Privacy Policy

ChainArmor collects the bare minimum of personal data to run the service. We do not require KYC, we do not sell or share your data with advertisers, and you can delete your account at any time. Everything you add to the product (wallet addresses, labels) is public blockchain data that you choose to associate with your account.

ChainArmor (“we”, “us”) provides a blockchain wallet monitoring and risk assessment service. If you have a question about this policy or the data we hold on you, reach us at our contact page.

To run the service, we collect and store:

• Email address. Required to sign in (magic-link authentication) and to deliver alerts. We never ask for a name, phone number, or government ID.
• Wallet addresses you add. Public blockchain data that you explicitly choose to monitor. We do not ask for private keys, seed phrases, or signatures.
• Notification channel destinations. If you link Telegram or a webhook, we store the chat ID or URL needed to deliver messages.
• Billing metadata. Your subscription tier, billing interval, and Stripe customer ID. Payment details (card numbers, CVV) are handled by Stripe; we never see them.
• Minimal usage data. Request timestamps and IP addresses on authenticated API calls for abuse detection and rate-limiting. We keep these for 30 days then aggregate them.

We do NOT collect:

• Names, phone numbers, or real-world identity documents.
• Browser fingerprints or cross-site tracking cookies.
• Marketing-tracking pixels or third-party advertising scripts.
• Your wallet's private keys or signing material.

Your data is used only to:

• Authenticate you and keep your session active.
• Scan the wallets you've added against public blockchain blacklists (USDT/USDC freeze lists, OFAC sanctions, and similar).
• Compute risk scores and indirect-exposure proximity data on those wallets.
• Deliver alerts to the channels you've configured.
• Bill you through Stripe for paid plans.
• Investigate and block abuse of the service.

We do not use your data for profiling, advertising, or training machine-learning models.

The service is built on a small set of external providers. Each receives only the data it strictly needs to do its job.

• Stripe — handles subscription billing. Receives: email, plan selection, Stripe customer ID. Governed by Stripe's own privacy policy.
• Resend — sends transactional email (magic links, alerts). Receives: recipient email, subject line, body.
• Telegram Bot API — delivers alerts to users who link a Telegram channel. Receives: chat ID, message text.
• Blockchain RPC providers (TronGrid, Alchemy, Infura and similar) — receive the public wallet addresses you add, so we can fetch their transaction history. Does not reveal any personal data to the provider.

We do not sell personal data. We do not share personal data with advertisers, data brokers, or analytics vendors.

• Email address, login credentials, notification channel destinations, API keys — kept only as long as your account is active. Permanently deleted the moment you delete your account (see section 5a).
• Wallet addresses you added, the derived transaction counterparty graph, proximity/risk scores, and alert history — retained in anonymized form for network analysis even after you delete your account. This is public blockchain data that you chose to associate with our analysis pipeline. Details in section 5a below.
• Billing records (invoices, Stripe events) — retained for 7 years as required by tax authorities in most jurisdictions. After account deletion, the only remaining link is your Stripe customer ID inside Stripe itself; our database no longer stores it.
• Logs with IP addresses — 30 days.

You can delete your account any time from Settings → Danger zone → Delete account. The deletion is high-friction on purpose: you must type your full email address into a confirmation field before the destructive button activates.

When you confirm deletion, we immediately:

• Overwrite your email on our user record with an opaque placeholder. Your original email is not recoverable.
• Delete every notification channel you linked (Telegram chat IDs, webhook URLs and their secrets).
• Delete all your API keys.
• Delete any pending magic links or Telegram verification nonces.
• Cancel your active Stripe subscription with proration — a final partial-period invoice will be settled against your payment method, and no further charges will occur.
• Clear your authentication cookies so your current browser session stops working immediately.
• Set your account status to deleted, which blocks any still-valid access tokens from being used.

What we keep after deletion, in anonymized form:

• The wallet addresses you added to your account.
• The counterparty list and proximity scores we computed for those wallets.
• The alert audit trail for the wallets you scanned, so we can improve the risk model.
• Aggregated wallet-creation / deletion records used for anti-abuse (the rolling 30-day cap).

None of this retained data contains your email, your billing information, your IP address, or anything else that identifies you as a person. The only link between these rows and the (now-anonymized) account row is an internal UUID that has no meaning outside our database. We keep this data because it is public blockchain information that you chose to share with us for analysis — and that analysis (wallet clustering, blacklist adjacency, fraud pattern detection) improves for every user as the dataset grows.

If you want a stricter deletion that wipes the wallet and counterparty rows as well — or if you have a legal basis (e.g. a supervisory authority order) that requires it — email our privacy contact. We honor those requests; the self-service flow just defaults to the anonymization path because it produces the most useful public-good outcome.

If you are in the EU, UK, or a jurisdiction with similar data protection laws, you have the right to:

• Access the personal data we hold on you.
• Correct inaccurate data.
• Request deletion (“right to erasure”).
• Export your data in a portable format.
• Object to processing.
• Lodge a complaint with your local supervisory authority.

Because our accounts are pseudonymous (email-only), these requests are typically fulfilled by logging in and either using the in-product settings (delete wallet, delete account) or emailing our support team from the email address associated with your account. We do not ask for government ID to verify a data request — email-address-based confirmation is our verification method.

We use cookies only for authentication. When you sign in, we set two strictly-necessary HTTP-only cookies containing your access and refresh tokens. These are never read by JavaScript and never sent to third parties. We do not use analytics cookies, advertising cookies, or cross-site trackers.

All traffic is served over HTTPS. Authentication tokens live in HTTP-only cookies so an XSS flaw cannot exfiltrate them. Passwords are never stored because we don't use them — magic-link authentication only. Database access is restricted to the backend service, and administrative access uses hardware second-factor authentication.

No system is perfect. If you believe you've found a security issue, please report it to our contact page and we'll respond within two business days.

Our infrastructure is hosted in the United States. If you access the service from outside the US, your data is transferred to and processed in the US. We rely on standard contractual clauses where required to comply with GDPR's international transfer rules.

The service is not directed at people under 16 and we do not knowingly collect data from them. If you believe a child has signed up, contact us and we will delete the account.

If we make material changes to this policy, we'll email active accounts 30 days before they take effect. Minor editorial changes (clarifying language, fixing typos) are applied immediately with an updated date at the top of this page.