received your data (Minnesota, Oregon, Delaware). |
7.1 California-Specific Rights (CCPA/CPRA)
If you are a California resident, you have the additional right to:
- Request that we disclose the categories of personal information we have sold or shared and the categories of third parties to whom it was sold or shared.
- Opt out of the sharing of your personal information for cross-context behavioral advertising.
- Know the length of time we intend to retain each category of personal information.
- CCPA Private Right of Action: The CCPA provides a private right of action for certain data breaches, allowing consumers to seek statutory or actual damages.
7.2 Colorado-Specific Rights (CPA)
If you are a Colorado resident, you have the right to:
- Opt out of profiling in furtherance of decisions that produce legal or similarly significant effects.
- Appeal any decision we make regarding your privacy rights request.
7.3 Minnesota-Specific Rights (MNCDPA)
If you are a Minnesota resident, you have the additional right to:
- Understand the basis of profiling decisions;
- Access the data used in profiling;
- Pursue alternative outcomes.
7.4 Delaware-Specific Rights (DPDPA)
If you are a Delaware resident, you have the right to request a list of categories of third parties to whom your data has been disclosed.
7.5 GDPR/UK GDPR Rights (EU/UK Residents)
If you are located in the EEA or UK, you have the additional right to:
- Restrict processing of your personal information in certain circumstances.
- Object to processing based on legitimate interests.
- Lodge a complaint with a supervisory authority.
7.6 How to Exercise Your Rights
To exercise any of these rights, please contact us using the information in Section 15 (Contact Us). We will respond within the timeframe required by applicable law (typically 30 days for most state laws, 45 days under CCPA/CPRA). We may request verification of your identity before processing your request.
Authorized Agents: You may designate an authorized agent to submit requests on your behalf. We may require proof of authorization and identity verification.
8. Universal Opt-Out Signals
We recognize and honor universal opt-out preference signals, such as the Global Privacy Control (GPC) , which allow consumers to communicate their preferences regarding the sale of personal data and targeted advertising across all websites. This is required under laws in California, Delaware, Nebraska, New Hampshire, New Jersey, with Maryland and Minnesota set to align.
9. Data Protection Impact Assessments (DPIAs)
Many state privacy laws require businesses to conduct Data Protection Impact Assessments ("DPIAs") or risk assessments when engaging in "high-risk" processing activities. These activities include:
- Selling or sharing data for targeted advertising;
- Profiling that presents a heightened risk of harm;
- Processing sensitive personal information.
We conduct DPIAs as required under applicable laws, including California, Colorado, Connecticut, Delaware, Iowa, Maryland, Minnesota, Nebraska, New Hampshire, New Jersey, Tennessee, Virginia, and others.
10. Data Security
We implement and maintain reasonable administrative, technical, and physical data security practices designed to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include:
- TLS/SSL encryption for data transmission;
- Encrypted storage of sensitive information (e.g., passwords);
- Regular security assessments and vulnerability scanning;
- Employee and partner data protection training.
However, no security measure is perfect. You are responsible for maintaining the confidentiality of your account credentials and must immediately notify us of any suspected security incident.
11. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When you close your account or we no longer need your information, we will securely delete or anonymize it.
12. Children's Privacy
The Service is not directed at individuals under the age of 16 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal information from minors.
Colorado CPA: Under the amended Colorado Privacy Act effective October 1, 2025, the definition of "Minor" includes any consumer under 18 years of age. We do not collect or process personal data of minors without verifiable parental consent.
Maryland MODPA: The Maryland Online Data Privacy Act imposes additional restrictions on the collection and use of children's information. We comply with all such restrictions.
If we discover that we have inadvertently collected personal information from a minor, we will promptly delete such information. If you believe we may hold information about a minor, please contact us immediately.
13. Cross-Border Data Transfers
Your information may be transferred to and stored on servers located outside your country of residence, including in the United States. Data protection laws in these countries may differ from those in your jurisdiction.
EU-US Data Privacy Framework: We comply with the EU-US Data Privacy Framework (DPF) as confirmed by the European Court of Justice. For transfers from the EEA, UK, or Switzerland, we rely on:
- The EU-US Data Privacy Framework (where applicable);
- Standard Contractual Clauses (SCCs) approved by the European Commission;
- Other appropriate safeguards as required under applicable law.
- GDPR Article 27: If we offer services to individuals in the EEA or UK, we may be required to appoint a local representative.
14. Cookies and Similar Technologies
We use cookies and similar tracking technologies to:
- Maintain your logged-in session;
- Remember your preferences;
- Analyze service usage;
- Prevent fraud and abuse.
- You may manage or disable cookies through your browser settings; however, this may affect certain Service functionality.
15. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:
- Email: support@earnaxe.com
- Mailing Address: Tower 2, Marina Bay Financial Centre, 38 / F, 10 Esplanade, Singapore, 018984
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Service, by email, or by posting a notice on our website. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.
