Privacy Policy

What we collect

• Wallet public key — your account identifier.
• Profile data — display name, role, blood type, country, city, optional bio.
• Messages — content of in-app messages between matched users.
• Operational data — IP address and user-agent for rate limiting and abuse detection (kept 30 days).

What we never collect

• Your wallet private key or seed phrase.
• Detailed medical history beyond the fields above.
• Government identification documents.
• Payment information (the platform is free).

How we use it

Profile data powers compatibility matching. Messages stay between you and your match — KDS staff cannot read them in plaintext. Operational data is used only for security, never for marketing.

What goes on-chain

Only consent records and pseudonymous match identifiers. No personal data, no medical information, no message content is ever written to the blockchain.

Sharing

We do not sell, rent, or share your data with insurers, advertisers, or third-party brokers. We share data only with: (a) other users you have explicitly matched and consented with, (b) authorities under valid legal process, (c) service providers strictly required to operate the platform (hosting, error tracking) bound by data processing agreements.

Your rights

You can view, edit, export, or delete your profile data at any time from the profile page. To exercise rights under GDPR, CCPA, or other applicable law, write to privacy@kidneydonorswap.example.

Retention

Profile data is kept until you delete your account. Operational logs are kept 30 days. On-chain consent records cannot be deleted (cryptographic immutability) but become unlinked from your identity when you delete the account.