Privacy Policy

1. Data We Collect

We collect the following types of data:

• Email address: Provided during account creation for authentication and communication.
• Wallet addresses: Public blockchain addresses you connect to view your positions. These are already publicly visible on the blockchain.
• Usage analytics: Pages visited, features used, and interaction patterns to improve the Service.
• Alert preferences: Your configured alert settings, monitored pools, and notification preferences.
• Subscription data: Payment status, plan type, and billing cycle (managed by Stripe — we do not store credit card numbers).

2. How We Use Your Data

• Provide, maintain, and improve the Service
• Send magic link authentication emails
• Process payments and manage subscriptions through Stripe
• Deliver position monitoring alerts and notifications
• Aggregate anonymized usage data to improve product features
• Communicate service updates, security notices, and support responses

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. Third-Party Services

We use the following third-party services to operate LiquiLab:

• Stripe — Payment processing. Subject to Stripe's Privacy Policy.
• Migadu — Email delivery (magic link authentication emails).
• Flare Network RPCs — Blockchain data retrieval (public on-chain data).
• Railway — Application hosting and database (EU region).
• Vercel — Frontend hosting and CDN.

4. Data Storage

Your data is stored in a PostgreSQL database hosted on Railway in the EU region. Data is encrypted in transit (TLS/HTTPS) and at rest. We apply the principle of data minimization — we only store what is necessary to provide the Service.

5. Cookies

LiquiLab uses the following cookies:

We do not use third-party tracking cookies or advertising cookies.

6. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

• Access: Request a copy of your personal data.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of your personal data ("right to be forgotten").
• Portability: Receive your data in a machine-readable format.
• Withdraw consent: Withdraw consent for data processing at any time.
• Object: Object to processing of your personal data.

To exercise any of these rights, contact us at privacy@liquilab.io. We will respond within 30 days.

7. Data Retention

We retain your account data for as long as your account is active. Upon account deletion or request, we will remove your personal data within 30 days, except where retention is required by law (e.g., billing records). Anonymized, aggregated analytics data may be retained indefinitely as it cannot be linked back to individuals.

8. Blockchain Data

Wallet addresses and liquidity positions are publicly visible on the Flare Network blockchain. LiquiLab aggregates and presents this publicly available on-chain data — we do not create or reveal private information. The public nature of blockchain data means that your wallet activity is visible to anyone with access to the blockchain, regardless of whether you use LiquiLab.

9. Security

We implement the following security measures to protect your data:

• HTTPS encryption for all connections
• Content Security Policy (CSP) headers
• HMAC-signed authentication tokens
• Rate limiting on API endpoints
• Regular security audits and dependency scanning
• No storage of credit card information (handled by Stripe)

10. Contact

For privacy-related inquiries: privacy@liquilab.io
For general support: support@liquilab.io

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to registered users. The "Last updated" date at the top of this page indicates when the policy was last revised. Continued use of the Service after changes constitutes acceptance of the revised policy.