Privacy Policy
What we collect, why, and what we do with it. Short version: we collect very little.
1. The short version
- Your wallet address is your identity. We see it; so does anyone reading the blockchain.
- Email and profile info are optional. We use them only for what you explicitly opted in to.
- We don't sell your data. Period.
- KYC for partners and founders is encrypted and limited-access.
2. What we collect
Automatically
- Wallet address (when you connect)
- IP address + country (Cloudflare)
- Browser type + language (for localisation)
- Aggregated analytics (page views, not user-level tracking)
Voluntarily, from you
- Email (optional — for commission alerts)
- Display name / alias (optional — for Open Sponsor card)
- Telegram handle (optional — for sponsor/downline contact)
- Region + language preferences (optional)
- KYC documents (partners + Diamond+ Open Sponsors only — required by intake process)
From the blockchain (public)
Your NFT tier, transactions, commission earnings, tree position — all public on BscScan. We don't "collect" this; it lives on-chain.
3. Why we collect it
| Data | Why |
|---|---|
| Wallet address | Connect you to your NFT + settings |
| Send you commission notifications + product updates (if opted in) | |
| IP / country | Detect language, enforce geographic compliance, prevent fraud |
| KYC documents | Verify identity of partners + Open Sponsors per legal/compliance requirements |
4. Who we share it with
We don't sell or rent your personal data. We share it only:
- With service providers we use (Cloudflare, ixmailer email delivery, Telegram bot API). All under DPAs.
- With law enforcement when legally compelled (court order, warrant).
- With KYC providers when running identity verification (only for partners + Diamond+ Open Sponsors).
5. What we do NOT do
- Sell or rent your personal data to advertisers.
- Track you across other websites.
- Run user-level fingerprinting analytics.
- Use AI/ML to profile your behaviour for ads.
6. Your rights (GDPR / global)
You have the right to:
- Access your personal data (request a copy via [email protected])
- Correct inaccurate data (most fields editable in dashboard Settings)
- Delete your off-chain data (we can erase email/alias/telegram from our KV store; on-chain data is permanent)
- Object to processing or marketing
- Withdraw consent (opt-out anytime)
- Lodge complaints with your data protection authority
7. Cookies / local storage
We use browser localStorage for: language preference, dismissed UI banners (post-mint profile prompt), referral attribution (90-day window). We use minimal first-party cookies only — no third-party tracking.
8. Data retention
- Wallet ↔ profile mapping: as long as your account is active + 1 year
- Email subscriptions: until you unsubscribe
- KYC docs: as long as required by law (typically 5 years), then deleted
- Operational logs: 90 days
- On-chain data: permanent (we cannot delete)
9. Children
SatNet is not for users under 18. If we discover an account belongs to a minor, we close it and delete personal data.
10. International transfers
Data is processed in countries where our service providers operate (US, EU, primarily). Standard contractual clauses apply where required.
11. Security
We use industry-standard encryption (TLS in transit, at-rest encryption for sensitive data), access controls, and security monitoring. Despite this, no system is 100% secure. If we discover a breach affecting your data, we'll notify you within 72 hours.
12. Changes
We may update this policy. Material changes will be announced on the platform and via email.
13. Contact
For privacy questions or to exercise your rights: [email protected]
This is a working draft. Final policy will be reviewed by privacy counsel before mainnet launch.