IP-ALL - PRIVACY POLICY

Effective Date: 22 April 2026

1. INTRODUCTION

1.1. This Privacy Policy explains how IP-ALL ("Service", "we", "us", "our") collects, uses, and protects your personal data.

1.2. The Service is operated by:
FOO Shapoval Yevhen Borysovych
Individual Entrepreneur (Ukraine, Kyiv)
Contact: legal@ipforall.com

1.3. By using the Service, you agree to this Privacy Policy.

2. DATA WE COLLECT

2.1 Account Information

  • Email address
  • Authentication data (via Supabase Auth)
  • Blockchain wallet address (if connected)
  • Referral data (referralCode, referredBy, referralCount)

2.2 Content Data

  • Cryptographic hashes submitted by users
  • Metadata (name, isPublicName flag, timestamps)

Important: We do NOT store your original files - only hashes generated on your device.

2.3 Technical Data

  • IP address
  • Browser and device information
  • Cookies and session data

2.4 Analytics Data

  • Usage data collected via Vercel Analytics (anonymous traffic insights)

3. HOW WE USE YOUR DATA

We use your data to:

  • Provide authentication and account management
  • Process and store hash submissions
  • Anchor hashes to blockchain (NEAR Protocol)
  • Enable referral system functionality
  • Improve Service performance and security
  • Prevent abuse and fraud

4. BLOCKCHAIN DATA (CRITICAL NOTICE)

4.1. Submitted hashes may be anchored to the NEAR blockchain.

4.2. Blockchain data is:

  • Public
  • Immutable (cannot be deleted or altered)
  • Stored permanently outside our control

4.3. Even if you delete your account, blockchain records remain.

5. DATA SHARING AND THIRD PARTIES

We use third-party providers:

  • Supabase - authentication and database
  • Vercel - hosting and analytics
  • Upstash - rate limiting
  • NEAR Protocol - blockchain anchoring

We do NOT sell your personal data.

6. INTERNATIONAL DATA TRANSFERS

Your data may be processed in:

  • United States
  • European Union
  • Other jurisdictions where our providers operate

These locations may have different data protection laws.
We rely on standard safeguards provided by our vendors.

7. DATA RETENTION

We retain your data:

  • While your account is active
  • Up to 30 days after account deletion

Exceptions:

  • Blockchain data cannot be deleted
  • Legal obligations may require longer storage

8. YOUR RIGHTS (GDPR)

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Data portability

To exercise your rights:
Send an email to legal@ipforall.com with subject:
"GDPR Request"

We will respond within 30 days.

9. COOKIES

We use cookies for:

  • Authentication (Supabase session cookies)
  • Security and rate limiting
  • Analytics (Vercel)

See our Cookie Policy for details.

10. DATA SECURITY

We implement reasonable security measures, including:

  • Encryption in transit (HTTPS)
  • Secure authentication via Supabase
  • Access controls and rate limiting

However, no system is 100% secure.

11. DATA BREACH NOTIFICATION

In case of a data breach:

  • We will notify affected users within 72 hours if required by law
  • We will take immediate steps to mitigate the issue

12. CHILDREN'S PRIVACY

The Service is not intended for users under 18.
We do not knowingly collect data from minors.

13. LANGUAGE

This Privacy Policy is provided in English.
Other translations may be provided for convenience, but the English version prevails.

14. CHANGES TO THIS POLICY

We may update this Privacy Policy at any time.
Changes will be posted on this page with an updated date.

15. CONTACT

For any questions or requests:

Email: legal@ipforall.com
Operator: FOO Shapoval Yevhen Borysovych
Location: Kyiv, Ukraine