Privacy Policy

Effective November 27, 2025
Navigation

Privacy by Design

UMBRAI's commitment to your digital sovereignty

Zero-Knowledge Proofs
No Personal Data Collection
End-to-End Encryption

Our Promise: Your privacy is not optional—it's fundamental. We built UMBRAI from the ground up with zero-knowledge technology to ensure your financial activities remain completely private and secure.

1. Privacy Commitment

At UMBRAI, privacy is not just a feature—it's our foundation. We are committed to protecting your digital sovereignty through cutting-edge zero-knowledge proof technology.

Our core privacy principles:

  • Zero-knowledge proofs ensure transaction privacy by default
  • No personal data collection without explicit consent
  • End-to-end encryption for all communications
  • Decentralized architecture eliminates single points of failure
  • Open-source codebase for complete transparency
  • Regular security audits by independent experts

    • This Privacy Policy explains how we handle your information when you use UMBRAI's privacy platform on Solana.

    2. Information We Don't Collect

    Thanks to our zero-knowledge architecture, UMBRAI is designed to minimize data collection. We do NOT collect:

  • Personal identification information (name, email, phone)
  • IP addresses or location data
  • Device information or browser fingerprints
  • Transaction amounts or counterparties
  • Wallet balances or portfolio information
  • Communication content or messages
  • Behavioral analytics or tracking data

    • Our zk-SNARK technology allows us to verify transactions without learning anything about them, maintaining complete privacy.

    3. Minimal Data We Process

    The only data we process is what's technically necessary for platform operation:

  • Encrypted transaction proofs (zero-knowledge)
  • Network connection data for protocol functionality
  • Smart contract interaction records (anonymized)
  • System performance metrics (aggregated)
  • Security event logs (temporarily, for threat detection)

    • All processed data is:

  • Encrypted at rest and in transit
  • Automatically deleted after retention periods
  • Never linked to personal identities
  • Stored in decentralized networks when possible
    • 4. Zero-Knowledge Technology

    UMBRAI leverages advanced zero-knowledge proof systems to ensure privacy:

    zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge):

  • Prove transaction validity without revealing details
  • Verify correctness without learning inputs
  • Maintain computational efficiency
  • Enable private smart contract execution

    • Implementation details:

  • Groth16 proof system for optimal efficiency
  • Trusted setup with multi-party computation
  • Periodic ceremony updates for enhanced security
  • Open-source cryptographic implementations

    • This technology ensures that your financial activities remain completely private while maintaining blockchain integrity.

    5. User Rights and Control

    You maintain complete control over your data and privacy:

    Data Portability:

  • Export your transaction history at any time
  • Download encrypted proofs and records
  • Migrate to compatible privacy platforms

    • Access and Correction:

  • Review all data associated with your accounts
  • Request corrections to any inaccurate information
  • Delete your data and accounts permanently

    • Consent Management:

  • Granular control over data sharing preferences
  • Real-time consent withdrawal capabilities
  • Clear explanations of data usage purposes

    • Privacy Settings:

  • Customizable privacy levels for different activities
  • Advanced anonymity controls
  • Plausible deniability options
    • 6. Cookies and Tracking

    UMBRAI minimizes the use of cookies and tracking technologies:

    Essential Cookies Only:

  • Session management for security
  • Authentication state preservation
  • Anti-CSRF protection

    • No Tracking Cookies:

  • No advertising or analytics cookies
  • No third-party tracking scripts
  • No cross-site tracking mechanisms
  • No behavioral profiling

    • Local Storage:

  • Privacy settings stored locally
  • Encrypted wallet connections
  • User preferences only

    • You can control cookies through your browser settings, though disabling essential cookies may affect platform functionality.

