Legal · Effective 14 July 2026

Privacy Policy

01

Overview

This Privacy Policy explains what personal data Fienl (“Fienl”, “we”, “us”) collects, how we use and protect it, and the rights you have over it. It applies to the Fienl website, application, and API. We collect as little as the Service needs to work — we are an analytics tool for public blockchain data, not a data broker.

02

Data we collect

Account data: your email address and a one-way hash of your password (or, for Google sign-in, your email and the fact that you authenticated via Google). Usage data: the wallet addresses you trace, the chain, and the reports we generate, stored in your account history. Billing data: your plan, credit balance, and payment status — card and crypto payment details are handled by our payment processor and are not stored by us. Technical data: basic logs, timings, and error information needed to operate and secure the Service.

03

What we do not collect

We do not ask for your legal name, your wallet private keys, government identification, or proof of who you are. The wallet addresses you trace are public blockchain data — analysing them reveals information about on-chain activity, not about your personal identity.

04

How we use your data

We use your data to authenticate you and maintain your session; to run traces and store their results in your history; to enforce plan limits and process payments; to send transactional and monitoring-alert emails you have enabled; to detect abuse and secure the Service; and to comply with legal obligations. We do not sell your data, and we do not use your traced addresses to build a profile of you.

05

Legal bases

Where data-protection law such as the GDPR applies, we process personal data on the basis of contract performance (to provide the Service you signed up for), legitimate interests (to secure and improve the Service and prevent abuse), consent (for optional communications, which you can withdraw), and legal obligation (where the law requires it).

06

AI processing of trace data

To write the investigation narrative, factual data derived from the transaction graph — addresses, flows, and risk flags — is sent to a large-language-model provider. That provider receives graph facts only, never your account identity, password, or email. We instruct the model to reason only over the supplied facts and not to retain the content beyond generating the response.

07

Sharing & subprocessors

We do not sell personal data. We share it only with the infrastructure and service providers that make the Service run — hosting and edge compute, database and cache, blockchain data providers, the AI provider, the email provider, and the payment processor — each under their own confidentiality and data-protection obligations, and only to the extent needed to perform their function. We may also disclose data where compelled by valid legal process or to protect the rights and safety of Fienl and its users.

08

Cookies

We use a single essential, httpOnly session cookie to keep you signed in. It is not used for advertising or cross-site tracking. Disabling it will prevent you from staying logged in.

09

Retention

Account data is retained while your account is active. Traces and reports remain in your history until you delete them or close your account. Verification codes and sessions expire automatically. When you delete your account we remove your personal data within a reasonable period, except where we must retain limited records to meet legal, tax, or security obligations.

10

Security

Passwords are stored only as salted PBKDF2 hashes; sessions use httpOnly, secure cookies; traffic is encrypted in transit; and API keys and payment credentials are held as protected secrets. No system is perfectly secure, but we apply industry-standard measures and review them as the Service grows.

11

Your rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data, to object to or restrict certain processing, and to withdraw consent. You can export your investigation history as CSV and change your password from your account settings, and you can exercise other rights by emailing hello@fienl.com. You also have the right to complain to your local data-protection authority.

12

International transfers

Fienl runs on globally distributed edge infrastructure, so your data may be processed in countries other than your own. Where required, we rely on appropriate safeguards for such transfers.

13

Children

The Service is not directed to anyone under 18, and we do not knowingly collect data from children. If you believe a minor has provided us data, contact us and we will delete it.

14

Changes

We may update this Policy. Material changes will be posted here with a new effective date; continued use of the Service after changes take effect constitutes acceptance.

15

Contact

Privacy questions or requests: hello@fienl.com.