Privacy Policy

Last updated: January 2026

Perpetua Cryptograph is designed to know as little about you as possible.

What We Don't Collect

We don't collect:

• Your name, email, or phone number
• Device identifiers or fingerprints
• IP addresses
• Analytics or usage metrics
• Crash reports
• Any account or login information

We have no customer database.

Apple may collect crash reports and app analytics at the platform level and share aggregated data with developers through App Store Connect. You can opt out of sharing analytics with app developers in Settings → Privacy & Security → Analytics & Improvements.

Network Data

To display your balances and transaction history, the app queries our cache server using your public blockchain addresses. This is the same data visible to anyone on the public blockchain.

We don't link these addresses to your identity, device, or any personal information.

Cached data expires automatically when you stop using the app.

On-Device Data

Your private spending keys are generated and stored exclusively on your Apple Watch and encrypted by a key stored in its Secure Enclave. For Zcash, a viewing key (UFVK) is also stored on your iPhone to allow balance syncing — this key can read your Zcash transactions but cannot spend funds.

Your transaction history, balances, and other wallet configuration are cached unencrypted on your devices.

Push Notifications

To notify you of transaction status and WalletConnect requests, we store your Apple Push Notification token on our server, associated with your public Ethereum and Solana addresses.

APN tokens are opaque identifiers — we can't use them to identify you or your device, and Apple doesn't share that information with us. We use this data solely to deliver transaction notifications. We don't log notification history, and tokens are deleted when you uninstall the app or disable notifications.

Push notifications are optional. If you prefer not to have this association, disable notifications for Cryptograph in your device settings.

Third-Party Services

Cryptograph relies on third-party infrastructure to function. We don't control these services, and each has its own privacy practices. Here's what they can see:

• Cloudflare (CDN and DDoS protection) — sees your IP address and request metadata when you connect to our servers
• Alchemy (Ethereum and Base RPC) — sees your Ethereum and Base address queries and your IP address
• Solana Foundation RPC (Solana mainnet) — sees your Solana address queries and your IP address
• zec.rocks (Zcash lightwalletd) — sees your Zcash address queries and your IP address
• WalletConnect (dApp connections) — sees connection metadata when you connect to dApps, including your public addresses
• CoinGecko (price data) — sees requests for token prices from our servers (not directly from your device)

We've chosen providers with reasonable privacy practices, but we can't guarantee how they handle data. If this concerns you, consider using a VPN to mask your IP address from these services.

Changes

If we ever change this policy, we'll update this page.

To maintain system reliability and app quality, we may change blockchain providers from time to time. Such changes will be noted on this page.

We will not change our policy of sharing only your public blockchain address with third-party providers.

Contact

Questions? Email privacy@perpetua.watch