Privacy Policy

Ninja Swap was created specifically to address privacy concerns in the blockchain space. Our approach is guided by these core principles:

• Data Minimization: We collect only what is absolutely necessary to provide our service—nothing more.
• Anonymity By Design: Our systems are architected to function without requiring personally identifiable information.
• Technical Privacy: We employ advanced cryptographic techniques like zero-knowledge proofs and confidential transfers to protect transaction details.
• Local Processing Priority: Whenever possible, sensitive operations are performed locally on your device rather than on our servers.
• Transparency: We are completely open about the limited data we collect and how we use it.

Ninja Swap is intentionally designed to minimize data collection. We don't collect any personal information:

• Blockchain Interactions: When you interact with the blockchain through our service, your public wallet addresses and on-chain transactions are recorded on the Solana blockchain. This is inherent to how blockchain technology works. However, our privacy features are designed to minimize the information exposed on-chain.
• Technical Data: Limited technical information such as your IP address, browser type, and device information is temporarily collected to ensure the service functions properly and securely. This data isWe don't stored permanently and is never linked to your blockchain transactions or wallet addresses.
• Usage Data: Anonymous, aggregated data about how the service is used, such as features accessed and time spent. This information is strictly anonymized and used only to improve the platform's functionality.
• Network Diagnostics: Basic diagnostic information when errors occur to help us resolve technical issues. This information is stripped of identifiers and used solely for troubleshooting.

What We don't collect:

• Personal identification information (name, email, phone number, address)
• KYC (Know Your Customer) information
• Financial information beyond what's publicly available on-chain
• Your private keys or seed phrases (these never leave your device)
• Browsing history outside of our application
• Information that links your identity to your transactions
• Location data beyond country-level for compliance purposes
• Social media profiles or other online identifiers
• Biometric data

The limited information we collect is used only for the following specific purposes:

• To provide, maintain, and improve our services
• To detect, prevent, and address technical issues and security threats
• To analyze usage patterns and improve user experience in an anonymized way
• To comply with applicable laws and regulations
• To facilitate transactions on the blockchain while preserving privacy
• To debug and resolve technical issues when they arise

What We Don't Do With Your Data:

• Sell it to third parties
• Use it for targeted advertising or marketing
• Build user profiles for commercial purposes
• Track your activity across other websites
• Share it with data brokers
• Use it for any purpose beyond what's stated in this policy

Ninja Swap employs advanced privacy-enhancing technologies to protect your data and transactions:

• Zero-Knowledge Proofs: Allow for verification of transactions without revealing specific details. This cryptographic technique enables us to validate that certain conditions are met without knowing the actual values involved.
• Confidential Transfers: Obscure transaction amounts while maintaining the security of your assets, ensuring that only the sender and receiver know the true value being transferred.
• Path Obfuscation: In Ninja Mode, connections between senders and receivers are masked, making it difficult to determine transaction flow and counterparties.
• Local Processing: Critical operations involving sensitive data are performed locally on your device rather than on our servers, minimizing exposure of your information.
• Encryption: All communications between your device and our servers are encrypted using industry-standard protocols to prevent eavesdropping.
• Decentralized Architecture: Where possible, we leverage decentralized protocols to reduce the need for centralized data collection and storage.
• Privacy Pools: Our liquidity systems are designed to mix transactions, making it difficult to trace the path of funds or link specific deposits to withdrawals.

For more detailed information about our privacy technology, please visit our Privacy Technology documentation.

We implement strict security measures to protect the limited data we collect:

• Data is encrypted both in transit and at rest using strong cryptographic algorithms
• Technical data is stored only as long as necessary and then automatically deleted
• We employ a strict data retention policy that defaults to minimal storage periods
• Access to data is strictly limited to authorized personnel on a need-to-know basis
• Regular security audits, penetration testing, and code reviews are performed by independent third parties
• We maintain comprehensive access controls and authentication requirements for all systems
• Our infrastructure employs industry best practices for security hardening and monitoring

While we implement industry-leading security measures, no method of transmission over the Internet or electronic storage is 100% secure. We strive to use commercially acceptable means to protect your data but cannot guarantee its absolute security.

