FATCAT TELEGRAM BOT
USER CONDUCT & SECURITY POLICY
Last Updated: December 19, 2025
1. Purpose and Legal Status
1.1. This FatCat Telegram Bot User Conduct&Security Policy (“Policy”) governs the access to and use of the FatCat Telegram Bot (the “Bot”) operated under the official Telegram handle @FatCat_Solbot and related Telegram-based services.
1.2. This Policy forms an integral part of the FatCat Terms and Conditions (“Terms”) and is hereby incorporated by reference. By engaging with the Bot, you (“User”, “you”, “your”) agree to be bound by this Policy, the Terms, and the Privacy Policy, including aTelegram Mini Apps Terms of Service (available at https://telegram.org/tos/mini-apps) and the Telegram Terms of Service for Bots (available at https://telegram.org/tos/bots). All provisions of the Terms, including but not limited to those relating to governing law, limitation of liability, indemnification, intellectual property, and dispute resolution, apply mutatis mutandis to the use of the FatCat Telegram Bot, except where expressly modified by this Conduct Policy. In the event of any inconsistency or conflict between the provisions of this Conduct Policy and the Terms, the provisions of this Conduct Policy shall prevail, but only to the extent of such inconsistency or conflict. In all other respects, the Terms shall remain fully applicable and binding. Together, the Terms and this Conduct Policy constitute a single, legally binding agreement governing your use of all FatCat interfaces and services, including the Website and Telegram Bot.
1.3. If you do not agree with this Policy, you must immediately cease interaction with the Bot.
1.4. The Bot is a self-custodial communication interface that enables Telegram users to submit and relay commands to third-party decentralized protocols on public blockchains. The Company does not provide custody, brokerage, or exchange services.
2. Scope and Features of the Bot
2.1. The Bot provides a conversational interface through which Users may:
• connect an external self-hosted Wallet;
• query market data and balances via public APIs;
• construct and sign blockchain transactions; and
• receive automated trade-status notifications or analytical summaries.
2.2. All on-chain operations are executed directly by the User’s connected Wallet through smart-contract calls to external protocols. The Company never obtains possession or control of any private keys, assets, or signing credentials.
2.3. Telegram is an independent third-party platform. The Company is not responsible for Telegram’s network, infrastructure, or data-handling practices.
2.4 The Company may, without notice, modify or suspend specific Bot commands, integrations, or protocol connections for technical, legal, or risk-management reasons.
3. User Identification and Telegram Authentication
3.1. Access to the Bot occurs through Telegram’s native authentication mechanism. No separate FatCat account is created.
3.2. The Company relies on the Telegram User ID and associated metadata for interaction. You acknowledge that Telegram controls all login, session, and two-factor-authentication features.
3.3. You are solely responsible for securing your Telegram account and device. All commands or confirmations originating from your account shall be deemed authorized by you.
3.4. If your Telegram account is compromised, you must notify the Company immediately at help@fatcatbot.io. The Company will use reasonable efforts to block further Bot interactions but cannot reverse blockchain transactions already signed.
3.5. The Company reserves the right to require additional identity verification where required by law.
4. Command and Transaction Lifecycle
4.1. Before transaction execution, the Bot displays a summary containing all necessary information about the transaction, including protocol address, asset pair, expected price/size, fees, and network costs. By confirming, you irrevocably authorize submission of the transaction for on-
chain processing.
4.2. Transactions are cryptographically signed within your Wallet. Once broadcast to the blockchain, they are final and irreversible. The Company cannot cancel, edit, or refund them.
4.4. Execution depends on third-party protocols, network congestion, and validators. The Company does not guarantee slippage tolerance, order priority, or confirmation speed.
4.5. The Bot logs only non-personal operational metadata, including transaction hash, timestamp, error codes, for audit and security purposes.
4.6. Users must regularly update their Wallet software and ensure the possibility to pay the sufficient network fees for successful transactions, which the Company cannot control.
5. Data Governance and Privacy
5.1. The Company applies the principles of data minimization and purpose limitation. It collects only what is necessary to operate and secure the Bot.
5.2. Data categories processed:
• Telegram metadata;
• Wallet public addresses linked for transactions;
• Command and error logs;
• System diagnostics and anti-abuse signals.
