Privacy Policy
Status: DRAFT v0.1 — for counsel review. Effective date set on publication of the final version. Nothing here currently constitutes a binding privacy commitment.
Summary (the short version)
We collect the minimum data needed to run BitView and meet legal obligations:
- From Twitch: your
user_id, login, and display name (via OAuth). - From your Wallet: your Solana public key and a signed message proving Wallet ownership.
- From your usage: chat presence on streams that have active Distributions, IP and device fingerprint for anti-fraud, accrual ledger entries.
- From paid users: billing details for Pro/Plus subscriptions (handled by Stripe; we do not see card numbers).
We do not sell your data. We do not track you across the internet for advertising. We share data only with vendors who help us run the Service, with regulators when legally required, and on the public Solana blockchain when you transact (which is inherent to on-chain activity).
You have rights under GDPR (EEA / UK), CCPA (California), and similar laws. See Section 9.
For full details, read on. Anything in this Policy that conflicts with the Terms of Service Section 19.1 is to be read together with that section.
1. Who we are
The data controller for purposes of GDPR and analogous laws is [Operating Entity Name TBD] ("BitView", "we", "us", or "our").
Contact us at privacy@bitview.so. EU users may contact our EU representative at eu-privacy@bitview.so (designation pending incorporation).
2. Data we collect
2.1 Identity data
Provided when you link your Wallet to a Twitch account:
- Twitch user_id, login, display name (from Twitch Helix
/usersvia OAuth user-access token). - Solana wallet public key (provided by your Wallet adapter).
- Signed message and ed25519 signature (proves Wallet ownership).
We do not receive or store: your Twitch password, your Wallet private key, your seed phrase, or any other Wallet credential.
2.2 Service-usage data
Generated as you use BitView:
- Chat presence — when our backend's Twitch IRC listener detects a JOIN, PART, or PRIVMSG event in a channel running an active Distribution.
- Accrual ledger entries — distribution_id, twitch_login, solana_wallet, amount, tick_count, last_credited_at.
- Distribution metadata — for streamers, the on-chain parameters of any Distribution you create.
- NFT drop metadata — for streamers, eligibility predicates and recipient lists.
- Subscription state — for Pro/Plus subscribers, your subscription tier and renewal status.
- Application logs — request paths, response codes, latency. We retain these for 90 days for debugging and security purposes.
- API access tokens — if you generate API keys, the hashed key.
2.3 Anti-fraud data
To enforce our anti-fraud framework (Anti-fraud):
- IP address (truncated to /24 for IPv4 or /48 for IPv6).
- Device fingerprint hash — derived from canvas, user-agent, timezone, language. Hashed; we do not store raw fingerprint components.
- Behavioral signals — chat patterns, accrual cadence, cross-channel activity.
- Sanctions screening results — match status against OFAC SDN list at link time and on a rolling basis.
2.4 Payment data
For Pro/Plus subscribers:
- We use Stripe to process payments. Stripe collects card or bank details directly; we do not see them.
- We receive from Stripe: a customer ID, subscription status, last 4 digits of card, billing country, billing email.
For users paying per-event fees in USDC:
- We see the on-chain transaction (publicly visible on Solana). No off-chain payment data is collected.
2.5 Communications
If you contact our support team, we retain the email correspondence for 12 months for service-quality and dispute-resolution purposes.
2.6 Cookies and similar technologies
We use cookies for:
- Authentication — keeping you signed in to the BitView app.
- CSRF protection — security tokens to prevent cross-site request forgery.
- Site preferences — display options, language.
We do not use cookies for cross-site behavioral advertising. We do not run third-party advertising trackers.
If we add any first-party analytics (e.g., Plausible, Fathom — which do not require cookies), we will update this Policy.
3. How we use your data
| Purpose | Legal basis (GDPR) | Data used |
|---|---|---|
| Provide the Service (link wallets, run accrual, process claims) | Contract performance (Article 6(1)(b)) | Identity data, Service-usage data |
| Anti-fraud and platform integrity | Legitimate interests (Article 6(1)(f)) | Anti-fraud data, Service-usage data |
| Compliance with legal obligations (sanctions, AML, court orders) | Legal obligation (Article 6(1)(c)) | All of the above as required |
| Process payments | Contract performance | Payment data |
| Communicate about your account | Contract performance | Identity data, communications |
| Notify you of material updates to Terms / Policy | Contract performance | Email if available, in-app notifications |
| Improve the Service | Legitimate interests | Aggregated, anonymized usage data |
| Respond to your support inquiries | Contract performance | Communications |
4. Data we share
4.1 With service providers
Vendors who process data on our behalf, under written processing agreements:
| Vendor | Purpose | Data shared |
|---|---|---|
| MongoDB Atlas (or equivalent managed MongoDB) | Database hosting | Service-usage data, identity data |
| Helius / Triton / Quicknode | Solana RPC | Public on-chain activity (no off-chain identity) |
| Twitch (Amazon) | Identity verification | OAuth bearer for Helix /users |
| Stripe | Payment processing | Subscription billing data |
| Sumsub or Persona (Plus tier streamers + brand sponsors only) | KYC / KYB | Identity verification documents you provide |
| AWS / Cloudflare / Vercel | Hosting | All data needed to operate |
| Sendgrid (or equivalent) | Transactional email | Email address, message content |
These vendors are bound by our processing agreements to use data only for the purposes we direct and to apply appropriate security measures.
4.2 On the Solana blockchain
When you transact through BitView (claim tokens, swap, fund a pool), the transaction is publicly recorded on Solana mainnet. This is inherent to using a public blockchain — anyone can see your wallet's on-chain activity. We cannot make on-chain activity private.
4.3 With law enforcement / regulators
We may disclose data to government or regulatory authorities when legally compelled, including in response to:
- Subpoenas, court orders, or warrants.
- Sanctions enforcement (OFAC and equivalent regimes).
- AML/CFT reporting obligations if we become a regulated VASP.
We will notify affected users where legally permitted.
4.4 In a corporate transaction
In connection with a merger, acquisition, restructuring, or governance handoff, your data may transfer to the successor entity, subject to the same Privacy Policy or a successor that provides equivalent protections. We will notify users with at least 30 days' notice before any such transfer.
4.5 With your consent
We may share data in other circumstances when you explicitly consent (e.g., publicly attributing a security disclosure to your name in our hall of fame).
5. What we do NOT do
- We do not sell your data.
- We do not trade your data with affiliates for commercial reasons.
- We do not use your data to train AI models without explicit separate consent.
- We do not run cross-site behavioral advertising.
- We do not profile users for marketing purposes outside our own Service notifications.
- We do not disclose your Wallet's transaction history to anyone beyond what's already public on Solana.
6. Data retention
| Category | Retention |
|---|---|
| Identity link (Twitch ↔ Wallet) | While Account is active; 12 months after last activity, then anonymized |
| Accrual ledger | Indefinite (required for audit / dispute) |
| Distribution metadata | Indefinite |
| Application logs | 90 days |
| Anti-fraud signals | 12 months unless flagged; flagged cohorts retained for 24 months |
| Sanctions screening results | Per legal hold, typically 5 years |
| Payment records | 7 years (tax / accounting) |
| Communications | 12 months |
| Backups | 30 days |
After retention periods elapse, data is deleted or anonymized.
7. International transfers
BitView is global. Your data may be transferred to and processed in jurisdictions where our vendors operate, including the United States. Where data is transferred from the EEA, UK, or Switzerland to a jurisdiction without an adequacy decision, we use:
- Standard Contractual Clauses (SCCs) approved by the European Commission, or
- Data Privacy Framework (DPF) certifications where available, or
- Other lawful transfer mechanisms.
A list of vendor locations is available on request to privacy@bitview.so.
8. Security
We implement reasonable technical and organizational measures to protect your data, including:
- TLS encryption in transit.
- Encryption at rest for databases and backups.
- Multi-factor authentication on all internal admin systems.
- Multi-sig wallets for treasury custody (3-of-5 cold, 2-of-3 hot).
- Audit logging of internal admin actions.
- Regular third-party security audits — see Audit reports.
- Continuous bug bounty — see Bug bounty.
- Background checks on team members with privileged access.
No system is perfectly secure. If we discover a data incident materially affecting you, we will notify you within the timeframe required by applicable law (typically 72 hours under GDPR).
9. Your rights
Depending on your jurisdiction, you have rights including:
| Right | Available under | What it means |
|---|---|---|
| Access | GDPR, CCPA, others | Request a copy of personal data we hold about you |
| Rectification | GDPR, others | Correct inaccurate data |
| Erasure | GDPR, CCPA | Request deletion (subject to retention obligations) |
| Restriction | GDPR | Limit how we process your data |
| Portability | GDPR, CCPA | Receive your data in a machine-readable format |
| Objection | GDPR | Object to processing based on legitimate interests |
| Opt-out of sale | CCPA | We do not sell, but the right is yours regardless |
| Non-discrimination | CCPA | We will not penalize you for exercising rights |
To exercise these rights, email privacy@bitview.so. We will respond within 30 days (or longer where law permits, with notice).
You may also lodge a complaint with your local data-protection authority (in the EEA: each member state's DPA; in the UK: ICO; in California: California Privacy Protection Agency).
9.1 What we cannot delete on your request
Two categories cannot be erased on request:
- On-chain data — anything publicly recorded on Solana (transactions, NFT mints, claim history). This is inherent to blockchain technology and outside our control.
- Records required for legal compliance — sanctions-screening results, AML records, tax records — for the duration of our legal obligation.
9.2 Pseudonymization
For data we cannot fully delete (e.g., accrual ledger entries required for audit), we will pseudonymize on request — replacing your Twitch identity with a generic identifier, severing the link from the data to you while retaining what's required for the platform's integrity.
10. Children
The Service is not intended for users under 18. We do not knowingly collect data from minors. If you believe we have collected data from a minor, contact privacy@bitview.so and we will delete it promptly.
11. Third-party links and integrations
The Service may link to or integrate with third-party services (Twitch, Phantom wallet, Solana DEXes, Magic Eden, Tensor, Discord, etc.). Each has its own privacy policy. We are not responsible for their practices.
12. Do Not Track signals
Browsers' "Do Not Track" signals are not a recognized standard. We do not currently change behavior based on them. Our practices regardless match what most users would expect from DNT enabled — we do not run behavioral advertising.
13. Changes to this Policy
We may update this Policy from time to time. Material changes will be notified via:
- Posted updated version on the checkpoint site with new effective date.
- Email to subscribers with active accounts.
- In-app notification on next sign-in.
- 30-day advance notice for material changes.
If you disagree with changes, your remedy is to terminate your Account before the effective date.
14. Specific notices
14.1 California residents (CCPA)
In the past 12 months we have collected the categories of personal information described in Section 2. We have not sold personal information.
You have the right to:
- Know what we collect.
- Delete what we hold (subject to Section 9.1 limits).
- Opt out of sale (we do not sell).
- Non-discrimination.
To exercise: email privacy@bitview.so or use the in-app "Privacy Request" form (production launch).
14.2 EEA / UK residents (GDPR / UK GDPR)
Lawful bases listed in Section 3. Data Controller listed in Section
- Rights listed in Section 9.
If we rely on legitimate interests, you have the right to object (privacy@bitview.so).
14.3 Other jurisdictions
We comply with applicable data-protection laws in jurisdictions where we operate. Specific privacy regimes (LGPD in Brazil, PIPL in China, PDPA in Singapore, APP in Australia) are addressed in jurisdiction- specific addenda available on request.
15. Contact
| Topic | |
|---|---|
| Privacy questions / requests | privacy@bitview.so |
| Legal | legal@bitview.so |
| Security | security@bitview.so |
| Support | support@bitview.so |
| EU representative (post-incorporation) | eu-privacy@bitview.so |
16. Document control
| Field | Value |
|---|---|
| Version | 0.1 (DRAFT) |
| Effective date | (set on publication of final) |
| Last updated | (set on each revision) |
| Authoritative source | https://checkpoint.bitview.so/docs/legal/privacy-policy |
DRAFT v0.1. Final version replaces this banner with the effective date and version number on publication.