User Compliance Rights and Protections

User Compliance Rights and Protections #

Simple overview of your rights and protections

User Compliance Rights and Protections are a core design principle of MM AI Agent (MetaMask Payment Terminal). From the first interaction, users retain full control over funds, transactions, and personal data—without hidden intermediaries or opaque compliance risks.

This documentation explains, in clear and simple terms, what rights users have, what protections are built into the system, and how compliance is handled without compromising privacy or self-custody.

User Compliance Rights and Protections Explained #

User Compliance Rights and Protections define the safeguards that ensure users are not exposed to unauthorized custody, unnecessary data collection, or hidden regulatory risks when using crypto payment infrastructure.

MM AI Agent is intentionally designed to avoid custody of user funds, avoid control over transaction execution, and avoid collection of personal data. This ensures compliance obligations do not override fundamental user rights.

Right to Self-Custody #

Users always retain exclusive control over their crypto-assets.

MM AI Agent never holds private keys, never accesses seed phrases, and never controls wallets. All transactions are signed directly by the user’s wallet, such as MetaMask, and executed on public blockchains.

Self-custody is widely recognized under EU and international frameworks as a user-controlled activity rather than a custodial financial service.

Reference:
European Commission – Markets in Crypto-Assets Regulation (MiCA)
https://eur-lex.europa.eu/eli/reg/2023/1114/oj/eng

Right to Transaction Autonomy #

Every transaction requires explicit user approval.

MM AI Agent may prepare a transaction by calculating the amount, selecting the network, and estimating gas fees. However, the user reviews all transaction details, decides whether to proceed, and signs the transaction with their own wallet.

No automated execution or background transaction submission is possible. This guarantees that users remain the final authority over any transfer of value.

Right to Privacy by Design #

Privacy is a default setting, not an optional feature.

MM AI Agent does not collect names, email addresses, identification documents, IP addresses, or behavioral analytics. No user profiles are created, and no personal data is stored.

The payment interface is delivered through IPFS, which ensures interface integrity without relying on centralized servers or tracking mechanisms.

Privacy references:
Ethereum Foundation – Privacy Cluster
https://ethereum.org/privacy
https://ethereum.org/zero-knowledge-proofs

Right to Transparency #

All transactions are settled on public blockchains.

This provides verifiable transaction hashes, immutable records, and independent auditability. Users do not need to rely on MM AI Agent for trust—they can verify transaction details themselves using public blockchain explorers.

Transparency protects users from hidden fees, undisclosed intermediaries, and unauthorized transaction handling.

Right to No Custodial Risk #

Custodial risk is one of the largest sources of loss in digital finance.

MM AI Agent eliminates this risk entirely. There are no pooled funds, no escrow accounts, no delayed settlements, and no authority to freeze or reverse transactions. Funds move directly from the user’s wallet to the recipient on-chain.

This structure aligns with best practices for non-custodial crypto software.

Regulatory Protection Without Overreach #

User Compliance Rights and Protections are aligned with regulatory frameworks such as MiCA without imposing unnecessary restrictions on users.

MM AI Agent does not operate as a Crypto-Asset Service Provider, does not onboard customers, and does not impose AML or KYC procedures at checkout. Users remain responsible for their own regulatory obligations, while the system avoids acting as an intermediary.

Reference:
Official Journal of the European Union – Regulation (EU) 2023/1114

Protection Against Interface Manipulation #

The payment interface is hosted on IPFS and identified by a unique Content Identifier (CID).

Any modification to the interface changes the CID, making tampering immediately detectable. Users can independently verify interface integrity, protecting against phishing attacks, silent updates, or unauthorized code changes.

Right to Equal Access #

MM AI Agent does not discriminate based on geography, identity, transaction size, or payment frequency.

As long as a user controls a compatible wallet, access is permitted. This supports financial inclusion while remaining legally defensive and regulator-aware.

What MM AI Agent Does Not Do #

To avoid ambiguity, MM AI Agent does not act as a bank, does not act as a payment service provider, does not store user funds, does not execute transactions on behalf of users, and does not reverse or block payments.

These exclusions are essential for protecting user rights and preventing regulatory misclassification.

User Responsibilities #

While MM AI Agent protects user rights, users remain responsible for securing their wallet and private keys, understanding applicable local regulations, and verifying transaction details before signing.

This shared-responsibility model is standard for self-custodial systems.

Why User Compliance Rights and Protections Matter #

User Compliance Rights and Protections ensure that users remain in control, privacy is respected, transactions are transparent, custodial risk is eliminated, and compliance does not become surveillance.

MM AI Agent demonstrates that user rights and regulatory awareness can coexist without compromise.