Skip to main content
Effective Date: Nov 22, 2025This Privacy Policy explains how Neuro Foundation LLC (“we”, “our”, “Operator”) collects, uses, shares and stores information when you use our services, including:

1. Summary

  • We collect only the technical data required to operate our services: wallet addresses, IP‑derived region, server logs, anonymized/aggregated analytics and performance data.
  • We use analytics and monitoring services including Google Analytics, PostHog, and Sentry to improve our services and reliability.
  • For AI Agent services, we collect authentication information and chat history to enable communication.
  • We do not collect payment‑card data and maintain non‑custodial practices for wallet interactions.
  • We use Privy for authentication with social logins and Web3 wallets, and use JWT tokens for session authentication across our services.

2. What We Collect

Purpose: Route your transaction and provide non‑custodial services (no platform fees)
Lawful Basis: Contract (you request a swap)
Purpose: Enforce geo‑blocks & sanctions policy
Lawful Basis: Legal obligation (OFAC/UN sanctions); Legitimate interest (prevent abuse)
Purpose: Block sanctioned / high‑risk wallets
Lawful Basis: Legal obligation
Purpose: Debug and ensure security
Lawful Basis: Legitimate interestIncludes: timestamp, endpoint, error codes
Purpose: Improve user experience and service performance
Lawful Basis: Legitimate interest (with user consent where required)Services Used: Google Analytics, PostHog
Includes: page views, user interactions, device/browser information, usage patterns (stored in anonymized/aggregated form where possible)
Purpose: Detect, reproduce, and fix errors; monitor app performance
Lawful Basis: Legitimate interestService Used: Sentry
Includes: error stack traces, timestamps, basic device/browser metadata, and page/application context. We do not intentionally collect message content, private keys, or wallet seed phrases.
Purpose: Provide AI Agent services and maintain user sessions
Lawful Basis: Contract (you request our services)Includes: JWT tokens, user identifiers, session data, and the login method used (e.g., Telegram, X/Twitter, Google, Web3 wallet via Privy). We remain fully non‑custodial and never have access to your private keys or seed phrases.
Purpose: Deliver opt‑in notifications through connected channels
Lawful Basis: Consent / Contract (service requested)Includes: delivery channel and preferences (e.g., Telegram/X/Email/Push). You can manage preferences at any time in platform settings at https://neurodex.ai.
Purpose: Enable AI Agent communication and improve responses
Lawful Basis: Contract (you request AI Agent services)Includes: messages exchanged with AI Agent, conversation context
Purpose: Personalize Neurobro’s responses within Neurodex and related mini apps
Lawful Basis: Consent (optional data you provide)Includes: trading goals, crypto experience level, life stage, strategy style, discovery breadth, decision speed, custom instructions for the AI Agent.Visibility: Not publicly available and not visible to other users. We DO NOT sell this data or use it for advertising.Deletion: You can remove this data anytime in your settings (e.g., by clicking “Delete” or clearing your Alpha Profile). When deleted, it is permanently erased from our systems with no internal backups or archived copies retained.
Cookies/local storage and SDKs are used for essential functionality (auth/session) and, with consent where required, for analytics and performance monitoring (Google Analytics, PostHog, Sentry). You can manage non‑essential cookies in the cookie banner and adjust preferences in platform settings.

3. How We Use the Data

Service Provision

To provide our services - build and relay your swap transactions, enable AI Agent communication, and maintain user sessions.

Compliance

To comply with sanctions laws - screen wallets using the Chainalysis Sanctions Oracle, which compares wallet addresses against OFAC, UN, EU, and other global lists.

Security

To secure our services - detect DDOS or abuse, maintain authentication security, and monitor application errors and performance (via Sentry).

Analytics & Improvement

To analyze usage patterns and improve our services using Google Analytics, PostHog, and Sentry (error/performance telemetry).
We do not sell or share your data with advertisers. We may share hashed logs with regulators or auditors if legally compelled. Analytics data is processed according to the respective privacy policies of Google Analytics and PostHog.

4. Data Retention

Wallet & swap logs

12 months then deleted/aggregated

IP‑level server logs

30 days unless required for security investigation

Chat history

Until user requests deletion

Analytics data

As per Google Analytics, Sentry and PostHog retention policies
No address hashes from sanctions screening are stored. Wallets flagged by Chainalysis are blocked at runtime without persistent storage. JWT tokens expire according to session settings.

