logo
TERMS OF SERVICEPRIVACY POLICY

Privacy Policy

This Privacy Policy ("Policy") explains how JMD Labs Inc ("Encifher", "Company", "we", "us", or "our") collects, uses, shares, and protects data in connection with encifher.io and all other properties, products, and services (the "Services"). Your use of the Services is subject to this Policy and our Terms of Service

Brief Background

Encifher is a privacy-preserving platform integrated with the Jupiter aggregator on Solana to deliver on-chain token swaps with speed and confidentiality. We layer encryption over Jupiter's routing infrastructure so users retain full custody of private keys while executing transactions. From wallet connection onward, our system orchestrates encrypted order construction, on-chain proof generation, and encrypted routing via Jupiter's APIs—obscuring sensitive transaction metadata (counterparty addresses, token amounts, route paths) from public block explorers. Before any swap is broadcast, on-chain data (wallet address, recent history, balance snapshots) is securely transmitted to third-party compliance providers who return a risk assessment that determines eligibility to transact.

Disclaimer

  • We do not collect and store personal data like first/last name, street address, date of birth, or email in connection with general use of the Services.
  • We collect non-identifiable data (e.g., public on-chain data; limited device/browser info) to guide product improvements, not to track users.
  • If you opt in to emails, we store your email solely to send those emails; you can unsubscribe anytime. We do not attempt to link your email to wallet or IP data.
  • We continue exploring stronger privacy measures (opt-out prompts, privacy-centric tooling, traffic anonymization/proxies).
  • You are encouraged to explore client-side privacy tools.
  • Material changes will be reflected in updates to this Policy.

Contact Information

Data Controller: JMD Labs Inc (incorporated under the laws of the British Virgin Islands).
Email: help@encifher.io.

Categories of Data We Collect

1) Voluntary Data

When you interact with the Interface (e.g., subscribe to newsletters, contact support, apply for grants, or complete exceptional AML/KYC), you may provide: name, email, phone, identity verification documents, and other details—used to fulfill requests, keep you informed, process applications, and meet legal/regulatory duties. We never request, collect, or store private keys/seed phrases. You retain full control of your wallet at all times.

2) Automatically Collected Data

On each visit, we collect technical data that doesn't directly identify you: IP, browser/OS, device identifiers, ISP, referrer URL, timestamps, click counts; plus usage metrics (e.g., swaps initiated, pages viewed, clicks, scroll behavior, session duration, error logs). This supports security, performance, diagnostics, UX optimization, and fraud detection. Where possible, analytics are aggregated or pseudonymized.

3) Cookies & Tracking Technologies

We use cookies/local storage and similar tech to support sessions, security, and system health:

  • Session cookies: authenticate active sessions/wallet connections.
  • Persistent cookies: remember preferences (e.g., language, display).
  • Third-party cookies: from trusted analytics providers for anonymized usage data.

You can manage/disable cookies in your browser; some features may degrade if disabled.

4) Third-Party Service Integrations

We rely on a limited set of providers to operate the platform: Cloudflare (security/performance), Jupiter RPC/QuickNode (Solana connectivity), analytics (e.g., Google Analytics, Mixpanel), and email services (e.g., newsletter delivery). Providers only receive the minimum data needed for their function (e.g., IP for security, connection logs for RPC).

5) Blockchain Data & Transparency

Upon wallet connection we process public on-chain data (wallet address, tx hashes, token balances, contract interactions, timestamps) to:

  • Generate encrypted swap quotes
  • Route transactions via Jupiter
  • Perform compliance checks using blockchain intelligence services

Blockchains are transparent; public data can be combined with other sources over time. We do not store private keys; processing is limited to public ledger data plus compliance needs.

6) Information From Other Sources

We may receive information about your wallet or transactions from service providers to comply with legal obligations and prevent illicit activity.

How We Share Data

We share data only as necessary and bind recipients to protect it and use it solely for the intended purpose:

A) With affiliated entities/teams operating or improving the platform and supporting daily activities.
B) With a limited set of service providers (analytics, cloud storage, AML/compliance).
C) With government agencies/courts/law enforcement when legally required; in rare cases with trusted partners/investigators for serious security/criminal matters, per law.
D) In case of corporate events (restructuring, merger, acquisition), data may transfer and remain protected by this Policy.
E) If you consented to certain cookies/trackers, some third parties may collect limited browsing data directly from your device (you can manage preferences).

No sale of personal data. Data may be transferred internationally subject to protective measures and applicable law. Contact us for cross-border details.

How & Why We Process Your Data

We process provided and technical data to power private swaps and communications:

  • When you connect a wallet, we use your public address, recent on-chain history, and balance snapshots to build encrypted routes and execute trades reliably and efficiently.
  • We analyze performance (speed, error logs, usage patterns) to optimize infrastructure.
  • We process contact information you share to respond to support, troubleshoot, and send updates (you may opt out of marketing at any time).
  • For security/compliance, we monitor patterns, log file data (including IP/timestamps), and screen wallets for illicit activity—helping prevent fraud and maintain a safe ecosystem.
  • For disputes/legal inquiries, we may rely on collected data (on-chain records, support communications) to investigate incidents and protect our rights/community.
  • To comply with AML/sanctions requirements, we process on-chain data and, where required, additional identity data.

