Privacy Policy
Last updated: May 8, 2026
1. Introduction
Untrace Technology, Inc. ("Untrace", "we", "us", or "our") operates the Untrace protocol, the untrace.tech website, and any associated developer tools, APIs, and documentation (collectively, the "Services").
This Privacy Policy explains what information we collect, how we use it, and what rights you have in relation to it. It applies to all users of the Services, including developers, node operators, and end users of future dApps built on the Untrace protocol.
By using the Services, you agree to the collection and use of information as described in this policy.
2. The Untrace Protocol and Privacy by Design
The Untrace base protocol is architected so that we cannot access your data. Data stored through the Untrace protocol is:
- Encrypted client-side before it ever leaves your device
- Sharded into fragments using Shamir's Secret Sharing — no single party holds a complete copy
- Distributed across an independent, decentralized node network
- Reconstructable only after authorized shard nodes verify a wallet-signed retrieval request
This is not a privacy policy promise — it is a cryptographic guarantee. Untrace's protocol design makes it technically impossible for us to read, access, or disclose data stored in Untrace vaults, regardless of legal demand.
3. Information We Collect
3.1 Information You Provide
Website and documentation: If you contact us via email, a contact form, or sign up for updates, we collect the information you provide (e.g., name, email address, organization).
Developer accounts: If you register for developer access, testnet access, developer APIs, or node tooling, we collect account registration information (email address, wallet address).
Node operator registration: If you register to operate a node, we collect your wallet address, staking amount, and node configuration metadata.
3.2 Information Collected Automatically
Website analytics: We collect standard web analytics data including IP address, browser type, operating system, referring URL, pages visited, and time on page. This is collected in aggregate and used solely to improve the Services. We do not use third-party advertising trackers.
Protocol telemetry: Anonymized, aggregated network metrics (transaction volumes, shard distribution statistics, proof verification rates) are collected for protocol monitoring. No user-identifying data is included.
3.3 Blockchain Data
Transactions you submit to supported blockchains are publicly visible on-chain by design. This may include vault creation commitments, access grant records, revocations, staking actions, attestation records, proof outputs, and SBT minting transactions. This data is pseudonymous (associated with your wallet address, not your legal identity). We do not control or limit access to on-chain data.
4. How We Use Information
| Purpose | Legal Basis |
|---|---|
| Operating and improving the Services | Legitimate interest / contract performance |
| Communicating with you about your account | Contract performance |
| Security monitoring and fraud prevention | Legitimate interest |
| Compliance with legal obligations | Legal obligation |
| Sending product updates (if opted in) | Consent |
We do not sell your personal data. We do not share your personal data with third parties for advertising purposes.
5. Data Sharing
We may share your information with:
- Service providers who help us operate the Services (hosting, analytics, email delivery), under strict data processing agreements
- Legal and regulatory authorities, if required by applicable law — though note that for protocol-level vault data, we are technically unable to comply with such requests due to our architecture
- Successors in the event of a merger, acquisition, or asset sale, subject to equivalent privacy protections
We will not share your information with any other third party without your explicit consent.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account registration data | Duration of account + 90 days after deletion |
| Web analytics | 24 months, rolling |
| Email communications | 3 years |
| Blockchain transaction data | Permanent (public ledger; not under our control) |
7. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access — Request a copy of the personal data we hold about you
- Correction — Request correction of inaccurate data
- Deletion — Request deletion of your data (subject to legal retention requirements)
- Portability — Request your data in a machine-readable format
- Objection — Object to processing based on legitimate interest
- Restriction — Request that we restrict processing of your data
8. International Data Transfers
Untrace operates globally. Your information may be transferred to and processed in countries other than your own.
9. Security
For data stored via the Untrace protocol, no breach of our infrastructure — servers, databases, code — can result in data exposure, because we never hold complete data.
10. Children
The Services are not directed at children under 18. We do not knowingly collect personal data from children.
11. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via email (if you have an account) and posted on this page with an updated date. Continued use of the Services after changes constitutes acceptance.
12. Contact
Untrace Technology, Inc. For privacy-related inquiries: privacy@untrace.network
For general inquiries: hello@untrace.network