5.3. Data is retained only as long as reasonably necessary for security, compliance, and technical diagnostics, after which they are aggregated or anonymized.
5.4. No private keys, seed phrases, or Telegram message content are stored.
5.5. Cross-border data transfers may occur via Telegram’s servers and Company infrastructure. By using the Bot you consent to such transfers.
5.6. The Company may share limited data with service providers performing security monitoring or blockchain analytics under confidentiality obligations.
5.7. Further information on data handling is available in the FatCat Privacy Policy, which applies mutatis mutandis to Telegram interactions.
6. Acceptable Use and User Obligations
6.1. Users must use the Bot responsibly, lawfully, and only for its intended purpose of interfacing with decentralized protocols.
6.2. You agree to:
- Review each transaction summary and fee before confirming.
- Refrain from spamming commands or using automation to flood the Bot.
- Comply with all applicable laws, including sanctions and AML/CTF requirements.
- Respect Telegram community guidelines and the Company’s moderation rules.
- Report suspicious links or fake Bots impersonating FatCat.
6.3 Developers integrating third-party tools or wrappers around the Bot must obtain the Company’s prior written authorization and comply with API rate-limits and security standards.
6.4 Any use for illegal financial activity, fraud, or circumvention of regulatory restrictions is strictly prohibited.
7. Prohibited Activities
7.1. Without limiting other sections of this Policy, you must not:
- Technical Abuse: interfere with the Bot’s operation, inject malicious code, reverse-engineer scripts, or bypass security mechanisms.
- Automation & Spam: deploy unapproved bots or macros to issue commands, send mass transactions, or mine referrals.
- Market Manipulation: use the Bot to conduct wash-trades, spoofing, front-running, back-running, sandwich attacks, or other forms of market abuse.
- Fraud&Misrepresentation: impersonate the Company or other Users, fabricate performance claims, or deceive participants.
- Sanctions Evasion: access the Bot from prohibited jurisdictions or engage in transactions involving sanctioned wallets or persons.
- Referral Scheme Abuse: self-refer or use synthetic identities to inflate rewards.
- Harassment or Harmful Content: post offensive, defamatory, or threatening messages in official Telegram groups.
- Information Theft: scrape or copy transaction data or analytics for commercial reuse without consent.
7.2. Violation of this Section may result in immediate suspension of Bot access, revocation of referral benefits, blacklisting of Wallet addresses, and referral to law-enforcement agencies.
8. Market Integrity and Execution Disclosures
8.1. The Bot acts solely as a message-relay and transaction-initiation interface. It does not aggregate liquidity, match orders, determine prices, or provide investment signals.
8.2. Execution occurs on third-party decentralized protocols. Latency, validator ordering, oracle updates, and Miner/Maximal Extractable Value (“MEV”) activity may affect results. The Company does not control these external variables and assumes no obligation to achieve any best-execution standard.
8.3. Displayed quotes are sourced from third-party APIs and may lag real-time market conditions. Users should verify on-chain data before confirming.
8.4. The Company does not conduct proprietary trading or hold positions in assets displayed through the Bot. Should this change, disclosure will be published on FatCat’s website.
8.5. If a supported protocol upgrades, forks, or ceases operation, the Bot’s connectivity may be disrupted. The Company may disable affected commands without notice.
9. Security Controls and Cyber-Protection
9.1. The Company maintains layered defenses including TLS encryption between servers and Telegram API, code-signing of official Bot releases, rate-limiting, anomaly detection, and integrity verification of transaction payloads.
9.2. User Responsibilities. You must:
• secure your Telegram account and device with updated operating systems;
• use official wallet extensions only;
• never paste private keys or seed phrases into any Telegram chat;
• verify that messages originate from the verified @FatCatBot handle (check verification badge or link from the official website).
9.3. If you suspect a vulnerability, phishing attempt, or unauthorized access, immediately report via security@fatcatbot.io. Do not disclose details publicly until the Company acknowledges receipt.
9.4. The Company commissions periodic third-party security audits of smart-contract integrations and infrastructure. Summaries may be published for transparency.
9.5. Despite safeguards, no system is infallible. By using the Bot, you accept residual cybersecurity risk inherent in internet-based services.
