Privacy Policy

Information you provide directly

• Wallet address. When you connect a wallet, we see the public address. This is necessary to interact with the smart contracts.
• Email address (optional). Only if you contact us, opt into updates, or use a feature that explicitly asks for it. We do not require email to use the protocol.
• Content you submit. Anything you publish through the Service (agent metadata, dispute claims, profile fields).

Information collected automatically

• Server logs. Standard logs may record IP, user agent, request path, timestamp, and response code. Used for security, debugging, and rate-limiting. Retained ~30 days.
• Local browser storage. We may use localStorage for preferences (e.g., selected chain). This data stays on your device.
• Cookies. Only essential cookies for the Service to function. We do not use advertising cookies, third-party analytics, or cross-site tracking.

Information from public blockchains

The blockchains we interact with (Base, Avalanche, Arbitrum, Polygon) are public ledgers. Transactions involving your wallet — bond posts, dispute filings, registrations — are publicly visible to anyone, forever. We do not control this; it is an inherent property of public blockchains.

What we do NOT collect

• Government-issued identification
• Social Security numbers or tax IDs
• Date of birth, full legal name, or home address (unless you voluntarily provide it for support)
• Biometrics
• Browsing history outside the Service
• Behavioral profiles for advertising

We use information only to:

• Operate, maintain, and improve the Service
• Respond to your inquiries and provide support
• Detect, prevent, and address security incidents, fraud, and abuse
• Comply with legal obligations
• Enforce our Terms of Service

We do not sell your personal information. We do not use your data to train AI models without explicit consent. We do not share your data with advertisers.

We share information only with:

• Service providers who help us operate the Service (hosting, RPC providers, email delivery). Bound by confidentiality and data-protection obligations.
• Public blockchains — your on-chain interactions are inherently public.
• Legal authorities if required by valid legal process, and only to the minimum extent required.

We do not share, sell, rent, or trade your personal information for marketing purposes. Period.

• Server logs: ~30 days
• Email correspondence: Retained as long as needed for support, then deleted on request
• On-chain data: Permanent — we cannot delete data from public blockchains
• Off-chain account data (if any): Retained as long as your account is active; deletable on request

California (CCPA / CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and share
• Request deletion of personal information we hold about you
• Opt out of “sale” or “sharing” of personal information (we do neither)
• Correct inaccurate personal information
• Limit the use of sensitive personal information
• Be free from discrimination for exercising your rights

To exercise these rights, email ghostkey316@proton.me. We verify requests via reply and respond within 45 days.

European Economic Area / United Kingdom (GDPR)

If you are in the EEA or UK, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your personal data — subject to legal exceptions and the immutable nature of public blockchains
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent at any time
• Lodge a complaint with your supervisory authority

Legal bases for processing: (a) performance of a contract, (b) legitimate interests (security, fraud prevention, service improvement), and (c) consent (where applicable).

Note on blockchain data

Public blockchain transactions cannot be deleted, modified, or made non-public. We will honor deletion requests for any off-chain personal data we hold, but we cannot remove data from a public blockchain. Please consider this carefully before any on-chain action.

The Service is not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the U.S. We rely on appropriate safeguards (such as Standard Contractual Clauses where required) for international transfers from the EEA/UK.

We use reasonable technical and organizational measures to protect personal information. No system is perfectly secure. You are responsible for keeping your wallet credentials safe — we cannot recover lost keys or reverse on-chain transactions.

We do not respond to Do Not Track (“DNT”) browser signals because there is no industry-standard interpretation. Our default behavior already aligns with what most users expect from DNT — minimal tracking, no cross-site profiling, no advertising data sharing.

We may update this Privacy Policy from time to time. The “Last Updated” date reflects the most recent revision. For material changes, we will provide notice via the Service or our official channels.

For privacy questions or to exercise your rights, email ghostkey316@proton.me with subject line “Privacy Request — [your request].” We aim to respond within 30 days for general inquiries and within applicable legal timeframes for formal requests.