    7. Data Security Measures

    We implement industry-leading security measures to protect your privacy:

    Encryption Standards:

  • AES-256 encryption for data at rest
  • TLS 1.3 for data in transit
  • End-to-end encryption for communications
  • Zero-knowledge encryption for sensitive operations

    • Infrastructure Security:

  • Decentralized node architecture
  • Multi-cloud deployment strategy
  • Regular penetration testing
  • Bug bounty program for vulnerability discovery

    • Access Controls:

  • Principle of least privilege
  • Multi-factor authentication requirements
  • Regular access reviews
  • Comprehensive audit logging

    • Compliance:

  • GDPR-aligned privacy practices
  • CCPA compliance for California residents
  • Regular third-party security audits
  • ISO 27001 information security management
    • 8. Data Retention and Deletion

    We follow strict data minimization and retention principles:

    Automatic Deletion:

  • Transaction proofs deleted after verification
  • Temporary logs cleared within 24 hours
  • Cache data expired automatically
  • Session data destroyed on logout

    • User-Initiated Deletion:

  • Immediate account deletion upon request
  • Complete data removal within 30 days
  • Verification of deletion completion
  • Certificate of data destruction

    • Legal Requirements:

  • Data retained only as required by law
  • Minimum necessary retention periods
  • Secure disposal after retention expires
  • Legal challenge procedures for data requests

    • We never sell, rent, or share your personal information with third parties for marketing purposes.

    9. Third-Party Services

    UMBRAI carefully selects third-party services that respect privacy:

    Smart Contract Auditors:

  • CertiK for security audits
  • Trail of Bits for cryptographic reviews
  • OpenZeppelin for standard compliance

    • Infrastructure Providers:

  • Decentralized storage networks (IPFS, Arweave)
  • Privacy-focused cloud providers
  • End-to-end encrypted communication tools

    • No Data Sharing:

  • We never share user data with advertisers
  • No data brokers or marketing partnerships
  • No analytics services that track users
  • No social media integration that exposes data

    • All third-party services undergo rigorous privacy and security assessments before integration.

    10. International Data Transfers

    Our decentralized approach minimizes international data transfers:

    Local Processing:

  • Zero-knowledge proofs generated locally
  • No personal data to transfer internationally
  • Edge computing for regional processing
  • Decentralized node networks

    • Global Infrastructure:

  • Distributed node deployment
  • Regional data processing centers
  • Privacy-preserving cross-border protocols
  • Compliance with international data protection laws

    • Data Residency:

  • User control over data storage location
  • Regional compliance options
  • Cross-border transfer restrictions
  • Local data processing preferences

    • We ensure that international data transfers comply with GDPR, CCPA, and other applicable regulations.

    11. Children's Privacy

    UMBRAI is not intended for children under 18 years of age:

    Age Restrictions:

  • Platform restricted to users 18 and older
  • Age verification through wallet connection
  • No collection of information from minors
  • Immediate removal of any underage user data

    • Parental Controls:

  • No parental account management features
  • No child-specific services or content
  • No educational or minor-oriented features

    • If we become aware of collecting information from children under 18, we will immediately delete such information and terminate the account.

    Parents concerned about their children's online privacy should contact us at office@umbrai.dev.

    12. Privacy Policy Updates

    We may update this Privacy Policy to reflect changes in our practices or legal requirements:

    Notification Process:

  • Email notifications for significant changes
  • In-platform announcements for updates
  • Website notifications for policy revisions
  • 30-day notice for material changes

    • Change Categories:

  • Minor updates: Clarifications and corrections
  • Moderate changes: New features or practices
  • Major revisions: Fundamental privacy practice changes

    • User Rights:

  • Continue using current version during notice period
  • Option to terminate account for major changes
  • Export data before policy changes take effect
  • Clear explanation of all modifications

    • This Privacy Policy was last updated on November 27, 2025, and is effective immediately.

    Contact Our Privacy Team

    For privacy-related questions or concerns:

    Email: privacy@umbrai.dev

    Twitter: https://x.com/umbraitech

    Telegram: dsr@umbrai.dev

    Github: privacy.umbrai.dev

    Response Time: We respond to all privacy inquiries within 48 hours and resolve data subject requests within 30 days, as required by law.