10. Anti-Money-Laundering (AML) and Sanctions Compliance
10.1. The Company applies a risk-based AML/CTF framework aligned with the FATF Recommendations and guidance from the Hong Kong SFC and UK FCA.
10.2. The Company utilizes blockchain-analytics providers to screen Wallet addresses and transaction flows for red-flag indicators.
10.3. Access to the Bot is prohibited for:
• residents or nationals of comprehensively sanctioned jurisdictions;
• persons or entities listed on OFAC, UN, EU, UK, or HK sanctions lists;
• any Wallet linked to ransomware, dark-web, or other illicit activity.
10.4. Where legally required, the Company may freeze interaction with flagged Wallets and report suspicious activity to competent authorities.
10.5. Because the Bot is self-custodial, the Company does not perform traditional KYC; instead, it monitors transactional behavior consistent with risk-based compliance.
11. Enforcement Mechanisms and Termination
11.1. The Company may apply one or more of the following actions, depending on severity and risk:
- warning message;
- temporary command throttling;
- permanent wallet or Telegram ID ban;
- revocation of referral or reward rights;
- notification to Telegram or law enforcement.
11.2. The Company may act without prior notice if it reasonably believes immediate action is necessary to protect users or comply with law.
11.3. Enforcement decisions are logged for audit purposes for at least twelve (12) months.
11.4. A user may appeal by emailing appeals@fatcatbot.io within thirty (30) days of notice. The Company will review and respond within a reasonable time but is not obliged to reinstate access.
11.5. You may cease using the Bot at any time by disconnecting your wallet and deleting the Telegram chat history.
12. Risk Disclosures and Limitation of Liability
12.1. By using the Bot, you acknowledge the inherent risks of digital assets and blockchain technology, including but not limited to:
- market volatility and loss of value;
- network congestion or failures;
- smart-contract bugs or exploits;
- Telegram service outages;
- unauthorized access due to phishing or malware;
- regulatory changes affecting asset legality.
12.2. The Bot is provided on an “as is” and “as available” basis without any representation or warranty of any kind.
12.3. To the maximum extent permitted by law, the Company shall not be liable for any direct, indirect, incidental, special, consequential, or punitive loss arising from:
• use or inability to use the Bot;
• third-party protocol failures;
• data breaches beyond the Company’s reasonable control;
• unauthorized Telegram account access.
12.4. If, notwithstanding the above, liability is established, the aggregate amount recoverable shall not exceed amounts paid by User to the Company for the prior 12 months, but in any case no more than USD 5 000 (five thousand US dollars).
12.5. Some jurisdictions do not allow certain limitations; in such cases, limitations apply to the maximum extent permitted.
13. Dispute Resolution and Governing Law
13.1. Governing Law. This Policy and any non-contractual obligations arising from it shall be governed by and construed in accordance with the laws of England and Wales, unless mandatory consumer-protection laws of your jurisdiction require otherwise.
13.2. Negotiation and Mediation. The parties shall first attempt to resolve any dispute through good-faith negotiation and, if unsuccessful, submit it to non-binding mediation with a mutually agreed mediator.
13.3. Arbitration. If the dispute is not resolved within thirty (30) days of mediation notice, it shall be referred to and finally resolved by arbitration administered by the Singapore International Arbitration Centre (SIAC) under the SIAC Rules in force at that time, which are incorporated by reference.
• Seat of arbitration: Singapore.
• Language: English.
• Tribunal: one arbitrator.
• Procedure: documents-only or remote hearing at the tribunal’s discretion.
• If the amount in dispute does not exceed USD [1 million], or if otherwise appropriate, the dispute shall be conducted under the Expedited Procedure provisions of the SIAC Rules.
13.4. Confidentiality. All arbitration proceedings shall remain confidential except as required to enforce an award or comply with applicable law.
14. Amendments and Contact Information
14.1 The Company may modify this Policy to reflect technical, operational, or regulatory changes. The updated version will be posted on the FatCat website and announced through the official Bot. Your continued use after such an update constitutes acceptance.
14.2 Headings are for convenience only and do not affect construction. If any provision is held invalid or unenforceable, the remainder shall remain in full force.
14.3 For support, security reports, or compliance enquiries, contact: help@fatcatbot.io, fatcat@fatcatbot.io or Telegram Support: https://t.me/fatcat_support_bot
