Privacy Policy
How we handle your data — minimal collection, no tracking cookies, no data sales.
Last Updated: February 2, 2026
Data Controller: Messy Virgo DAO, 8000 Zürich, Switzerland | legal@messyvirgo.com
Overview
We process minimal data to operate services. No marketing, no behavioral profiling, no data sales.
Geographic Scope: We don't target EU/EEA users. Access is incidental. You're responsible for local compliance.
What We Collect
1. Technical Data (All Users)
- Hashed identifiers (not IPs/cookies) — dual-salt, unlinkable
- Timestamps and event types
- Purpose: Rate limiting, DDoS prevention, service optimization
- Retention: 24-72 hours (rate limits), 90 days (analytics)
2. Wallet Data (When You Connect)
- Wallet address — for authentication and preferences
- User preferences — settings, watchlists, configurations
- Session tokens — expire after logout or 30 days
- Interaction history — fund selections, trades initiated
We store: Wallet + preferences + usage patterns
We don't store: Private keys, real-world identity (unless you provide), cross-site activity
Retention: While active; deleted after 24 months inactivity or on request
What We Don't Do
- No tracking cookies or ads
- No cross-site tracking
- No data sales to third parties
- No email/KYC requirements (unless legally required)
Privacy by Design
- Dual-salt hashing: Rate limits and analytics use separate, unlinkable hashes
- Wallet-only auth: No passwords or emails
- Pseudonymous: Addresses are pseudonymous unless you link identity
- Client-side first: Data processed locally where possible
Your Rights
Under Swiss data protection law, you can:
- Access data we hold about your wallet
- Correct inaccurate data
- Delete preferences and account data
- Export data in machine-readable format
How: Email legal@messyvirgo.com or sign a message with your wallet. Response within 30 days.
Limits: On-chain data cannot be deleted (blockchain immutability). Anonymized hashes cannot be linked back to you.
Third-Party Services
- Analytics: Cookie-less tools (Plausible) with server-side aggregation
- Blockchain: RPC providers (Alchemy, Infura); your transactions are public on-chain
- Data feeds: Price/metrics providers don't receive your personal info
Security
- Multi-sig treasury controls
- HTTPS/TLS encryption
- Access controls
- Regular smart contract audits
You're responsible for: Wallet and private key security.
Updates
We may update this notice. Check "Last Updated" date. Material changes announced via website/Telegram.
Contact
Privacy: legal@messyvirgo.com
Support: https://t.me/messyvirgo
Crypto involves substantial risk. We process data for services, not marketing.