Privacy Policy

Effective Date: 2025-01-01

Pieverse ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share information about you when you use our services, including the Pieverse platform.

Information We Collect

• Personal information (such as name, email, and profile picture) when you sign up via OAuth or wallet providers
• Wallet address and authentication tokens for login and security
• Calendar event data (only if you connect your Google Calendar) is collected and stored to provide calendar integration features. We do not share or sell your calendar data
• Usage data and cookies for analytics and service improvement

How We Use Your Information

• To provide, maintain, and improve our services
• To authenticate users and secure accounts
• To communicate with you about updates or support
• To analyze usage and improve user experience

Third-Party Services

We may use third-party services such as OAuth providers (Google, Apple, Twitter, etc.) for authentication and PostHog for analytics. These services may collect data under their own privacy policies. When you connect your Google Calendar, we only access your events with your explicit consent and do not store your calendar data permanently.

Cookies and Tracking

We use cookies and similar technologies to authenticate users, maintain sessions, and analyze usage. You can control cookies through your browser settings.

Data Protection and Security

We implement comprehensive data protection mechanisms to safeguard your sensitive information:

• Encryption: All sensitive data, including wallet addresses, authentication tokens, and personal information, is encrypted both in transit (using TLS 1.3) and at rest (using AES-256 encryption)
• Access Controls: We implement role-based access controls and multi-factor authentication for all administrative access to user data
• Data Minimization: We collect and retain only the minimum amount of data necessary to provide our services
• Secure Infrastructure: Our systems are hosted on secure cloud infrastructure with regular security audits and monitoring
• Authentication Security: JWT tokens are securely generated with appropriate expiration times and are stored using secure, httpOnly cookies
• Calendar Data Protection: Google Calendar data is accessed only with explicit user consent, processed in memory when possible, and never permanently stored without user permission
• Blockchain Security: Wallet interactions use industry-standard security practices, and private keys are never stored on our servers
• Regular Security Updates: We maintain up-to-date security patches and conduct regular vulnerability assessments
• Data Breach Response: We have established procedures for detecting, responding to, and notifying users of any potential data breaches within 72 hours

Tax-Compliant Receipts (Zero-Storage Policy)

When generating tax-compliant receipts for cryptocurrency invoices, you may optionally enter tax-related information such as:

• Jurisdiction (country and state/province)
• Transaction type (income, expense, capital gain/loss, etc.)
• Tax identification numbers (TIN, EIN, VAT numbers)
• Business information (name, address)
• Transaction categorization

Important: We do NOT store any of this tax information on our servers. All tax-related data you enter is:

• Processed client-side only: Tax information is processed entirely in your browser using JavaScript
• Used for PDF generation only: The data is used solely to generate your tax-compliant receipt PDF document
• Never transmitted to servers: No API calls are made with your tax information; it never leaves your device
• Immediately discarded: After the PDF is downloaded, all tax information is removed from browser memory
• No logging or analytics: We do not track, log, or analyze what tax information you enter

This zero-storage approach ensures maximum privacy and gives you complete control over your sensitive tax information. Our open-source code allows you to verify that no data is sent to our servers.

Data Retention and Deletion

We retain your personal data only for as long as necessary to provide our services or as required by law. You can request deletion of your account and associated data at any time. Upon deletion request, we will:

• Remove your personal information from our active databases within 30 days
• Securely delete backup copies within 90 days
• Maintain only anonymized usage statistics that cannot be linked back to you

Your Rights

You may request access, modification, or deletion of your personal data by contacting us at support@pieverse.io. We will respond to your request within 30 days.

Contact

If you have questions or concerns about this Privacy Policy, please contact us at: support@pieverse.io