← Back to Home

Privacy Policy

Last updated: April 4, 2024

1. Introduction

HelioWallet ("we", "our", or "us") operates an experimental cryptocurrency wallet application built for educational and research purposes. This Privacy Policy explains what data is collected, how it is handled, and your rights when using our service.

By using HelioWallet, you acknowledge that this is a research project and agree to this Privacy Policy. If you do not agree, please do not use the service.

2. Information We Collect

2.1 Data Stored Locally on Your Device

HelioWallet is a self-custody wallet. The following data is encrypted and stored only in your browser's local storage on your device:

  • Private keys and mnemonic phrases (AES encrypted)
  • Wallet addresses and account settings
  • User preferences (theme, language, selected networks)

We do not have access to your private keys, mnemonic phrases, or passwords. This data never leaves your device and is never transmitted to our servers.

2.2 Data Transmitted Through Our Backend

When you use HelioWallet, your wallet address(es) may be sent to our backend API server, which in turn queries third-party services. This is necessary to fetch:

  • Account balances and token holdings
  • Transaction history
  • Token price data
  • Network and chain information

2.3 Automatically Collected Data

Our servers may automatically log standard technical information such as:

  • IP addresses
  • Browser type and version
  • Request timestamps
  • Referring URLs
  • API request patterns (for rate limiting and abuse prevention)

This data is collected for operational purposes (security, debugging, abuse prevention) and is not used for tracking, profiling, or advertising.

3. How We Use Your Information

  • To provide wallet functionality (balance display, transaction processing)
  • To proxy requests to third-party blockchain APIs
  • To cache data for performance optimization
  • To maintain service security and prevent abuse
  • To debug and improve the software

We do not use your information for advertising, marketing, user profiling, or selling to third parties.

4. Third-Party Services

HelioWallet relies on third-party APIs and services to function. When you use our service, your wallet address and related blockchain queries are forwarded to these providers. These include but are not limited to:

  • Blockchain RPC providers (for submitting transactions and reading chain data)
  • Blockchain data aggregators (for token balances and transaction history)
  • Price data providers (for token prices)
  • Block explorer APIs

Each third-party service has its own privacy policy and terms. We have no control over how these services collect, use, or store data, and we assume no responsibility for their practices. We encourage you to review the privacy policies of any third-party services you interact with through HelioWallet.

5. Data Security

We implement reasonable measures to protect data within our control, including:

  • AES encryption for sensitive data stored locally
  • HTTPS for all client-server communication
  • API key protection through backend proxy

However, as an experimental research project, we cannot guarantee the absolute security of any data. No system is 100% secure. You are solely responsible for:

  • Keeping your device and browser environment secure
  • Safely backing up your mnemonic phrase and private keys
  • Never sharing your credentials with anyone
  • Understanding the risks of using experimental software

6. Data Retention

Local data: Stored on your device until you manually clear it (clear browser storage or disconnect your wallet).

Server logs: May be retained for a reasonable period for operational and security purposes, then automatically purged.

Cache data: Automatically expires based on configured TTLs (typically 30 seconds to 24 hours depending on data type).

7. Your Rights & Control

Since HelioWallet is a self-custody application with minimal server-side data collection:

  • Delete local data: Clear your browser's local storage or disconnect your wallet to remove all locally stored data
  • Stop data collection: Simply stop using the service
  • Data portability: Your private keys and addresses are standard blockchain formats usable in any compatible wallet

We do not maintain user accounts or persistent user profiles on our servers. Your wallet address is the only identifier used in API requests, and it is publicly visible on the blockchain regardless of our service.

8. Children's Privacy

HelioWallet is not intended for use by individuals under the age of 18. We do not knowingly collect data from minors. If you are under 18, please do not use this service.

9. Disclaimer

This is an experimental research project. We provide no warranties regarding data security, privacy, or the reliability of this service. For managing cryptocurrency of significant value, we strongly recommend using professionally audited wallet solutions such as Ledger, Trezor, MetaMask, or other established wallet providers.

We accept no liability for any data breaches, loss of privacy, or any damages arising from the use of this software, to the maximum extent permitted by law.

10. Changes to This Policy

We may update this Privacy Policy at any time without prior notice. Changes become effective immediately upon posting. Your continued use of HelioWallet after any changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us.