Last Updated: October 6, 2023.
These Supplemental Terms of Service complement the applicable Terms of Service for sFOX Pte. Ltd.
PLEASE READ THIS CAREFULLY – IT CONSTITUTES A LEGAL AGREEMENT BETWEEN YOU AND sFOX.
1. Third Party Providers for Custody Services. sFOX does not work with external third-party providers in connection with our Custody Services, these services are provided by sFOX´s affiliate SAFE Trust Company. All our devices and related technology are located within the United States and remain compliant with all applicable laws, rules and regulations.
2. Security of Client’s Assets. sFOX has developed a robust and secure proprietary custody solution, honed over seven years of successful operation across our global footprint, that meets and, in some aspects, exceeds the safety typically associated with cold storage. Our proprietary custody solution provides sFOX with a secure, tamper-resistant hardware device in which we can store cryptographic key material. All private key material is encrypted within our hardware and is never stored in memory or accessible in an unencrypted state. This strategy, combined with our state-of-the-art network security, ensures the safety, security, and integrity of our clients’ assets at all times, without the need for reliance on cold storage. sFOX´s unique setup has proven to be resilient and secure; we have maintained this system with no security incidents across billions in processed transactions over our seven years of operation.
3. Risk Assessment. sFOX regularly reviews the risks that may threaten the achievement of its service commitments and system requirements related to the applicable trust services criteria set forth in TPS Section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality and Privacy (AICPA, Trust Services Criteria). The risk management committee, which includes members of the security function, assesses security risks on an ongoing basis. This is done through regular management meetings with IT personnel, reviewing and acting upon security events logs, performing vulnerability assessments, and conducting a formal annual risk assessment in conjunction with company-wide risk assessments. sFOX has a process in place for evaluating vendor performance and compliance with contractual obligations. Vendor systems are subject to review each year as part of the vendor risk management process.
4. Storage of Client’s Assets. sFOX utilizes unique deposit addresses for each Client’s deposit, which means that each Client will keep at all times ownership of its own assets. With respect to Custody Services, sFOX utilizes its own proprietary custody solution for storing Client’ assets and keeping them segregated from sFOX’s assets, which will protect Client ́s deposits in the event of sFOX insolvency.
5. Insolvency. sFOX Custody Service is organized as a public trust company under Wyoming Statute §13 Chapter 5, under which sFOX is authorized to act as custodian to the assets deposited in such trust. In case sFOX becomes insolvent, the assets under custody in this public trust are segregated from sFOX´s assets and, therefore, not affected in case of insolvency.
Please check the following link with additional Terms of Service applicable to sFOX Pte Ltd