Back

Privacy Policy

v0.1 — last updated 2026-05-21. Plain language. This is what we actually do.

What we collect

The minimum we need to make the app work.

  • Email address. Provided by you through Privy (or Clerk after our custody migration). Used to authenticate you and to recover your account if you lose access.
  • Wallet addresses. The EVM, Solana, and Sui addresses associated with your account. These are public on their respective blockchains.
  • Transaction history. Every swap, payment, and x402 settlement you make through CoinVoyage, including amount, source chain, destination chain, asset, and on-chain hash. Used to power the History panel and reconciliation.
  • Conversation context. A rolling 30-message window of your chat with the agent, stored to maintain conversational continuity. Older messages are dropped.
  • Friends list. The names and on-chain addresses you've explicitly saved as friends, scoped to your account only.
  • Connection metadata. IP address, device type, browser version. Used for security (rate limiting, abuse detection) and for geographic restriction enforcement. Logged by our hosting providers; not aggregated by us.
  • Crash and performance data. Anonymous error reports when the app crashes. No personally-identifying content.

What we do NOT collect

  • Your real name (we don't ask)
  • Your phone number (we don't ask)
  • Your physical address (we don't ask)
  • Your contacts list (the app doesn't request the permission)
  • Your photos or camera roll
  • Your location (beyond IP-level geo)
  • Your browsing history outside the app
  • Behavioral tracking for advertising
  • Cookies or device identifiers used to track you across other apps and websites

Where your data lives

  • Upstash Redis (US-East): wallet records, friends list, transaction history, encrypted Sui keypairs. Encrypted at rest.
  • Railway (Europe-West): runs the bot process. Holds decrypted keys only in-memory during the seconds it takes to sign a transaction.
  • Vercel (US-East): hosts this web app. Logs include IP + user agent for active sessions.
  • Privy (their infra): MPC key shares for EVM and Solana. They control their share; we control ours. Neither party can sign alone.
  • Anthropic (their infra): your chat messages are sent to Claude for inference. Anthropic's data-handling policy at anthropic.com/privacy.

If our sub-processor list changes — for example, when Privy ships native Sui signing and the encrypted-Sui-keypair processor described above goes away — we'll update this page.

Who else sees your data

Beyond the infrastructure providers above, we share data with:

  • Blockchain networks. Anything you sign and broadcast is on a public chain — anyone can see it. This is by design and is the nature of public blockchains.
  • The CoinVoyage Swap API. When you execute a swap, the source/destination/amount details are sent to the swap routing service to find the best price.
  • x402 endpoints. When you pay an x402 resource you've explicitly chosen, that endpoint sees the payment.

We do NOT sell your data. We do not run an advertising business. There is no third-party sharing for marketing purposes.

How long we keep things

  • Wallet records — kept until you delete your account.
  • Transaction history — kept indefinitely for audit and reconciliation. You can request deletion under "Your rights" below.
  • Chat history — rolling 30-message window; older messages drop automatically.
  • Crash and performance logs — 90 days, then deleted.
  • Connection logs — 30 days at our hosting providers (Vercel, Railway).

Your rights

  • Access. Email support@coinvoyage.io and we'll send you a copy of everything we store about you.
  • Deletion. Email us to delete your account and the data we hold. On-chain transactions cannot be deleted — they're on public blockchains forever.
  • Key export. Export your Sui private key any time from Settings → Export Keys. No CoinVoyage approval needed.
  • Revoke delegation. Run /revoke to revoke CoinVoyage's authorization to sign transactions on your behalf. After revoke, CoinVoyage cannot sign anything for you until you re-authorize.

Children

CoinVoyage is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe we have, email us and we'll delete it.

International users

CoinVoyage is operated by CoinVoyage Inc, a Nevada (United States) corporation. If you access CoinVoyage from outside the United States, your data will be transferred to and processed in the United States and the other regions listed under "Where your data lives" above. By using CoinVoyage, you consent to this processing.

We geo-restrict users in specific U.S. states where we are not authorized to operate, and in any jurisdiction subject to comprehensive U.S. sanctions or otherwise restricted under applicable law. See our custody page for more on geographic restrictions.

Changes to this policy

We'll update this policy when our practices change. Material changes are announced in the app and via email at least 14 days before they take effect. Continued use of CoinVoyage after the effective date constitutes acceptance.

Questions

Email privacy@coinvoyage.io. For anything urgent or security-related, escalate to security@coinvoyage.io.