We do not use your data beyond the purposes described and do not sell your personal information. For questions or to exercise rights, contact help@encifher.io.

Data Retention

  • We retain personal data and on-chain information only as long as necessary for private swaps, platform improvement, support, and legal obligations (including AML).
  • Retention varies by data type/purpose (e.g., logs and AML screening results may be kept up to five years; aggregated/anonymized analytics are held shorter and purged when no longer useful).
  • We consider sensitivity/volume, risk, alternatives, and legal mandates when setting periods.
  • After expiry/need ends, we delete or irreversibly anonymize data.
  • Fully anonymized data may be retained indefinitely for research/analysis/platform improvement.

Cookies & Other Tracking Technologies (Details)

We and certain third parties may use cookies, local storage, pixel tags, and web beacons to recognize sessions, remember preferences, maintain security, improve functionality, and understand engagement.

Categories

  • Essential: Required for core functions (security, wallet connections, private swaps). Not optional.
  • Performance/Analytics: Usage statistics, performance, and issue diagnostics.
  • Preference: Language/theme and similar settings.
  • Marketing/Third-Party: Certain integrated tools may use their own cookies (consent requested where required).

You can refuse/withdraw consent for non-essential cookies anytime (cookie banner, browser settings). Disabling certain cookies may affect functionality. Encifher is not responsible for third-party practices; review their privacy policies.

Your Privacy Rights & Security Measures

a) Your Rights & Data Protection

You may have rights to access, correct, delete, restrict, or port your personal data and to withdraw consent for marketing. Contact help@encifher.io; we may verify your identity and respond promptly or explain if legal reasons prevent compliance. Governing law: Republic of Panama (exclusive jurisdiction in Panama).

b) Data Security & Breach Response

We use strong encryption, strict access controls, regular security audits, and continuous monitoring. In case of a breach, we investigate, contain, notify affected users/authorities as required, and take preventive measures.

c) Our Commitment

We are committed to safeguarding your data while respecting your control and rights.

Disclosure for Third-Party Data Processors

We engage a select group of processors (e.g., Cloudflare, Jupiter RPC, QuickNode, Google Analytics, Mixpanel, SendGrid). They must implement robust safeguards, maintain confidentiality, and comply with applicable data-protection laws (e.g., GDPR). They may not use or share your data beyond agreed purposes.

Beta Notice

During beta, certain analytics/performance data may be used for debugging and development. By using Encifher in beta, you consent to such use.

Wallet-Scanning Process

  • On wallet connection (wrap/unwrap), our system performs automated background scans based on industry-standard parameters.
  • We use public on-chain data (history, balances, interactions) only.
  • Data is transmitted to trusted compliance API partners (sanctions lists, mixer/stolen-fund alerts, other illicit activity).
  • Partners return real-time risk assessments/flags.
  • Flagged addresses are automatically blocked (no swaps/transfers).
  • We never request/access/store private keys or seed phrases. Enforcement relies on public ledger data and compliance responses.

Minimal Data-Collection Principles

  • Collect only the essential data required to operate secure, encrypted swaps.
  • No harvesting of unnecessary personal details (e.g., home address, phone, private keys).
  • On wallet connection, obtain only the public address and necessary transaction data.
  • If you subscribe/request support, we collect only your email.
  • Regular internal reviews ensure each data point has a clear purpose and proper security; unnecessary data is promptly deleted.

Children's Data

The Interface is intended for adults only and is not directed to individuals under 18. We do not knowingly collect data from minors; if discovered, we delete it and block access. Parents/guardians should monitor children's online activity and may contact help@encifher.io with concerns.

Your Rights (By Jurisdiction)

  • EEA/UK (GDPR): Access, correction, deletion, restriction, portability, and objection (including to legitimate-interest processing or direct marketing). Withdraw consent at any time.
  • California (CCPA): Right to know, access, correct, delete (subject to exceptions), and opt-out of sale/sharing (Encifher does not sell personal data). Authorized agents may submit requests with verified authorization.
  • Other regions: We accommodate comparable rights where applicable, subject to legal/technical limits (e.g., immutable public blockchains).

Blockchain limitations: Public ledgers (like Solana) are transparent and permanent. We cannot alter/delete confirmed on-chain records. Consider privacy-enhancing practices (fresh addresses, privacy-centric wallets).

How to Exercise Your Rights

Email help@encifher.io to access/correct/delete/opt-out or exercise other rights. We may require verification (e.g., wallet address confirmation, email code). If using an authorized agent (e.g., under California law), provide signed authorization and identity proof. You may also lodge a complaint with your local data-protection authority; we encourage contacting us first to resolve concerns.

Contact Us

Questions, concerns, or complaints about privacy practices or this Policy: help@encifher.io (Data Protection Officer).

Changes to This Privacy Policy

We review and update this Policy regularly. When significant changes occur, we post the revised version and update the "Last Modified" date, and may also provide direct notice (e.g., email or in-Interface notice). Continued use after updates constitutes acceptance. If you disagree, disconnect your wallet and stop using the Interface.