Privacy Policy

• Account — your wallet address and/or email address, used to sign you in and identify your account.
• Technical — your IP address, approximate country, and browser user-agent, captured on requests.
• Usage — an audit log of actions and pages viewed, for security and integrity.

We do not ask for, and you should not submit, sensitive personal data beyond the above.

To provide and operate the Service; to authenticate you; to secure the Service and prevent abuse (rate limiting, blocking); and to maintain an audit trail. The legal basis (where applicable) is our legitimate interest in running and protecting the Service and performing the service you request.

We have no obligation to retain, preserve, or back up any data, and we may delete any data at any time, with or without notice. We do not guarantee that any data will be retained, recoverable, or available for any period. Where we do retain data, network identifiers (IP, country, user-agent) are automatically removed on a rolling basis (currently after about 90 days), and account records persist until you ask us to delete your account or we delete them. Retention practices may change at any time.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act (CCPA/CPRA). We share it only with service providers that operate the Service on our behalf (for example, email delivery and hosting), and where required to comply with valid legal process or to protect the Service, our rights, or others. We do not discriminate against you for exercising any privacy right. Blockchain data shown in the Service is public on-chain data, not personal data we collected from you.

We use a single strictly necessary session cookie (and may use local storage) to keep you signed in and to secure the Service. We do not use advertising, cross-site tracking, or third-party analytics cookies. Because these are essential to provide the Service you request, they do not require consent; blocking them may prevent the Service from functioning.

We may create and use aggregated or de-identified data (which does not identify you) for any purpose, including operating, analyzing, and improving the Service, and may retain and share such data without restriction. We will not attempt to re-identify de-identified data except to test our de-identification.

We take reasonable measures to protect data (for example, hashed single-use sign-in tokens and scoped session cookies), but the Service is provided “as is”: no system is perfectly secure and we cannot and do not guarantee the security of any data. You use the Service at your own risk.

You can request access to, deletion of, or correction of your account and associated personal data, and California and other state residents may have additional rights to access, delete, correct, and limit use of their information. To exercise any of these, use the Contact details below; we may need to verify your identity first. Removing your account does not remove public on-chain data, which we do not control.

For privacy requests — including access, deletion, or questions about this policy — contact us at [email protected]. We will respond as required by applicable law.

The Service may be operated from, and data processed in, jurisdictions other than yours, which may have different data-protection rules. The Service is not directed to children under 18, and we do not knowingly collect their data.

We may update this policy at any time; changes take effect when posted. Nothing here limits any right you have under applicable mandatory data-protection law.