Our data retention policy follows these principles:

• We store the limited technical data we collect only for as long as absolutely necessary to provide the service and comply with legal obligations
• IP addresses and similar technical identifiers are anonymized or deleted after sessions end
• Usage statistics are aggregated and stripped of identifiers within 7 days
• Error logs containing any user-related data are automatically purged after 30 days
• We do not maintain historical databases of user activity beyond what is required for security and compliance

When data is no longer needed, it is securely deleted using industry-standard methods to ensure it cannot be recovered.

We do not sell, trade, or rent your data to third parties. We may share the limited information we collect only in the following specific circumstances:

• Service Providers: With trusted service providers who assist us in operating our service, conducting business, or serving users, as long as those parties agree to keep this information confidential and adhere to similar privacy standards. These providers are contractually prohibited from using the data for any other purpose.
• Legal Requirements: If required to do so by law or in response to valid legal requests, such as a court order, government request, or to comply with applicable law. We evaluate each request carefully and disclose only the minimum required information.
• Protection of Rights: When we believe disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request. Such disclosures are rare and made only after careful assessment.

Any shared data is:

• Limited to what is absolutely necessary for the specific purpose
• Anonymized whenever possible
• Protected by appropriate data protection agreements
• Never shared with data brokers or advertising networks

It's important to understand that blockchain technology is inherently transparent:

• Transactions on the Solana blockchain are publicly recorded and permanently stored on the distributed ledger
• Wallet addresses and their interactions are visible to anyone with access to blockchain explorers or node data
• While Ninja Swap employs privacy-enhancing technologies, certain information will remain publicly accessible due to the nature of blockchain technology

Our privacy features are specifically designed to add layers of confidentiality within the constraints of blockchain technology:

• Confidential transfers obscure transaction amounts
• Ninja Mode helps break the link between sender and receiver
• ZK-proofs validate transactions without revealing details
• Privacy pools provide transaction mixing capabilities

We recommend users maintain separate wallets for different purposes and follow our privacy best practices to maximize their on-chain privacy.

Depending on your location, you may have certain rights regarding your data:

• Right to Access: You can request a copy of the limited personal data we hold about you.
• Right to Deletion: You can ask us to delete your personal data from our systems.
• Right to Object: You can object to the processing of your personal data.
• Right to Restriction: You can request that we restrict the processing of your personal data.
• Right to Data Portability: You can request your data in a structured, commonly used format.
• Right to Withdraw Consent: You can withdraw previously given consent for data processing.

To exercise any of these rights, please contact us at privacy@ninjaswap.io. We will respond to your request within 30 days. Note that some of these rights may be limited when:

• The data is necessary to comply with legal obligations
• The exercise of the right would impair the rights of others
• The data has been anonymized and can no longer be associated with you
• The request relates to data publicly available on the blockchain, which we cannot modify or delete

While we process data globally, we take measures to ensure that the limited data we collect is treated in accordance with this Privacy Policy and applicable privacy laws:

• All data is protected by appropriate safeguards regardless of location
• We use standard contractual clauses and other legally approved mechanisms when transferring data across borders
• Our service providers are contractually obligated to maintain adequate data protection standards
• We prioritize data localization where required by applicable law

Consistent with our privacy-first approach, we minimize the use of cookies and tracking technologies:

• We use only essential technical cookies necessary for the functioning of our service
• We do not use third-party cookies or tracking pixels
• We do not participate in cross-site tracking or fingerprinting
• We do not use cookies for advertising or marketing purposes
• Session cookies are deleted when you close your browser

You can configure your browser to refuse all cookies or to indicate when a cookie is being sent, but this may affect some functionality of our service.

Our service is not intended for use by individuals under the age of 18. We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and you learn that your child has provided us with personal information, please contact us so that we can take necessary actions.

We may update our Privacy Policy from time to time. We will notify you of any significant changes by:

• Posting the new Privacy Policy on this page with an updated "Last Updated" date
• Displaying a notice within the application before the changes take effect
• For material changes, sending a notification via the application or other means

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

While maintaining our commitment to minimal data collection, we comply with applicable privacy laws and regulations including:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Other applicable national and regional privacy laws

Our compliance approach is privacy-by-design, meaning we build legal compliance into our systems from the ground up rather than as an afterthought.

If you have any questions, concerns, or requests related to this Privacy Policy, please contact us:

• By email: privacy@ninjaswap.io
• By visiting the "Contact" section on our website
• By joining our Discord community and messaging an administrator

For urgent privacy matters requiring immediate attention, please indicate this in your communication.