1. Overview
HookOS (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights. HookOS is a decentralized protocol — we minimize data collection by design.
2. Data We Collect
2.1 On-Chain Data (Public)
All blockchain transactions are public by nature. Wallet addresses, token deployments, hook registrations, trades, wagers, and governance votes are recorded on-chain and indexed by our event indexer. This data is publicly accessible to anyone.
2.2 Data You Provide
- Profile information: Display name, avatar, bio, social handles (X, Telegram, Discord) — stored off-chain, linked to your wallet address.
- Quest/referral data: X OAuth tokens (for quest verification only), referral codes, content submission URLs.
- Token site customization: Logo, accent color, description, social links for token subdomain pages.
- Uploaded images: Profile avatars, token logos (stored on our servers, max 2MB per file).
2.3 Automatically Collected
- IP address: Used for rate limiting and abuse prevention. Not stored long-term.
- Device/browser info: User-Agent string for compatibility. Not tracked or profiled.
- Usage analytics: Page views and feature usage (anonymous, no personal identifiers).
3. Data We Do NOT Collect
- Private keys or seed phrases — never, under any circumstances
- Email addresses (unless voluntarily provided for contact)
- Real names or government IDs
- Financial account information (bank, credit card)
- Location data beyond IP-based country detection
- Cookies for advertising or third-party tracking
4. How We Use Data
- Display your profile and activity on the platform
- Verify quest completions (X OAuth verification)
- Prevent abuse: rate limiting, sybil detection, wash trading detection
- Generate protocol analytics (aggregated, anonymous)
- Improve the product (anonymous usage patterns)
- Comply with legal obligations if required
5. Data Sharing
We do not sell, rent, or share your personal data with third parties for marketing. Data may be shared with:
- Blockchain networks: All on-chain transactions are inherently public.
- Infrastructure providers: Cloudflare (CDN/DDoS protection), hosting providers — under data processing agreements.
- Law enforcement: Only if required by valid legal process.
6. Data Retention
- On-chain data: Permanent (immutable blockchain record).
- Profile data: Retained until you delete it or request deletion.
- IP addresses: Retained for rate limiting purposes only (max 24 hours).
- Analytics: Aggregated data retained indefinitely; raw logs deleted after 30 days.
7. Your Rights
- Access: Request a copy of data we hold about your wallet address.
- Deletion: Request deletion of off-chain profile data. On-chain data cannot be deleted.
- Correction: Update your profile information at any time.
- Portability: Export your profile data in JSON format.
- Objection: Opt out of anonymous analytics.
To exercise these rights, contact us at
privacy@hookos.fun.
8. Security
We implement industry-standard security measures: TLS 1.3 encryption, CORS restrictions, CSP headers, rate limiting, wallet signature authentication for mutations, and containerized infrastructure. Smart contracts are audited and use RBAC access control. However, no system is 100% secure.
9. Third-Party Services
The Services integrate with:
- WalletConnect: For wallet connections (governed by WalletConnect's privacy policy).
- CoinGecko: For ETH price data (no personal data shared).
- DexScreener: For token price data (no personal data shared).
- X (Twitter): For OAuth quest verification (only public profile data accessed).
10. Children
The Services are not intended for users under 18. We do not knowingly collect data from minors.
11. International Users
The Services are operated globally. By using them, you consent to data processing in the jurisdictions where our infrastructure operates.
12. Changes
We may update this Privacy Policy. Material changes will be posted on the website with an updated “Last updated” date. Continued use constitutes acceptance.