5. Your Rights (EU/EEA & UK GDPR)

If you are in the EU/EEA or UK, you have the right to:
Request a copy of data we hold about you.
Correct inaccurate data.
Request deletion where we no longer have a legal ground.
Restrict or object to processing in certain cases.
Receive data in a machine‑readable format.
To exercise a right, email [email protected]. For wallet-related requests, include a signed message from the wallet you used. We may decline requests that would contravene sanctions screening. By using our services, you acknowledge that certain data (e.g., wallet address, IP-derived region, chat history) is processed for security, compliance, and service provision purposes, and you consent to this processing under applicable data protection laws.

6. Marketing, Authentication & Notifications

When you sign in to Neurodex.ai using Privy (e.g., Web3 wallets or social logins like Google Sign‑In, Telegram, or X/Twitter), Privy facilitates authentication. For marketing emails, we receive your verified email address through our email‑delivery platform, Privy, Inc. (privy.io).

What We Collect

We collect your verified email address (for newsletters), and may store the login method used (Telegram, X/Twitter, Google, or Web3 wallet via Privy) to operate authentication. Notification preferences (channels and topics) may be stored to deliver opt‑in alerts.

Why We Collect It

We use your email address solely for non‑transactional communications:
  • Weekly product‑update newsletters
  • Feature announcements
  • Curated market recaps and relevant content
European Economic Area & UK: Your explicit consent (GDPR Art. 6(1)(a)). Marketing consent is optional and not required to use Neurodex.ai. Canada: Implied or express consent under CASL with business address and unsubscribe mechanism in every message. United States: CAN‑SPAM Act compliance with clear promotional identification and opt‑out links. California (CCPA/CPRA): We do not “sell” or “share” your personal information for cross‑context behavioural advertising.

Communication Frequency

By default, we send at most one newsletter per week. Material changes to frequency will be communicated and may require fresh consent.

How to Unsubscribe

You can opt out at any time by either:
  • Clicking the unsubscribe link in any marketing email
  • Toggling preference checkbox in emails
  • Emailing us at [email protected]
Withdrawal is immediate for new campaigns and processed within 72 hours for all lists.

Retention & Deletion

We retain your email for marketing only until you withdraw consent. After withdrawal, it’s added to a suppression list to prevent future marketing messages.

Third‑Party Processing

Privy acts as our data‑processor under GDPR Art. 28 with Standard Contractual Clauses for international transfers. Data may be stored in the United States with appropriate safeguards. Google Analytics, PostHog, and Sentry act as processors for analytics/monitoring; their processing is governed by their respective terms and data protection addenda.

8. Cookies and Similar Technologies

We use cookies, local storage, and SDKs:
  • Essential (no consent required): authentication/session security, fraud prevention, sanctions screening, basic preferences
  • Analytics (consent where required): Google Analytics, PostHog
  • Performance/Monitoring (consent where required): Sentry
You can manage non‑essential cookies via the cookie banner and update choices any time in platform settings. You can also block or delete cookies in your browser settings; the Platform will continue to function with essential cookies only.

Your Rights

Depending on your residence, you have rights including access, rectification, erasure, restriction, portability, and objection to direct marketing. Exercise them via [email protected].

7. Security

We use:
  • Encrypted transport (TLS 1.3)
  • JWT tokens for secure authentication
  • Least‑privilege keys
  • Segregated production networks
Wallet screening via the Chainalysis Sanctions Oracle is integrated directly into on-chain logic and/or Web3 infrastructure without storing raw responses.

9. Changes to this Policy

We may update this Policy. Important changes will be posted on our services and take effect 7 days after posting unless a shorter period is required by law.

10. Contact

Phone

(856) 416-6698

Mail

Neuro Foundation LLC, 1111B S Governors Ave STE 28958, Dover, DE 19904

Version History

Added Privy authentication (socials and Web3 wallets), Sentry error/performance monitoring, cookie banner and categories, notification preferences, and clarified non‑custodial operation and anonymized analytics.
Added Marketing and Newsletter Communications section covering email collection via Privy, consent management, and unsubscribe processes for weekly newsletters and product updates.
Updated for expanded services including AI Agent on Telegram, Landing Page, and Neurodex Terminal. Added analytics services (Google Analytics, PostHog), authentication data collection, and chat history. Updated company information to Neuro Foundation LLC.
Initial draft - no cookies, no analytics