Chainworks

Privacy Policy

Last Updated: May 2026

Chainworks Inc. ("Chainworks," "we," "us," or "our") operates the Chainworks DeFi API and related developer tools, documentation, dashboard, and websites (collectively, the "Service"). This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have. By using the Service you agree to the practices described here.

This policy is part of, and should be read together with, our Terms and Conditions.

1. Information We Collect

We collect the following categories of information:

  • Account information. When you register, we collect your email address, name (if provided), organization (if provided), and authentication identifiers issued by our identity provider (Amazon Cognito).
  • API credentials. We generate and store API keys associated with your account. We do not store your private keys, seed phrases, or wallet secrets — those never leave your environment.
  • Usage data. We log API requests, including timestamps, endpoint paths, response status, request volume, originating IP address, and approximate geolocation derived from IP. This is used for billing, abuse prevention, and service reliability.
  • Technical data. When you visit our websites we collect standard log data such as browser type, operating system, referring URL, device identifiers, and cookies necessary for sign-in and session management.
  • On-chain data. Wallet addresses, transaction hashes, and other blockchain data you submit through the Service are inherently public on the underlying networks. We process this data to deliver the Service.
  • Communications. If you contact us by email or support channels, we retain those messages and any information you choose to include.
  • Payment information. If and when paid plans are offered, payment processing is handled by a third-party processor. We do not store full card numbers on our systems.

2. How We Use Information

We use the information described above to:

  • Provide, operate, and maintain the Service
  • Authenticate users and authorize API requests
  • Enforce rate limits, quotas, and acceptable-use policies
  • Detect, investigate, and prevent fraud, abuse, and security incidents
  • Calculate usage, generate invoices, and process payments
  • Diagnose technical issues, monitor performance, and improve reliability of the Service
  • Communicate with you about your account, security alerts, service changes, and support requests
  • Comply with legal obligations and respond to lawful requests

We do not sell personal information, and we do not use your API request payloads to train machine-learning models.

3. Legal Bases for Processing

Where the EU/UK GDPR applies, we rely on the following legal bases: performance of a contract (to provide the Service you signed up for), legitimate interests (to secure the Service, prevent abuse, and improve features), legal obligation (to meet recordkeeping, tax, and compliance requirements), and consent where specifically requested.

4. How We Share Information

We share information only as described below:

  • Service providers. We use vetted third-party providers to operate the Service, including cloud hosting and infrastructure (Amazon Web Services), identity and authentication (Amazon Cognito), analytics, error monitoring, email delivery, and payment processing. These providers process data on our behalf under contractual obligations.
  • Blockchains. Transactions you submit through the Service are broadcast to public blockchains (e.g., Ethereum, Base, BNB Chain, Solana) and become part of an immutable public ledger that we cannot modify or delete.
  • Legal and safety. We may disclose information when we believe in good faith that disclosure is required by law, legal process, or to protect the rights, property, or safety of Chainworks, our users, or others.
  • Business transfers. If Chainworks is involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to standard confidentiality protections.
  • With your direction. We share information when you instruct us to (for example, by integrating a third-party tool against your account).

We do not sell or rent personal information to third parties.

5. Cookies and Tracking

We use a small number of cookies and similar technologies that are strictly necessary for sign-in, session management, and security (for example, to keep you logged in to the dashboard). We may also use privacy-respecting analytics to understand aggregate usage of our marketing and documentation pages. You can control cookies through your browser settings; disabling strictly necessary cookies may prevent the dashboard from working.

6. Data Retention

We retain account information for as long as your account is active and for a reasonable period thereafter to comply with legal, accounting, or reporting obligations. API request logs are retained for a limited window sufficient to support billing, abuse prevention, and operational troubleshooting, and then aggregated or deleted. On-chain data exists permanently on the underlying public blockchains and cannot be deleted by us.

7. Security

We apply administrative, technical, and physical safeguards designed to protect information against unauthorized access, alteration, disclosure, or destruction. These include encryption in transit (TLS), access controls, scoped credentials, and audit logging. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security. You are responsible for keeping your API keys, passwords, and private keys confidential and for notifying us immediately of any suspected compromise.

8. International Data Transfers

Chainworks operates internationally and may transfer, store, and process information in countries other than your own. Where required, we use appropriate safeguards (such as standard contractual clauses) for international transfers of personal data.

9. Your Rights

Depending on where you reside, you may have rights regarding your personal information, including the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate or incomplete information
  • Request deletion of personal information, subject to legal exceptions
  • Object to or restrict certain processing
  • Request portability of information you provided to us
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with a supervisory authority (such as your local data-protection regulator)

To exercise any of these rights, contact us at privacy@chainworks.co. We will respond within the timeframe required by applicable law. We may need to verify your identity before fulfilling certain requests.

10. Children's Privacy

The Service is not directed to children under 18, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

11. Third-Party Links and Services

Our websites and documentation may link to third-party sites or services that we do not control. This Privacy Policy does not apply to those third parties, and we encourage you to review their privacy practices.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date above and, for material changes, take reasonable steps to notify you (for example, by email or an in-product notice). Your continued use of the Service after the changes take effect constitutes acceptance of the revised policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our handling of your information, contact us at: privacy@chainworks.co