Privacy Policy

Last updated: September 23, 2025

This Privacy Policy explains how Token Pages (the “Service”), a service by Altivia Ltd (“we”, “us”, “our”), collects and processes information when you use tokenpages.info. It is written with EU/EEA (GDPR) users in mind and applies globally. This is not legal advice—adapt as needed for your circumstances.

Who we are

• Controller: Altivia Ltd
• Contact (privacy): contact@tokenpages.info

What we collect and why

We aim to collect as little personal data as possible.

1) Service & security events (server-side)

• Data: timestamps, request URLs, referrer, user-agent, and IP addresses hashed with a salt (no raw IP kept in click logs).
• Purpose: operate the Service; detect abuse/fraud; generate aggregated usage metrics; debugging and incident response.
• Legal basis (GDPR): Legitimate interests (Art. 6(1)(f)).

2) Click tracking (outbound CTAs)

• Data: hashed IP + UA, request path, partner link type, UTM parameters, daily partition key.
• Purpose: measure link performance and prevent abuse; attribute affiliate revenue.
• Legal basis: Legitimate interests (Art. 6(1)(f)).

3) Local storage / preferences (client-side)

• Data: theme preference (light/dark) and similar essentials only.
• Purpose: user experience.
• Legal basis: Legitimate interests (essential UX preferences under ePrivacy).

4) Optional analytics (if enabled)

• Data: page views, device/locale information, referrers; we prefer cookieless and aggregated analytics.
• Purpose: understand usage to improve the Service.
• Legal basis: Legitimate interests (if cookieless and aggregated) or Consent if non-essential cookies are used.

5) User messages (e.g., “Claim this page”)

• Data: the contents you submit (e.g., email, name, token relation), and technical metadata.
• Purpose: respond to your request.
• Legal basis: Contract / Legitimate interests.

Sources of data

• Directly from your device/browser when you access the Service.
• From your submissions (e.g., forms).
• From public blockchains and public websites (token metadata).

Sharing and processors

We use reputable subprocessors to run the Service:

• Microsoft Azure (EU/EEA region where available): hosting, storage, serverless compute, logging.
• Azure OpenAI (optional summarization): processes token text to generate TL;DR.
• CDN / Hosting providers (if applicable): to deliver static assets.
• Analytics vendor (if enabled): cookieless analytics preferred.

We only share personal data with processors under data processing agreements; we do not sell personal data. Some providers may transfer data outside the EEA. Where this occurs, we rely on adequacy decisions or Standard Contractual Clauses (SCCs).

Retention

• Click logs (hashed IP/UA): up to 13 months unless needed longer for security or legal reasons.
• Server logs: typically 30–180 days.
• User messages: as long as needed to address your request.
• Public token data: indefinitely (public-source facts, not personal data).

Your rights (GDPR)

You may have the right to access, rectify, erase, restrict, object, and port your personal data. Contact us at contact@tokenpages.info. You also have the right to lodge a complaint with your local supervisory authority.

Children’s privacy

The Service is not directed to children.

Security

We use industry-standard measures: scoped storage (Azure Blob/Table), salted hashes for IP in click logs, least-privilege access, and transport encryption. No method is 100% secure.

International transfers

Where data is transferred outside the EEA, we rely on appropriate safeguards (SCCs or adequacy decisions).

Changes to this Policy

We may update this Policy from time to time. We will update the “Last updated” date and provide a notice for material changes.

Contact

For questions or rights requests: contact@tokenpages.info

Token Pages is a service by Altivia Ltd.