Privacy Policy

Last Updated: August 17, 2025

This Privacy Policy applies to AstroStake.xyz and its subdomains, including docs.astrostake.xyz, vault.astrostake.xyz, and stake.astrostake.xyz (“AstroStake”, “we”, “our”, “us”).

1. Information We Collect

  • Contact & Form Submissions: name (if provided), email (if provided), message content, and IP address (anti-abuse & rate-limit).
  • Faucet Requests: wallet address and IP address to prevent abuse.
  • RPC/Endpoint Submissions (Monitoring): submitted endpoint URL, chain, region, contact (if provided), and IP address.
  • Usage & Diagnostics: standard web logs (IP, user-agent, referrer, timestamps, pages viewed, error logs).
  • Analytics & Performance: anonymized/aggregated data via third-party analytics (e.g., Google Analytics) and network security providers (e.g., Cloudflare).
  • Cookies & Similar Technologies: see Section 9.

2. Staking Dashboard (Non-Custodial)

When you use stake.astrostake.xyz, you connect your wallet directly from your browser. AstroStake does not control your private keys or funds.

  • Wallet Address: processed locally to display balances and enable staking transactions. We do not store private keys.
  • Transactions: delegation/undelegation is signed in your wallet and broadcast to the blockchain. Resulting on-chain data is public and immutable.
  • Diagnostics: we may collect anonymized usage and error data to improve reliability.

3. Public Endpoints & Monitoring

For community RPCs/endpoints and our monitoring pages, we may log IP address, user-agent, endpoint path, and timestamps to provide availability, rate-limiting, and abuse/fraud prevention. Endpoint health data (latency, status, region) may be displayed publicly in aggregate.

4. How We Use Information

  • To respond to inquiries and provide support.
  • To validate and display RPC submissions and monitor endpoint health.
  • To operate faucets fairly and prevent spam/abuse.
  • To maintain security, performance, and reliability of our sites and services.
  • To analyze traffic and improve user experience.
  • To comply with legal obligations and enforce our terms.

5. Blockchain Data We Store as a Validator (Immutability)

As part of validator and node operations, AstroStake maintains full or partial copies of blockchain data (blocks, transactions, logs, state). Blockchain data is public, distributed, and immutable. Once data is recorded on-chain, it cannot be altered or deleted by AstroStake or any single party.

While we can delete or correct off-chain data we control (e.g., contact form entries), we cannot remove data that is already stored on a blockchain network.

6. Legal Bases (GDPR/Similar)

Where applicable, we process data based on legitimate interests (security, service operation, analytics), performance of a contract (responding to requests, operating submitted endpoints), consent (cookies/analytics where required), and legal obligations.

7. Data Sharing

We do not sell your personal information. We may share limited data with trusted service providers strictly to operate our services (e.g., hosting, analytics, security/CDN), under appropriate safeguards. We may disclose information if required by law, to protect rights and safety, or in connection with corporate changes (e.g., merger).

8. Data Security

We use HTTPS and implement technical/organizational measures (access controls, logging, least-privilege) to protect data. No method of transmission or storage is 100% secure, but we strive to apply industry best practices appropriate to our services.

9. Cookies & Tracking

We may use cookies, local storage, and similar technologies to remember preferences, enhance performance, and perform analytics. You can manage cookies in your browser settings; disabling some cookies may impact functionality.

10. Data Retention

  • Faucet data (IP & wallet): retained up to 7 days for anti-abuse, then deleted.
  • Security & access logs: typically retained up to 30 days unless required longer for investigations.
  • Analytics data: retained per the provider’s policies (e.g., Google Analytics, Cloudflare).
  • On-chain data: permanently stored on decentralized networks and cannot be deleted by AstroStake (see Section 5).

11. Your Rights & Choices

Subject to local law, you may request access, correction, or deletion of off-chain personal data we control. For on-chain records and public blockchain data, deletion is not technically possible. We will respond to requests within a reasonable timeframe and as required by law.

12. Children’s Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child provided data to us, please contact us and we will take appropriate action.

13. International Transfers & Jurisdiction

Services may be provided using infrastructure in multiple countries (e.g., EU/Germany for hosting/CDN). Where required, we use appropriate safeguards for cross-border transfers. Our primary jurisdiction is Indonesia; this Policy is governed by Indonesian law, without prejudice to mandatory rights under applicable local laws (e.g., GDPR).

14. Service Providers

We may engage third-party providers such as hosting companies, analytics services (Google Analytics), and security/CDN (Cloudflare). These providers process data solely to deliver their services to us and are contractually obligated to protect it.

15. Limitation of Liability

While we take reasonable steps to safeguard data, we are not liable for unauthorized access or misuse arising from factors beyond our control (e.g., user device compromise, third-party breaches, or inherent properties of public blockchains).

16. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted on this page with an updated “Last Updated” date.

17. Contact Us

Questions or requests regarding this Policy can be submitted via the contact form on our main website. Please avoid sending private keys or sensitive credentials.