>MintGuardian
Features Chains Terms Get early access →
auth : ~$ cat privacy_policy.md

> Privacy Policy

Last updated: 16 June 2026 · Operator located in the EU

MintGuardian is a read-only token safety scanner. We collect as little as possible, never touch your wallet, and never sell your data. This policy explains exactly what we process and why.

Contents
  1. What we collect
  2. What we never collect
  3. How we use data
  4. Third-party processors
  5. Legal basis (GDPR)
  6. Data retention
  7. Your rights
  8. Data hosting
  9. Children
  10. Changes
  11. Contact

01 What we collect

We process only what's needed to return a verdict and run your account:

  • Contract addresses you scan. Sent to third-party on-chain data providers and an AI provider to generate the safety verdict (see §4). These are public blockchain addresses, not personal data about you.
  • Account credentials (only if you create an account): your email address and a password — stored solely as a salted argon2id hash. We never store, log, or transmit plaintext passwords.
  • A device identifier — an anonymous UUID generated on your device, used to run anonymous mode and enforce daily scan limits before or without an account.
  • Push notification token (Expo) — only if you enable watchlist alerts, used solely to deliver those notifications.
  • Scan history — tied to your account if signed in, otherwise to your device.
  • Product analytics via PostHog (EU-hosted) — anonymous usage events to improve the app. No ad networks, no data sales.

02 What we never collect

Read-only by design

MintGuardian never collects your private keys, seed phrases, or wallet connections. You never connect a wallet to use the app. We never ask for, receive, or store any of these — there is no code path that could.

We also don't sell your data, share it with advertisers, or run ad networks of any kind.

03 How we use data

  • To generate verdicts: contract addresses are passed to on-chain data and AI providers to analyze risk.
  • To run your account: email and password hash authenticate you; the device ID enforces rate limits.
  • To deliver alerts: your push token sends watchlist notifications you've opted into.
  • To improve the product: aggregate, anonymized usage analytics.
  • To contact you: transactional email only — verification and password reset, sent from [email protected].

04 Third-party processors

We share the minimum necessary data with these processors:

GoPlus, Helius, AlchemyOn-chain data lookups for the contract address you scan.
Kimi / Moonshot AIGenerates the plain-English safety verdict from on-chain data.
ResendTransactional email (verification & password reset). Provider in Ireland.
PostHogProduct analytics, hosted in the EU region.
GoogleSign-In, and Play Billing for subscriptions.

Each processor receives only the data needed for its function. We do not authorize them to use your data for their own purposes.

05 Legal basis (GDPR)

  • Contract performance: processing scans, running your account, and delivering alerts you requested.
  • Legitimate interest: anonymized analytics to improve the service and prevent abuse (rate limits).
  • Consent: push notifications, which you explicitly enable and can disable at any time.

06 Data retention

Account data, watchlist, and scan history are retained while your account is active. Anonymous device-tied data is retained only as long as needed for rate limiting. When you delete your account (§7), associated data is permanently removed. Aggregate, anonymized analytics that cannot identify you may be retained.

07 Your rights

Under the GDPR you have the right to access, correct, export, and delete your personal data, and to object to or restrict processing.

Right to deletion — in your control

You can permanently delete your account and all associated data directly in the app: Settings → Delete account. This removes your account data, watchlist, and scan history. Note that deleting your account does not cancel an active store subscription — cancel that separately in Google Play or the App Store.

To exercise any other right, contact [email protected].

08 Data hosting

Data is hosted in the European Union: application servers in Germany, analytics in an EU region, and our email provider in Ireland. Where data is processed by providers outside the EU, we rely on appropriate safeguards such as Standard Contractual Clauses.

09 Children

MintGuardian is not directed at anyone under 18 and we do not knowingly collect data from children. If you believe a minor has provided us data, contact us and we'll remove it.

10 Changes to this policy

We may update this policy as the product evolves. Material changes will be reflected in the "last updated" date above, and significant changes will be communicated in-app or by email.

11 Contact

Questions about privacy or your data: [email protected].

>MintGuardian

Token safety scanner for crypto traders. Built with terminals and paranoia.

Product

  • How it works
  • Features
  • Supported chains
  • Early access

Company

  • Privacy Policy
  • Terms of Service
  • Support

Connect

  • [email protected]
  • Early access
© 2026 MintGuardian. All rights reserved. Not financial advice. Verdicts are informational only.