Privacy Policy

1. Information We Collect

LaunchCTRL is a non-custodial platform. We do not require registration, email addresses, or personal identification to use the Platform. The information we may collect includes:

• Wallet addresses, when you connect a wallet, your public wallet address is visible to us and recorded in connection with your activity on the Platform. Wallet addresses are public by nature on the Solana blockchain.
• Transaction data, on-chain transactions you initiate through the Platform are publicly recorded on the Solana blockchain and permanently visible to anyone.
• Usage data, IP addresses, browser type, device information, pages visited, and interaction patterns when you use the Platform.
• Token metadata, names, descriptions, images, and other content you submit when creating a token are uploaded to permanent decentralised storage (Arweave, via the Irys gateway) and made publicly accessible. Once uploaded, this content cannot be deleted or modified by us, by you, or by any third party.
• Profile content, if you create a profile, your chosen username, bio, and avatar URL are stored in our database and publicly accessible to anyone who visits your profile page.

2. How We Use Information

We use the information we collect to:

• Operate and maintain the Platform
• Display token data, trade history, and market information
• Detect and prevent abuse, fraud, or prohibited use
• Diagnose errors and improve reliability via session monitoring
• Analyse usage patterns to improve the Platform
• Comply with applicable legal obligations

3. Blockchain Transparency

Transactions you initiate on the Platform are broadcast to the Solana blockchain, a public and immutable distributed ledger. This includes your wallet address, the tokens involved, and transaction amounts. This data is permanently public and cannot be deleted, modified, or restricted by us or by you.

You should be aware that your on-chain activity is visible to anyone and may be indexed by third-party blockchain explorers, analytics services, and data providers.

4. Cookies, Local Storage, and Session Monitoring

The Platform uses cookies, browser local storage, and session-monitoring technology for the purposes below. We do not use cookies for targeted advertising and we do not sell tracking data to third parties.

• Authentication cookie (lctrl_gate), HttpOnly cookie set after you unlock the access gate during the private beta. Used solely to remember that your browser has been authorised. Expires after 30 days.
• Theme preference (lctrl_theme), stores your light/dark mode choice. Read on each page load to render the matching theme.
• Local storage, used to cache trading-form preferences (default slippage, preset buy/sell amounts) and other UI state. Stored only on your device; never transmitted to our servers.
• Error and session monitoring, we use Sentry to capture runtime errors and, in a subset of sessions, session replays that record page navigation, clicks, and keystroke timing (the actual contents of input fields are masked by default). Replays help us reproduce bugs. They are retained according to Sentry's retention policy and are not used for marketing or sold to third parties.

You can disable cookies in your browser settings, though some Platform features (including the access gate, theme persistence, and saved trading preferences) may not function correctly as a result. You can opt out of session replay by enabling Do Not Track or by using a browser extension that blocks Sentry.

5. Service Providers

We do not sell your personal information. We share limited information with the following infrastructure providers, each of whom is contractually or operationally required to handle data only as necessary to provide their service:

• Vercel, hosting and content delivery for the Platform. Receives request metadata (IP, user agent, paths).
• Supabase, database for profiles, comments, and related off-chain content.
• Helius, Solana RPC provider used to read on-chain state and submit transactions on your behalf.
• Sentry, error monitoring and session replay (see Section 4).
• Irys / Arweave, permanent decentralised storage for token metadata and images.

We may also disclose information when required by law, regulation, legal process, or governmental request, or in connection with a merger, acquisition, or sale of assets.

6. International Data Transfers

Our service providers operate primarily in the United States. If you access the Platform from another country, your data will be transferred to and processed in the United States, which may have data-protection laws different from your jurisdiction. By using the Platform, you consent to this transfer.

7. Your Rights

Depending on your jurisdiction, you may have rights regarding the information we hold, including the right to:

• Request a copy of any off-chain personal data we hold about you
• Request correction of inaccurate off-chain data
• Request deletion of your off-chain profile or comments
• Object to or restrict certain processing

To exercise these rights, contact us at the email below. Please note that on-chain data (wallet addresses, transactions) is recorded on the Solana blockchain and cannot be deleted, modified, or restricted by us, by you, or by any third party. Token metadata uploaded to Arweave is similarly permanent and beyond our ability to remove.

8. Data Retention

We retain off-chain information for as long as necessary to provide the Platform and comply with applicable legal obligations. Profile and comment data persists until you request deletion or until we wind down the Platform. Server logs are retained for up to 90 days. Sentry replays follow Sentry's default retention. On-chain data and Arweave-stored metadata are permanent and cannot be deleted.

9. Security

We implement reasonable technical and organisational measures to protect information we hold, including encrypted transport (HTTPS), HttpOnly cookies for authentication, and server-side input validation. However, no method of transmission or storage is completely secure. We cannot guarantee the absolute security of your information.

You are solely responsible for the security of your wallet, private keys, and seed phrase. Loss or compromise of these credentials is permanent and irreversible. We do not have, and will never request, your private keys or seed phrase.

10. Children

The Platform is not directed to children under 13 (or under 16 in jurisdictions where that is the applicable threshold under data-protection law). We do not knowingly collect personal information from children under those ages. Separately, the Terms of Service require all users to be at least 18 years old. If you believe a child has provided us with information, please contact us and we will take steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy at any time. Changes take effect when posted with an updated "Last updated" date. Your continued use of the Platform after changes are posted constitutes acceptance of the revised policy.

12. Contact

For questions or requests regarding this Privacy Policy, contact us at [email protected].