1. Information We Collect

Vokter collects minimal information necessary for service operation:

• Wallet addresses and transaction data (public blockchain information)
• Device fingerprints for security and fraud prevention
• Extension usage analytics for service improvement
• Guardian service interaction logs for security monitoring and service optimization (no personal data included)
• Contact form submissions (name, email, message)

2. Information We Do Not Collect

Vokter does not collect or store:

• Private keys or recovery phrases
• TOTP secrets or codes
• Personal identification information
• Financial account details
• Sensitive authentication data

3. How We Use Information

We use collected information for:

• Providing and maintaining the Vokter service
• Processing transactions and Guardian service verification
• Security monitoring and fraud prevention
• Service improvement and development
• Customer support and communication
• Monitoring guardian service performance and security

4. Guardian Service Privacy

The Guardian service operates with strict privacy controls:

• TOTP secrets stored encrypted at rest
• No permanent storage of authentication codes
• Minimal logging for security monitoring only
• No personal data collection or tracking
• TLS encryption for all communications

5. Data Security

Vokter implements comprehensive security measures:

• AES-256-GCM encryption for sensitive data
• TLS encryption for all communications
• Secure key management with AWS KMS
• Regular security audits and monitoring
• Access controls and least-privilege principles

6. Data Retention

We retain data only as long as necessary for service operation and security. Guardian service logs are retained for security monitoring and automatically deleted after 30 days. Contact form data is retained for customer service purposes and deleted after 12 months.

7. Third-Party Services

Vokter uses the following third-party services:

• AWS (Guardian service infrastructure)
• Solana blockchain (transaction processing)
• Google Analytics (website analytics)
• Resend (email delivery)

All third-party services are bound by appropriate data protection agreements and privacy policies.

8. Your Rights

You have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your data
• Object to processing of your data
• Data portability
• Withdraw consent for data processing

9. Cookies and Tracking

Vokter uses essential cookies for service functionality and analytics cookies for service improvement. You can control cookie settings through your browser preferences. We do not use tracking cookies or third-party advertising.

10. Children's Privacy

Vokter does not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

11. International Transfers

Vokter operates globally and may transfer data internationally. All transfers comply with applicable data protection laws and use appropriate safeguards including standard contractual clauses where required.

12. Changes to Privacy Policy

We may update this privacy policy from time to time. Material changes will be communicated through our website and email notifications. Continued use of the service constitutes acceptance of updated policies.

13. Contact Information

For privacy-related questions or concerns, contact us at privacy@vokter.com. For data subject requests, contact dpo@vokter.com.

Important Notice

This privacy policy applies to Vokter's services. Blockchain transactions are public by nature, and wallet addresses may be visible on the Solana blockchain. Users should understand that blockchain data is inherently transparent and permanent.