1. Introduction

Welcome to Poppin. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our browser extension and services.

Key Principle: Your Data Stays Yours

• We do not store, sell, or use your personal data for commercial purposes
• We do not save personal information on our servers
• We only process data necessary to provide real-time services

2. Information We Collect

2.1 Information You Provide

• Account Information: Username, email address (optional), profile picture (optional)
• User Content: Posts, comments, chat messages, and reactions you create
• Wallet Information: Public wallet address (if you use crypto features)

2.2 Automatically Collected Information

• Usage Data: Pages you visit (URL data), features you use, time spent
• Device Information: Browser type, operating system, device identifiers
• Technical Data: IP address (temporary, for service delivery), timestamps

2.3 Information from Third Parties

• Blockchain Data: Publicly available on-chain transaction data for quest verification
• OAuth Providers: If you sign in with a third-party service (e.g., Google), we receive basic profile information they share

3. How We Use Your Information

We use collected information to:

3.1 Provide the Service

• Enable real-time chat and posting features
• Connect you with other users on the same webpage
• Verify completed quests using blockchain data
• Manage your account and preferences

3.2 Improve the Service

• Analyze usage patterns to enhance features
• Fix bugs and technical issues
• Develop new features based on user behavior

3.3 Communicate with You

• Send service updates and announcements
• Respond to your inquiries and support requests
• Notify you of account activity (if enabled)

3.4 Safety and Security

• Prevent fraud, spam, and abuse
• Enforce our Terms of Service
• Protect against security threats

What We DON'T Do:

• ❌ Sell your data to third parties
• ❌ Use your data for advertising or marketing
• ❌ Store personal information longer than necessary
• ❌ Share data with advertisers or data brokers

4. Data Storage and Retention

4.1 Minimal Storage

We practice data minimization:

• Real-time Processing: Most data is processed in real-time and not stored
• Temporary Storage: Technical data (like IP addresses) is stored only as long as needed to deliver the service
• User Content: Posts and messages are stored to display them to other users, but can be deleted by you at any time

4.2 Retention Periods

• Account Data: Retained while your account is active
• User Content: Retained until you delete it
• Technical Logs: Typically deleted after 30 days
• Deleted Accounts: Data is permanently deleted within 90 days of account deletion

5. How We Share Your Information

5.1 Public Information

• Posts and comments you make are visible to other Poppin users on the same page
• Your username and profile picture (if set) are visible to users you interact with
• Your leaderboard ranking and badges may be publicly displayed

5.2 With Your Consent

• Connecting your wallet to external DApps
• Participating in token-gated communities
• Using third-party integrations (e.g., Kalshi predictions)

5.3 Service Providers

• Host our infrastructure (e.g., cloud services)
• Provide customer support tools
• Process payments (if applicable)

These providers are contractually obligated to protect your data and use it only for specified purposes.

5.4 Legal Requirements

• Responding to valid legal requests (subpoenas, court orders)
• Protecting our rights or property
• Preventing fraud or abuse
• Complying with regulatory obligations

5.5 Business Transfers

If Poppin is involved in a merger, acquisition, or sale of assets, user data may be transferred. We will notify you of any such change and your options.

6. Blockchain and Cryptocurrency

6.1 Public Blockchain Data

• Blockchain transactions are public and permanent
• We may use publicly available on-chain data to verify quest completion
• Wallet addresses you use are visible on the blockchain

6.2 Embedded Wallet

• Your embedded wallet private keys are encrypted and stored locally in your browser
• We do not have access to your private keys or wallet recovery phrases
• You are solely responsible for wallet security

7. Cookies and Tracking Technologies

7.1 Cookies We Use

• Essential Cookies: Required for the Service to function (e.g., authentication)
• Analytics Cookies: Help us understand how users interact with Poppin (aggregated, anonymized data)

7.2 Your Cookie Choices

You can control cookies through your browser settings. Note that disabling essential cookies may prevent certain features from working.

7.3 Do Not Track

We respect Do Not Track (DNT) signals. When DNT is enabled, we will not use analytics or tracking cookies.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

8.1 Access and Portability

• Request a copy of your personal data
• Export your data in a machine-readable format

8.2 Correction

Update or correct inaccurate information

8.3 Deletion

• Request deletion of your account and data
• Delete individual posts or messages

8.4 Opt-Out

• Disable optional data collection features
• Unsubscribe from communications

8.5 Object or Restrict Processing

• Object to certain data processing activities
• Request restrictions on how we use your data

To exercise these rights, contact us at: privacy@poppin.so

9. International Data Transfers

Poppin operates globally, and your data may be processed in countries other than your own. We ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by relevant authorities
• Your explicit consent where required

10. Children's Privacy

Poppin is not directed at children under 13. We do not knowingly collect data from children under 13. If we learn that we have collected such data, we will delete it immediately.

If you believe a child under 13 has provided us with personal information, contact us at: privacy@poppin.so

11. Data Security

We implement industry-standard security measures to protect your data:

• Encryption: Data in transit is encrypted using TLS/SSL
• Access Controls: Limited employee access to personal data
• Regular Audits: Security reviews and vulnerability testing
• Incident Response: Procedures to respond to data breaches

However, no system is 100% secure. You are responsible for keeping your account credentials safe.

12. Third-Party Links and Services

Poppin may contain links to third-party websites and integrate with external services. We are not responsible for the privacy practices of these third parties. Please review their privacy policies before sharing information with them.

13. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: What personal information we collect and how we use it
• Right to Delete: Request deletion of your personal data
• Right to Opt-Out: We do not sell personal information, so no opt-out is needed
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise your CCPA rights, email: privacy@poppin.so

14. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing:

• Consent: For optional features you enable
• Contractual Necessity: To provide the Service you requested
• Legitimate Interests: To improve and secure the Service

Your GDPR Rights:

• Access, rectification, erasure, restriction, portability, objection
• Withdraw consent at any time
• Lodge a complaint with your local data protection authority

Data Controller: Poppin Social, Inc, info@poppin.so

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on our website
• Providing notice through the Service
• Sending an email (if applicable)

Your continued use of Poppin after changes indicates acceptance of the updated policy.

16. Contact Us

For privacy-related questions or requests, contact us at: