Policy

Privacy Policy

How Anagram Staking Services collects and protects protocol telemetry.

PRIVACY POLICY

Last update: October 24, 2025

1. INTRODUCTION

Reorder the Blocks Ltd. ("Anagram Staking Services," "we," "us," or "our") is committed to privacy transparency and protocol integrity in the delivery of our non-custodial staking infrastructure. This Privacy Policy outlines how we collect, use, retain, and protect User Data in connection with your use of the Services.

We are committed to transparency and protocol integrity in how we collect, use, retain, and protect User Data generated through your interaction with the Services

This Privacy Policy applies to User Data generated or processed when:

  • You connect a compatible wallet to the Services;
  • You delegate assets to our validator;
  • You interact with our dashboards, smart contract interfaces, APIs, or staking tools.

By accessing or using the Services, you acknowledge and agree to the terms of this Privacy Policy and the [TERMS OF USE], which together govern your use of the Services.

If you do not agree to this Privacy Policy in full, you may not use the Services.

This Privacy Policy is intended to clarify our privacy posture in a non-custodial, pseudonymous, and protocol-aligned environment. We do not collect more data than necessary to operate the Services, and we never use User Data for commercial tracking, profiling, or resale.

2. INFORMATION WE COLLECT

Anagram Staking Services is designed to operate in a non-custodial, pseudonymous, and minimal-data environment. We do not collect personally identifiable information (PII), private keys, wallet recovery materials, or any user secrets. We do not monitor user identity, location, or behavioral profiles. All data collected is limited to what is strictly necessary to operate, secure, and maintain the Services and is processed in accordance with our Terms of Use.

We classify the data we collect into the following categories:

2.1 Wallet Interaction & Delegation Data

When you connect a supported wallet and use the Services to stake Supported Assets, we process the following on-chain and interface-derived data:

  • Wallet Address(es): Public blockchain addresses used to initiate delegation via the interface. • Delegation Amounts and Validator Selection: Details of which validator your assets are staked to, the quantity, and any protocol-specific delegation mechanics.
  • Staking Transaction Metadata: Time of delegation, relevant network IDs (e.g., Solana cluster), and transaction routing context.
  • Reward Attribution: Protocol-generated accruals tied to validator performance and used to display estimated or historical rewards within the interface.

We do not link wallet addresses to off-chain identities and do not perform KYC, profiling, or behavioral analysis. All wallet interactions are User-initiated and visible on-chain.

2.2 Technical and Usage Data

In the course of operating and optimizing the Services, we may collect limited technical metadata, including:

  • IP Address: Truncated, anonymized, or region-scoped to detect abuse or enforce rate limits (not full IP logging or geolocation).
  • Browser and Device Metadata: User-agent strings, OS version, and device type to troubleshoot compatibility issues.
  • Session and API Logs: Time-stamped API calls, interaction telemetry (e.g., page views, wallet connect events), and dashboard clickstreams to evaluate interface performance and security.
  • Diagnostic Telemetry: Error logs, failure traces, staking transaction errors, and other telemetry used to monitor system health and detect configuration anomalies.

We take steps to pseudonymize or aggregate this data where feasible and do not cross-reference usage logs with wallet addresses for behavioral tracking or User fingerprinting.

Data Boundaries and Exclusions

We explicitly do not collect or store:

  • Wallet private keys, seed phrases, or recovery materials
  • Transaction signing data or wallet-level secrets
  • User identity, browsing history, or location profiles
  • Payment credentials or financial account identifiers
  • Third-party cookies or persistent tracking pixels

Participation in the Services requires no registration, no account creation, and no off-chain identity linkage.

Our guiding principle is minimalism: If a data point is not required to route a delegation, confirm a transaction, or operate the staking interface, we don't collect it.

3. HOW WE USE DATA

We use User Data strictly to operate, maintain, and improve the Services. No data is used for profiling, advertising, or commercial resale.

Purposes include:

  • Validating wallet compatibility and enabling delegation routing
  • Displaying staking positions, rewards, and validator performance
  • Ensuring interface reliability and protocol compatibility
  • Detecting and mitigating abuse, misconfiguration, or system anomalies
  • Providing optional notifications (if contact information is provided)

All processing is in accordance with our non-custodial model and limited to what is necessary for protocol-aligned operation.

4. WHAT WE DON'T COLLECT

Anagram Staking Services is intentionally designed to minimize data collection and eliminate unnecessary personal or custodial exposure. Our architecture and policies ensure that no identifiable User information, financial credentials, or sensitive cryptographic materials are ever accessed, transmitted, or stored by us.

To remove any ambiguity, the following categories of data are explicitly excluded from our collection and processing scope:

4.1 Private Keys and Wallet Secrets

We never collect or request:

  • Private keys, seed phrases, or recovery phrases
  • Signing data, authorization messages, or on-chain transaction payloads beyond what is broadcast to the network by you
  • Wallet connection credentials, authentication tokens, or permissions to move or access funds

All staking transactions are initiated, signed, and confirmed directly by you through your self-custodied wallet. Our systems cannot access or reconstruct private key material under any circumstance.

4.2 Personal Identifiers

We do not collect or require:

  • Names, government identifiers, or physical addresses
  • Contact information (such as email addresses) unless voluntarily submitted for optional communications
  • Profile data, social handles, or account registrations
  • Geolocation data, device fingerprinting, or biometric identifiers

Use of the Services does not require registration, account creation, or identity verification.

4.3 Network and Tracking Data

We do not:

  • Maintain full or persistent IP address logs
  • Deploy cookies, analytics scripts, or third-party tracking pixels
  • Correlate wallet interactions across sessions or devices
  • Build behavioral profiles or User segmentation models

When limited telemetry is collected to support interface functionality, it is truncated, pseudonymized, and used solely to monitor technical performance or detect abuse.

4.4 Financial and Transactional Data

We do not process or store:

  • Off-chain payment information, bank details, or card credentials
  • Transaction data outside of on-chain staking operations
  • Custodial records or fiat-to-crypto conversion data
  • Any data that would qualify as "financial account information" under applicable laws

All staking-related activity occurs directly on public blockchain networks. You remain fully responsible for initiating and managing your on-chain transactions.

4.5 Sensitive or Restricted Data

We do not collect or process:

  • Health information, racial or ethnic data, political or religious beliefs, or any other sensitive personal data
  • Credentialed access to validator infrastructure, node operators, or RPC providers
  • Any data subject to financial, healthcare, or consumer privacy regimes such as PCI-DSS, HIPAA, or GLBA

Participation in the Services does not create any custodial, fiduciary, or regulated data-handling relationship.

5. DATA SHARING AND DISCLOSURE

Anagram Staking Services does not sell, rent, or monetize User Data in any form. We do not participate in behavioral advertising, data brokering, or commercial profiling of staking participants. All User Data is processed exclusively to support the technical operation, security, and protocol-level functionality of the staking interface.

We only disclose limited data under the following controlled and lawful circumstances:

5.1 Third-Party Infrastructure and Service Providers

We may share limited, non-identifiable operational data with third-party infrastructure providers who support the performance, delivery, and monitoring of the Services. These may include:

  • RPC endpoints, browser wallet extensions, or signing interfaces
  • Cloud infrastructure providers used to host the interface or relay on-chain data
  • Analytics tools used to evaluate system uptime, delegation patterns, or telemetry
  • Technical contractors under NDA assisting with interface debugging or updates

Any such provider is subject to strict confidentiality, limited data use scopes, and security obligations aligned with industry standards. Where feasible, data is shared in pseudonymized or aggregated form.

We do not authorize infrastructure providers to retain or use User Data for any purpose beyond their role in delivering the Services.

5.2 Legal Compliance and Regulatory Requests

We may disclose User Data where required to comply with:

  • Lawful subpoenas, court orders, or binding government demands
  • Applicable sanctions regimes, export control rules, or financial services regulations
  • Investigations into fraud, abuse, protocol-layer attacks, or validator misconduct

Where permitted by law, we will provide you with notice of any compelled disclosure and limit the scope to the minimum data required to satisfy the legal obligation.

We do not proactively share User Data with authorities unless legally obligated.

5.3 Protocol Transparency and Public Analytics

We may publish or share high-level, anonymized staking metrics that reflect protocol health, validator performance, or User participation trends. This may include:

  • Total delegated stake across validators or networks
  • Reward distribution rates, validator uptime benchmarks, or delegation behavior
  • Non-identifiable session counts or wallet usage patterns

These outputs may appear on dashboards, documentation portals, community reports, or transparency logs. No public release will ever include raw telemetry, identifiable wallet addresses, or cross-session behavior traceable to individual Users.

5.4 Business Transfers

In the event of a merger, acquisition, restructuring, or sale of Anagram Staking Services, User Data may be transferred as part of the transaction. In such cases:

  • Any recipient will be bound by substantially similar privacy obligations
  • Affected Users will be notified via designated communication channels
  • User Data will not be repurposed or re-identified post-transfer without consent

We will not transfer or license User Data as part of a commercial sale unrelated to protocol continuity.

6. DATA RETENTION

Anagram Staking Services retains User Data only for as long as is reasonably necessary to support the technical operation, reliability, and compliance obligations of the Services. We apply a data minimization and purpose-driven retention policy, ensuring that no data is retained beyond what is required for:

  • Verifying on-chain staking events and reward visibility
  • Diagnosing interface or smart contract anomalies
  • Investigating abuse, protocol misuse, or validator risks
  • Complying with applicable legal, regulatory, or sanctions requirements

We do not retain personal identifiers or sensitive data, and we never retain raw telemetry for speculative analytics, behavioral modeling, or commercial reuse.

6.1 Standard Retention Periods

Unless subject to a legal hold or protocol-specific exception, the following retention windows apply:

  • Delegation and Usage Logs: Retained for up to 12 months to support User-facing dashboards, validator attribution, and accurate reward calculations. This includes wallet-connected delegation records, validator routing logs, and on-chain interaction metadata.
  • Diagnostic Metadata: Retained for 30-90 days depending on severity and system context. Includes error logs, API diagnostics, and telemetry associated with system availability or configuration issues.
  • Anonymized Aggregates: May be retained indefinitely, but only in a fully de-identified, non-attributable format. Used to support protocol benchmarking, transparency reporting, and longitudinal network health metrics.

6.2 Legal and Compliance Holds

We may retain certain User Data longer if required to:

  • Respond to legal claims, regulatory audits, or fraud investigations
  • Cooperate with sanctions enforcement or government inquiries
  • Enforce Terms of Use provisions related to abuse, validator manipulation, or attempted exploits

Such data will be reviewed regularly and deleted once the applicable obligation expires.

6.3 Data Linked to On-Chain Events

Delegation and staking activity are recorded on public blockchain networks and may remain accessible indefinitely through third-party explorers or indexers. We cannot alter or delete this on-chain data and make no guarantee of retroactive redaction.

While interface-linked telemetry may expire per the above retention rules, any staking action initiated by your wallet address remains publicly viewable as part of the protocol's immutable record.

6.4 Retention Post-Termination

If you cease using the Services, voluntarily undelegate, or disconnect your wallet:

  • All non-essential usage and telemetry data will expire per schedule
  • Aggregated data may remain in de-identified form
  • No further data will be linked to your wallet unless you reconnect or re-delegate

No residual account data persists, as no registration or identity linkage occurs.

7. USER RIGHTS

Anagram Staking Services does not collect personal identifiers by default, and the vast majority of our Services are designed to operate without linking User Data to real-world identities. However, depending on your jurisdiction and whether you've voluntarily submitted contact or identifying information (e.g., via email or support), you may have certain legal rights related to that data.

We recognize and support the following rights, where applicable under data protection laws:

7.1 Right to Access

You may request confirmation of whether we process any data linked to your wallet address or submitted contact information. If applicable, we will provide a summary of the categories of User Data associated with your interactions, along with a copy of any metadata that can be reasonably linked to you.

This does not include:

  • On-chain staking activity (which is publicly visible by design)
  • Aggregated, anonymized analytics not tied to an identifiable source

7.2 Right to Rectification

If you have provided contact information (e.g., email address) and believe it is incorrect or outdated, you may request correction or update. This right applies only to voluntarily submitted metadata; we do not allow modification of on-chain records or wallet-linked delegation history.

7.3 Right to Deletion

You may request deletion of:

  • Voluntarily submitted contact or identification data
  • Support-related communications, if not legally required to retain
  • Interface telemetry linked to your past usage, where feasible

Limitations apply:

  • We cannot delete on-chain data
  • Aggregated and de-identified data is not subject to deletion
  • Data subject to legal hold or protocol enforcement may be retained until resolved

7.4 Right to Object or Restrict Processing

Where telemetry processing is based on our operational interest (e.g., fraud prevention, abuse detection), you may object to such processing. We will evaluate your objection and, where legally required and technically feasible, limit or cease further processing linked to your wallet.

7.5 Right to Withdraw Consent

If you have opted into receiving communications (e.g., updates or incident notices via email), you may withdraw consent at any time. Withdrawal will not affect the lawfulness of processing based on prior consent.

7.6 Right to Lodge a Complaint

If you believe your data rights have been violated under applicable law, you may have the right to lodge a complaint with your local data protection authority. We encourage you to contact us directly first so we may resolve the issue promptly and informally where possible.

7.7 How to Exercise Your Rights

To submit a request, please contact us using the designated method listed on our website or through the protocol's official support channel. Include:

  • Your connected wallet address (for reference only)
  • A clear description of the data or issue at hand
  • Any supporting detail needed to authenticate the request

We may request additional verification to ensure that the request is legitimate and that we are not disclosing or modifying data improperly. We will respond to all verifiable rights requests within a reasonable timeframe and in accordance with applicable laws.

8. INTERNATIONAL DATA TRANSFERS

Anagram Staking Services operates a globally accessible, non-custodial staking interface, with core infrastructure and data processing activities administered primarily from the United States. As a result, technical and operational data associated with your use of the Services may be transferred to, processed in, or stored on servers located in the U.S. or other jurisdictions.

By accessing or using the Services, you acknowledge and consent to the transfer of such data across borders, including to countries that may not provide the same level of data protection as your home jurisdiction.

8.1 Global Nature of Staking Protocols

The Services are designed to be interoperable with decentralized networks, wallets, and infrastructure nodes that span global geographies. This means that certain staking interactions may inherently involve:

  • Routing data through international relay or RPC endpoints
  • Interfacing with browser-based wallets hosted or operated abroad
  • Emitting telemetry to diagnostic tools located in non-local jurisdictions

We do not localize User Data by geography unless explicitly required by law or protocol governance. No regional data silos or residency guarantees are provided.

8.2 Legal Basis for Transfers

For Users located in regions with cross-border data transfer restrictions (e.g., EU, UK, Brazil), we rely on one or more of the following mechanisms:

  • Your explicit consent to the transfer, based on your continued use of the Services
  • Transfers necessary for the performance of the staking interface or for implementing on-chain delegation activity
  • Standard Contractual Clauses (SCCs) or other recognized transfer mechanisms, where applicable and contractually feasible

We are not currently certified under the EU-U.S. or UK-U.S. Data Privacy Frameworks and do not rely on those schemes as a basis for transfer.

8.3 Safeguards and Risk Management

We implement reasonable technical and organizational safeguards to protect data in transit and at rest, including:

  • TLS encryption of API and interface communications
  • Role-based access control and monitoring on backend systems
  • Pseudonymization and minimization of telemetry data wherever feasible

Despite these measures, you acknowledge that U.S. laws and surveillance regimes may differ from those in your home country. By using the Services, you accept this risk and the cross-border nature of blockchain-based interactions.

9. SECURITY

Anagram Staking Services implements a layered security architecture designed to protect the limited User Data we process, while respecting the trust-minimized and decentralized ethos of the networks we support. We adopt industry-aligned technical and organizational safeguards to prevent unauthorized access, misuse, or compromise of system infrastructure and interface telemetry.

