Privacy policy

Nodosol is operated by ELOMEC (UAE DMCC, with El Salvador as backup jurisdiction). Contact for privacy questions: privacy@nodosol.com. Security disclosures go to security@nodosol.com. The full security posture lives at /security.

• Wallet public key. The base58 pubkey of every wallet you connect. This is public information on Solana itself.
• Email (optional). Only if you opt in to email notifications from /settings/notifications. Stored against your wallet pubkey; never sold or shared.
• IP address + user-agent. Captured by Vercel Edge for a few security paths (rate-limit on chat / signup / JWT issuance, error logging). Stored in security_events + error_logs tables.
• Profile content you post. Handle, display name, bio, avatar / banner URLs, social links, chat messages — all gated behind a wallet-signed JWT so only the owning wallet can write.
• On-chain transaction footprint. Every tip, listing, subscription, ticket purchase, OTC, and auction action is on-chain by design. We don't add anything beyond what Solana already records.
• Analytics (consent-gated). If configured, Google Analytics 4 measures aggregate traffic. We default consent to denied until you accept the consent banner. See Analytics below.

• No KYC. Nodosol is non-custodial. We never ask for legal name, ID document, or proof of address (the rights-marketplace vertical at rights.nodosol.com uses Sumsub for B2B KYC, but that's a separate product with its own privacy terms).
• No private keys / seed phrases. Your wallet signs everything; we never see private key material.
• No tracking pixels. No third-party ad-tech, no fingerprinting, no Facebook / TikTok / LinkedIn pixels.
• No analytics tied to wallet. If GA is enabled and you accept consent, the GA stream sees IP + UA + page paths but is never joined back to your wallet pubkey.

• security_events: 90 days, then auto-purged.
• error_logs: 30 days, then auto-purged.
• Wallet-signed JWTs: 15 minutes per token; rotated on every reconnect.
• creator_profiles / notifications / wishlist / price alerts: kept until you delete them or opt out (see your rights).
• On-chain state: permanent, by Solana's design. We cannot delete on-chain data.

• Vercel — hosting + edge runtime + IP geolocation header.
• Supabase — Postgres + Edge Functions + storage bucket for profile media.
• Helius — Solana RPC + enhanced transaction webhook (for notifications).
• Resend — transactional email delivery (only when you opt in).
• Privy — embedded wallet for users who sign in with email.
• Cloudflare Turnstile — bot challenge on public chat writes (optional, env-gated).
• Google Analytics 4 — consent-gated traffic measurement (optional, env-gated).

We use localStorage for: wallet-signed JWT cache (so you don't re-sign every page), chat-thread signature cache (so you don't re-sign every channel), wishlist + onboarding-tour completion flags, locale preference, install-prompt dismissal. Nothing here goes to our servers.

Server-set cookies are limited to: maintenance-bypass / analytics-consent / KYC-gate flags on rights.nodosol.com (separate product). The main app sets no tracking cookies.

If NEXT_PUBLIC_GA_MEASUREMENT_ID is configured on the deployment, we ship Google Analytics 4 with gtag('consent', 'default', { ad_storage: 'denied', analytics_storage: 'denied' }) set before any GA call fires. The consent banner only flips both flags to granted after you click Accept. Decline keeps GA disabled for that visit and persists in localStorage so we don't re-prompt for 14 days. Plausible (cookieless analytics) is documented as an alternative for projects that prefer no consent banner at all.

• Export — request a JSON dump of every row keyed to your wallet via privacy@nodosol.com. We aim to respond within 30 days.
• Delete — same channel. We'll wipe the off-chain rows (creator_profiles, notifications, wishlist, price_alerts, notification_preferences, chat_messages where you're sender). On-chain state is permanent and out of our reach.
• Email opt-out — every email has a one-click unsubscribe link. You can also disable email for specific notification types in /settings/notifications.
• Analytics opt-out — decline the consent banner, or set Do Not Track in your browser (we treat both as denied).

Nodosol isn't designed for or directed at users under 16. If you believe we have inadvertently collected data from a minor, email privacy@nodosol.com and we'll delete it.

Material changes get 30 days' notice via the announcements feed at /announcements (when published). Smaller clarifications get a timestamp bump on this page.