OnChainRisk

Privacy Policy

Last Updated: February 22, 2026

1. Introduction

OnChainRisk ("we", "our", "us") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our blockchain forensics service ("Service").

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, password hash, payment information
  • Waitlist Information: Email address for early access notifications
  • API Usage: Blockchain addresses you analyze, query parameters
  • Communications: Emails or messages you send us

2.2 Information Collected Automatically

  • Usage Data: Features used, analysis requests, timestamps
  • Device Information: Browser type, operating system, IP address
  • Analytics: Page views, session duration, referral sources (via Google Analytics)
  • Cookies: Session identifiers, preferences

2.3 Blockchain Data

We analyze publicly available blockchain data, including:

  • Transaction histories
  • Wallet balances
  • Smart contract interactions
  • Token transfers

This is public data on decentralized networks, not personal data in most cases.

3. How We Use Your Information

We use collected information to:

  • Provide the Service: Process analysis requests, generate reports
  • Improve the Service: Analyze usage patterns, fix bugs, develop features
  • Communicate: Send service updates, respond to inquiries
  • Security: Detect fraud, prevent abuse, protect our systems
  • Compliance: Meet legal obligations, respond to lawful requests

4. Legal Basis for Processing (GDPR)

If you are in the EEA, we process your data based on:

  • Contract: To provide the Service you requested
  • Legitimate Interest: To improve and secure the Service
  • Legal Obligation: To comply with laws

5. Information Sharing

We do NOT sell your personal information. We may share data with:

5.1 Service Providers

  • Cloud hosting (Cloudflare)
  • Analytics (Google Analytics)
  • Payment processors

5.2 Legal Requirements

We may disclose information if required by:

  • Court orders or subpoenas
  • Law enforcement requests
  • Regulatory requirements

5.3 Business Transfers

In the event of a merger, acquisition, or sale, your data may be transferred to the successor entity.

5.4 With Your Consent

We may share information when you explicitly authorize us to do so.

6. Data Retention

We retain your data for:

  • Account Data: Duration of your account plus 2 years
  • Analysis Logs: 90 days (for debugging and abuse prevention)
  • Waitlist Emails: Until you unsubscribe or service launches
  • Payment Records: 7 years (legal/tax requirements)

You may request deletion of your data (see Section 9).

7. Data Security

We implement security measures including:

  • Encryption in transit (TLS/HTTPS)
  • Encryption at rest for sensitive data
  • Access controls and authentication
  • Regular security reviews

However, no system is 100% secure. You use the Service at your own risk.

8. International Transfers

Your data may be processed in countries outside your residence. We ensure appropriate safeguards are in place for international transfers.

9. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access: Request a copy of your data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your data
  • Portability: Receive your data in a portable format
  • Objection: Object to certain processing
  • Restriction: Limit how we use your data
  • Withdraw Consent: Revoke consent for optional processing

To exercise these rights, contact us at admin@onchainrisk.io (subject: "Privacy Request").

10. Cookies and Tracking

10.1 Types of Cookies

  • Essential: Required for the Service to function
  • Analytics: Help us understand usage (Google Analytics)
  • Preferences: Remember your settings

10.2 Managing Cookies

You can control cookies through your browser settings. Disabling cookies may affect Service functionality.

10.3 Do Not Track

We do not currently respond to "Do Not Track" browser signals.

11. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for their privacy practices. Review their policies before providing information.

12. Children's Privacy

The Service is not intended for users under 18. We do not knowingly collect data from children. If we learn we have collected such data, we will delete it.

13. California Privacy Rights (CCPA)

California residents have additional rights:

  • Right to Know: Categories and specific pieces of data collected
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: We do not sell personal information
  • Non-Discrimination: We will not discriminate for exercising rights

To exercise these rights, contact admin@onchainrisk.io (subject: "CCPA Request").

14. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or the Service. Your continued use after changes constitutes acceptance.

15. Contact Us

For privacy-related questions or requests:

By using OnChainRisk, you acknowledge that you have read and understood this Privacy Policy.