9.1 Our Commitments

We apply the following measures across our staking interface and supporting infrastructure:

  • TLS Encryption: All data transmitted between your browser and our services is encrypted in transit using modern Transport Layer Security (TLS) protocols and hardened HTTPS configurations.
  • Role-Based Access Control: Access to infrastructure, analytics tooling, and telemetry logs is restricted by principle of least privilege and tightly scoped to authorized operational roles.
  • Monitoring and Anomaly Detection: We continuously monitor system performance, wallet connection patterns, and interface interactions to detect misconfigurations, denial-of-service attempts, or abuse signatures.
  • Data Minimization and Pseudonymization: We collect only what is required to operate the interface (see Section 2) and pseudonymize or anonymize usage logs wherever possible to reduce residual data exposure.
  • Infrastructure Hardening: All backend systems are protected through audit-logged deployment workflows, secure cloud configurations, and service isolation where applicable.

We do not use third-party tracking scripts, behavioral adtech, or persistent user profiling systems.

9.2 Your Responsibilities

You are solely responsible for maintaining the confidentiality, security, and operational integrity of your wallet and private keys. This includes:

  • Safeguarding your seed phrase, signing device, or recovery material
  • Verifying transaction details before submitting any delegation
  • Ensuring use of secure browsers and trusted wallet extensions
  • Avoiding phishing sites, malware, or man-in-the-middle attempts that could compromise your signing session

Anagram Staking Services does not control, access, or manage your wallet. We cannot retrieve lost keys, reset wallet access, or reverse on-chain transactions. There is no custodial layer, fallback recovery mechanism, or User support for compromised wallets.

9.3 No Guarantee of Absolute Security

While we implement reasonable and evolving safeguards, no system or transmission path can be guaranteed 100% secure. By using the Services, you acknowledge that blockchain-based systems carry inherent risks, and that interface-layer protections cannot mitigate validator-side misconfiguration, malicious extensions, or User device compromise.

10. CONTACT

Anagram Staking Services maintains a lean, purpose-built communication interface for privacy-related inquiries, data subject requests, and staking protocol questions. We welcome good-faith outreach from Users, developers, delegators, and data protection authorities seeking clarity on how we handle User Data within our non-custodial staking interface.

10.1 General Contact and Support

For general questions, bug reports, or requests related to this Privacy Policy, you may contact us via the designated methods listed on our official website or referenced within the [Terms of Use].

When contacting us, please include:

  • A description of your inquiry and relevant data (e.g., wallet address, date of interaction, affected function)
  • The nature of the issue (e.g., access request, deletion request, telemetry question)
  • Any context needed to authenticate your role and enable a precise response

We may request additional information to verify the requestor's authority or to validate the existence of any data linked to a wallet address.

10.2 Data Subject Requests

If you are exercising rights under a data protection regime (e.g., GDPR, CCPA), you may submit a request through the same channels. Please note:

  • If you have not submitted any personal data, we may not have any information to retrieve or remove
  • We cannot associate real-world identities with wallet addresses without additional context you provide
  • Certain protocol telemetry may be retained or anonymized in accordance with Section 6

We will respond to all verifiable rights requests in accordance with applicable laws and our internal governance standards.

10.3 Legal or Regulatory Inquiries

Government agencies, law enforcement bodies, or regulators may contact us through the legal service channels listed in the protocol documentation or available upon request via our public contact mechanism.

  • Please specify the legal basis for any request and include any reference numbers, court orders, or jurisdictional assertions
  • Anagram Staking Services will not disclose User Data absent a valid and binding legal requirement

Where legally permitted, we will provide notice of any compelled disclosure.

10.4 Communications Scope

We do not offer phone support, real-time chat, or account recovery tools, as we do not operate a user identity system or custody platform.

If your inquiry relates to lost access to your wallet, transaction reversal, or staking error recovery, we will be unable to assist, as those functions fall outside our control.

Return home