Privacy Policy

Coreezy Vibes LLC is the controller responsible for personal information processed through the Service. This Policy applies to information we process when you visit our sites, request access, create an Account, or use the Service. It does not apply to third-party services we do not control.

Information you provide. Account information (email address and a securely hashed password); the email you submit if you request early access (waitlist); the Wallet Addresses you choose to track and any labels, notes, and settings you add; and the contents of support requests or other communications with us.

Information from your use. Basic operational and log data such as sign-in times, session records, approximate location derived from IP, device and browser type, and actions taken in the Service, used to operate, secure, and improve it.

On-chain data. Public blockchain data associated with the Wallet Addresses you track, which we read from public networks and indexers.

Connected accounts (optional, on our roadmap). If and when you choose to link a bank or brokerage account, account and balance information obtained through a third-party connection provider.

Payment information. If you purchase a paid tier, payment is handled by a third-party processor; we receive limited transaction details (such as status and amount) but not full payment-card numbers.

We do not collect or store your private keys, seed phrases, or custody of your assets.

We use information to: provide, maintain, and improve the Service and the analytics you request; create and secure your Account; authenticate you and prevent fraud, abuse, and unauthorized access (including rate limiting); send essential service communications such as email verification, password resets, and security and billing notices; respond to your requests; comply with legal obligations; and enforce our Terms. We do not use your data to build advertising profiles, and we do not sell it.

Where the EU/UK GDPR applies, our legal bases are performance of a contract (to provide the Service), legitimate interests (to secure and improve the Service), consent (where required, for example certain optional features), and compliance with legal obligations.

We use a single essential, httpOnly session cookie to keep you signed in, and may use a small number of strictly necessary cookies for security and preferences. We do not use advertising or cross-site tracking cookies. Because our cookies are strictly necessary, the Service may not function properly if they are blocked.

If we measure how the Service is used in order to improve it, we do so in a privacy-firstmanner: in aggregate, not used to profile individual users, and without third-party advertising trackers. We do not share individual usage data for others’ marketing.

We do not sell your personal information, and we do not “share” it for cross-context behavioral advertising. We disclose information only: (a) to service providers and processors who help us run the Service (for example, hosting, transactional email, error monitoring, payment processing, and account-connection providers), who are bound to use it only on our instructions and to protect it; (b) when you direct us to, for example by linking an account; (c) to comply with law, legal process, or lawful government requests, or to protect the rights, safety, and security of users, the public, or Coreezy Vibes; and (d) in connection with a merger, acquisition, financing, or sale of assets, subject to this Policy. We do not share individual user portfolio data with third parties for their own purposes. The wallet nicknames, notes, and labels you create are stored in your account and are not shown to other users.

We plan to let you connect bank and brokerage accounts through a trusted third-party provider so your full balance sheet can live in one place. Connecting an account is always optional. Any information obtained this way will be used only to provide the Service to you, will never be sold or shared for marketing, and will be handled under the principles in this Policy. The connection provider may process your credentials directly under its own terms and privacy policy.

Blockchain data is public by nature. Tracking a Wallet Address in the Service does not make its on-chain activity private, and untracking it does not remove anything from the blockchain. Names and identities resolved from on-chain domain or naming NFTs, which may include nicknames, social handles, or real names that you or others chose to publish on-chain, are public blockchain information and may be displayed where relevant.

We retain personal information for as long as your Account is active and for a reasonable period afterward as needed to provide the Service, comply with legal, tax, and accounting obligations, resolve disputes, and enforce our agreements. We may retain de-identified or aggregated information that no longer identifies you.

We apply industry-standard safeguards. Passwords are salted and hashed; session and reset tokens are stored only as hashes; and connections are encrypted in transit. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

We are based in the United States and may process information there and in other countries. Where required, we rely on appropriate safeguards for cross-border transfers. By using the Service, you understand your information may be processed in the United States.

Depending on where you live, you may have rights to access, correct, delete, or receive a portable copy of your personal information, to object to or restrict certain processing, and to withdraw consent. Within the Service you can update your tracked wallets, labels, and settings, and request an account export and account deletion at any time. Deleting your Account removes your Account data and overlay (wallets, labels, settings); public chain data is not personal to you and is not deleted.

California residents (CCPA/CPRA): we do not sell or share personal information as those terms are defined, and we will not discriminate against you for exercising your rights. To exercise any right, contact us at [email protected]; we may need to verify your identity before responding.

The Service is not directed to children, and you must be at least 18 to use it. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

The Service may link to third-party sites and services, including ecosystem partners. We are not responsible for their privacy practices, and we encourage you to review their policies.

We may update this Policy from time to time. We will post the updated version with a new “Last updated” date and, where appropriate, provide additional notice. Your continued use after the changes take effect constitutes acceptance.

Coreezy Vibes LLC (Wyoming, USA). For privacy questions or to exercise your rights, contact [email protected].