Privacy Policy

1. Introduction

RaidGuard ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our behavioral intelligence services for crypto community management.

By using RaidGuard, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, full name, and password (encrypted) when you create an account.
• Profile Information: Project details, X (Twitter) handles, Telegram groups you manage.
• Communication Data: Messages you send to our support team.
• Payment Information: Processed through third-party payment processors (we do not store credit card numbers).

2.2 Information Collected Automatically

• Log Data: IP address, browser type, operating system, access times, and pages viewed.
• Session Data: Authentication tokens, session identifiers stored securely in Redis.
• Security Events: Login attempts, failed authentications, account lockouts for security monitoring.

2.3 Public Data We Analyze

• Public Social Data: Posts, replies, retweets, likes, quotes, and engagement metrics from X (Twitter) and Telegram (public channels only).
• Profile Information: Publicly available account metadata including follower counts, account creation dates, and bio information.
• Engagement Patterns: Temporal patterns, interaction frequencies, and publicly observable behavioral indicators.
• Note: We do NOT access private messages, private accounts, or any data requiring authentication to social platforms on your behalf.

3. How We Use Your Information

• To provide, maintain, and improve our behavioral intelligence services.
• To analyze engagement patterns and provide risk assessments using proprietary algorithms.
• To send you service-related emails (account verification, password resets, security alerts).
• To prevent fraud, abuse, and unauthorized access to our platform.
• To comply with legal obligations and enforce our Terms of Service.
• To improve our analytical models and detection capabilities (using aggregated, anonymized data only).
• To communicate important updates, new features, and service announcements.
• To maintain audit logs for security, compliance, and troubleshooting purposes.

Important: Our scoring methodologies, algorithms, and analytical techniques are proprietary and confidential. We provide results and insights without disclosing the specific methods used to generate them.

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the data and the context:

• Contract Performance: Processing necessary to provide our services.
• Legitimate Interests: Fraud prevention, security, and service improvement.
• Legal Compliance: Compliance with applicable laws and regulations.
• Consent: Where you have given explicit consent (e.g., marketing emails).

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy:

• Account Data: Retained until you delete your account, plus 90 days for backup purposes.
• Audit Logs: Security events retained for 1 year for compliance and security monitoring.
• Monitoring Events: Stored for 30 days for operational analysis.
• Password Reset Tokens: Automatically deleted after use or expiration (15 minutes).
• Email Verification Tokens: Automatically deleted after use or expiration (24 hours).
• Sessions: Automatically expire after 24 hours of inactivity.

You may request deletion of your data at any time by contacting us at privacy@raidguard.app.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

• Service Providers: Third-party vendors who assist us (email delivery, cloud hosting, payment processing).
• Legal Requirements: When required by law, court order, or legal process.
• Business Transfers: In the event of a merger, acquisition, or sale of assets.
• Protection of Rights: To protect our rights, property, or safety and that of our users.

Third-Party Services We Use:

• Railway: Cloud hosting and infrastructure
• Resend: Transactional email delivery
• PostgreSQL: Database services
• Redis: Session and cache storage

7. Data Sovereignty & What We Don't Do

RaidGuard is an analytics tool, not a surveillance platform. We:

• Do NOT access your private keys or seed phrases.
• Do NOT read private direct messages (DMs) on any platform.
• Do NOT sell your personal data to third-party advertisers.
• Do NOT track your physical location beyond IP-based region for security.
• Do NOT share your data with social media platforms.
• Do NOT use your data for advertising purposes.

8. Security of Your Information

We implement industry-standard security measures to protect your personal information:

• Encryption: All data transmitted over HTTPS with TLS 1.3.
• Password Security: Passwords hashed using Argon2id (memory-hard algorithm).
• Two-Factor Authentication: Optional 2FA using TOTP (Time-based One-Time Passwords).
• Session Security: HttpOnly, Secure, SameSite cookies to prevent XSS and CSRF attacks.
• Rate Limiting: Protection against brute-force and DDoS attacks.
• Monitoring: Automated security monitoring and alerting for suspicious activity.
• Audit Logging: Comprehensive logging of all security-related events.

While we take reasonable steps to protect your information, no security measures are perfect. Please notify us immediately if you suspect unauthorized access to your account.

9. Your Rights (GDPR & CCPA)

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data.
• Correction: Request correction of inaccurate data.
• Deletion: Request deletion of your personal data ("right to be forgotten").
• Portability: Request your data in a machine-readable format.
• Objection: Object to certain types of processing.
• Restriction: Request restriction of processing in certain circumstances.
• Withdraw Consent: Withdraw consent where processing is based on consent.

To exercise these rights, email us at privacy@raidguard.app. We will respond within 30 days.

10. Cookies and Tracking

We use the following cookies:

• Essential Cookies: Required for authentication and security (raidguard_session, CSRF tokens).
• Functional Cookies: Remember your preferences and settings.

We do not use third-party advertising or tracking cookies. Our cookies are essential for service functionality and security.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@raidguard.app.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including:

• EU-US Data Privacy Framework compliance (for US transfers)
• Standard Contractual Clauses approved by the European Commission
• Adequate protection as determined by applicable data protection laws

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on this page
• Updating the "Last Updated" date
• Sending you an email notification (for significant changes)

Your continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Us

For questions, concerns, or to exercise your privacy rights, please contact us:

• Email: privacy@raidguard.app
• Support: support@raidguard.app
• Data Protection Officer: dpo@raidguard.app

Business Name: RaidGuard
Registered: United States
For mailing address or registered agent information, please email legal@raidguard.app