Our commitment to regulatory standards and industry best practices
At Dylimu, we are committed to maintaining the highest standards of compliance with relevant laws, regulations, and industry best practices. We understand that trust is essential when it comes to securing your digital assets, and our compliance efforts are a fundamental part of earning and maintaining that trust.
Our hardware wallets are designed to help users securely store their private keys for cryptocurrency assets. As a hardware manufacturer, we focus on creating secure devices rather than providing financial services like cryptocurrency exchanges, custodial storage, or staking services.
This page outlines our approach to compliance across various aspects of our business, from product security to data protection and business operations.
Our approach to meeting regulatory requirements
Our hardware wallets are designed and manufactured to comply with relevant product safety and electromagnetic compatibility standards, including:
Each device undergoes rigorous testing to ensure it meets these standards before being released to the market.
We are committed to protecting your personal information in compliance with applicable data protection laws, including:
Our Privacy Policy and Cookie Policy detail how we collect, use, and protect your personal information in accordance with these regulations.
Our business operations adhere to applicable laws and regulations, including:
We maintain appropriate records and documentation to demonstrate our compliance with these requirements.
As a hardware wallet manufacturer, we do not engage in activities that typically require cryptocurrency-specific licensing such as:
Our products are tools that help users maintain control of their own private keys while interacting with various blockchain networks.
Our commitment to industry-recognized security standards
Our secure elements are certified under Common Criteria (ISO/IEC 15408), an international standard for computer security certification. This certification validates that our hardware meets specific security requirements and has undergone rigorous evaluation.
The cryptographic modules in our devices comply with Federal Information Processing Standard (FIPS) 140-2, a U.S. government standard that specifies security requirements for cryptographic modules protecting sensitive information.
Our development and manufacturing processes follow ISO 27001 information security management best practices, ensuring that we maintain appropriate controls to protect the confidentiality, integrity, and availability of information.
In addition to these formal standards, we regularly engage independent security researchers to conduct penetration testing and security audits of our products and systems. The results of these audits inform our continuous improvement process to enhance the security of our products.
We implement strict controls throughout our supply chain to ensure the integrity and security of our hardware wallets from manufacturing to delivery:
Our approach to staying current with evolving regulations
The regulatory landscape for cryptocurrency and hardware security is constantly evolving. We maintain an active compliance program to stay informed about relevant regulatory developments and adapt our practices as needed:
We continuously monitor regulatory developments in key markets where we operate, with particular attention to:
We actively participate in industry associations and standards organizations to stay informed about emerging best practices and contribute to the development of industry standards for hardware wallet security.
We regularly review and update our policies and procedures to ensure they remain aligned with current regulatory requirements and industry best practices. Our website policies, including our Privacy Policy, Terms of Service, and Cookie Policy, are periodically updated to reflect these changes.
Our team members receive regular training on relevant compliance requirements to ensure they understand and adhere to our compliance policies in their daily work.
Common questions about our compliance practices
No, Dylimu is not a regulated financial institution. We are a hardware manufacturer that produces devices designed to help users securely store their private keys for cryptocurrency assets. We do not provide financial services such as cryptocurrency exchanges, custodial storage, or staking services that would typically require financial regulatory licensing.
No, we never have access to users' private keys or cryptocurrency assets. Our hardware wallets are designed to generate and store private keys securely on the device itself, and these keys never leave the device. We do not have any backdoors or mechanisms to access the keys stored on your device. This is a fundamental security principle of our products.
We implement strict security controls throughout our manufacturing process, including secure facilities with controlled access, background checks for personnel, component verification procedures, and quality control checks at multiple stages of production. Additionally, our devices include security features that can detect tampering, and we use tamper-evident packaging to help users verify that their device hasn't been compromised during shipping.
We comply with applicable data protection regulations by implementing appropriate technical and organizational measures to protect personal data, maintaining detailed privacy policies that explain how we collect and use personal information, obtaining necessary consents for data processing, providing mechanisms for users to exercise their data rights, and conducting regular assessments of our data protection practices. For more information, please refer to our Privacy Policy.
No, we do not have visibility into or information about customer cryptocurrency transactions. Our hardware wallets are offline devices that store private keys, but we do not process or have access to information about the transactions you conduct using those keys. As a hardware manufacturer rather than a financial service provider, we do not have transaction reporting obligations to tax authorities regarding customer cryptocurrency activities.
If you have questions about our compliance practices or need additional information for your own compliance purposes, please contact our compliance team.