Back to Home Pay402

Privacy Policy

Last updated: October 2025

Overview & Scope

This Privacy Policy explains how the Pay402 website and related minting endpoints (the “Service”) process information when you connect a wallet and mint commemorative Pay402 tokens. This Policy applies only to the Service and does not govern third-party sites, wallets, or blockchains.

Information We Collect

When you connect a wallet or interact with the Service, we may process:

• On-chain data: wallet address, token mints, transfer transactions, and smart-contract events. These records are public and immutable on the Base network.

• Minimal off-chain operational data: a hash-like payment identifier, payer address, mint status, timestamps, and error codes used for idempotency, duplicate-prevention, and support.

• Runtime metadata: coarse geolocation (country/region) derived from IP for compliance screening, and standard HTTP logs (e.g., user agent) for security and anti-abuse. We do not intentionally collect names or emails unless you voluntarily provide them (e.g., support inquiries).

How We Use Information

We use information to:

• Process and verify payment for the mint (including server-side verification/settlement)

• Enforce mint limits and prevent duplicate or abusive activity

• Provide support, investigate incidents, and maintain operational logs

• Generate aggregated, non-identifying analytics about usage

• Comply with law, sanctions, and our eligibility rules

Legal Bases (where applicable)

Depending on your location, we rely on one or more of the following legal bases: performance of a contract (to process a requested mint), legitimate interests (security, abuse prevention, analytics), and compliance with legal obligations (sanctions and export-control screening).

Storage, Retention & Security

On-chain records are permanent. Minimal off-chain records used for duplicate-prevention and support are retained only as long as necessary for those purposes and then deleted or de-identified. We implement reasonable administrative, technical, and organizational safeguards; however, no security measures are perfect, and we cannot guarantee absolute security.

Wallet Screening & Geoblocking

For compliance, we may geoblock certain locations and screen wallet addresses against sanctions lists (e.g., OFAC, UK HMT, EU, UN) or risk indicators. Access may be refused or limited where required by law or our policies.

Third-Party Services

We rely on third parties to operate the Service, including:

• Cloudflare (hosting, security, and networking)

• Base blockchain (transaction processing)

• WalletConnect and compatible wallets (wallet connection)

These providers have their own privacy notices and may process data according to their terms.

International Transfers

Where applicable, information may be processed outside your jurisdiction. We use reasonable safeguards for cross-border transfers consistent with applicable law.

Your Choices & Rights

You may disconnect your wallet at any time. Because blockchain records are immutable, on-chain data cannot be altered or deleted. Subject to applicable law, you may contact us to inquire about off-chain records associated with your wallet address.

Children

The Service is intended for adults. Do not use the Service if you are under the age of majority in your jurisdiction.

Changes to This Policy

We may update this Policy from time to time. The “Last Updated” date indicates the latest revision. Your continued use of the Service after changes becomes effective constitutes acceptance of the updated Policy.

Contact

For privacy questions, contact: [email protected]

View Terms of Service → Back to Home