Are you an LLM? Read llms.txt for a summary of the docs, or llms-full.txt for the full context.
Skip to content

Privacy Policy

Last Updated: March 6, 2025

About Us

Cloaked Technologies, Inc. ("Cloaked", "we", "us") operates services through clkd.xyz, app.clkd.xyz, recovery.clkd.xyz, api.clkd.xyz, clkd.id, and related domains. We serve as the data controller for personal data processed through our services. This policy applies to all users of Cloaked's web application, mobile application, APIs, and SDKs.

1. Personal Data We Collect

1.1 Information You Provide

  • Passkey / WebAuthn credential metadata — credential ID and public key (used for authentication)
  • Backup data — encrypted and held by you; we do not retain a copy
  • ENS names or subdomains you register through the service
  • Contact details — email address, if you subscribe to updates, join a waitlist, or contact us (collected separately from your account data)

1.2 Information Collected Automatically

  • Device and browser information — user-agent, platform, screen size
  • IP address — used for rate limiting and abuse prevention; not stored long-term
  • Session and authentication tokens — for maintaining your authenticated session
  • Usage data — pages visited, features used, error logs (for debugging and service improvement)

1.3 Blockchain Data

  • Public wallet addresses — including stealth addresses associated with your account
  • On-chain transaction data — publicly available on supported EVM-compatible blockchains
  • Token balances and transaction history — indexed from public blockchain data

Blockchain data is publicly accessible by nature. Our indexing of this data does not change its public status.

1.4 Information We Do NOT Collect

  • Private keys — your spending capability never leaves your device
  • PRF secrets or raw biometric data — processed entirely on your device by the platform's WebAuthn implementation
  • PINs — PINs are handled entirely on your device and are never transmitted to or stored by Cloaked

There is no obligation to provide personal data. However, the services cannot function without the data strictly necessary for their operation (e.g. passkey credentials for authentication).

2. How We Collect Information

We collect information through:

  • Account creation and service usage
  • Website and application interactions
  • API and SDK usage
  • Electronic correspondence with us
  • Blockchain indexing (publicly available data)

3. Legal Basis and Purposes

We process your personal data on the following legal bases:

Contract Performance — To provide and operate the services, including authentication, stealth address management, transaction construction, balance tracking, and customer support.

Consent — For service analysis, personalization, newsletters, and promotional communications. You may withdraw consent at any time.

Legitimate Interests — To maintain and improve our infrastructure, develop new features, detect and prevent security threats, and ensure service reliability.

Legal Compliance — To comply with applicable laws and regulations, respond to legal requests, and enforce our Terms of Service.

4. Data Retention

We retain personal data for as long as it is needed for the purposes for which it was collected and in accordance with legal and regulatory requirements. When personal data is no longer necessary, it is deleted or anonymized.

Blockchain data is permanent by nature and cannot be deleted from public blockchains.

5. Data Recipients

We may share personal data with third-party service providers who assist in operating the services. These include:

  • Cloud infrastructure providers (e.g. AWS, Hetzner) — for hosting and data storage
  • Blockchain RPC providers (e.g. Alchemy) — for blockchain network access
  • Third-party protocols (e.g. Uniswap) — for swap routing (only public blockchain data)
  • Analytics providers — for usage analytics (if applicable)

Service providers receive access only to the data necessary for their specific function and are bound by confidentiality obligations.

6. Data Transfers

Personal data may be transferred to and processed in the United States, the European Union/EEA, and other jurisdictions. For transfers to jurisdictions that lack an adequacy decision, we implement appropriate safeguards, which may include standard contractual clauses or other approved transfer mechanisms.

7. Data Security

We implement reasonable technical and organizational security measures to protect your data against unauthorized access, manipulation, loss, or disclosure. These include encryption at rest and in transit, access controls, and regular security assessments.

Our passkey-based authentication model means there are no passwords to be compromised. Employees and service providers with data access are bound by confidentiality obligations and must comply with applicable data protection laws.

8. Cookies and Local Storage

We use:

  • Session cookies — to maintain your authenticated session
  • Local storage — for wallet state, preferences, and application data
  • Analytics cookies — only with your consent

We do not use third-party tracking cookies.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Right of Access — Request a copy of the personal data we hold about you.

Right to Rectification — Request correction of inaccurate or incomplete personal data.

Right to Erasure — Request deletion of your personal data when it is no longer necessary or was unlawfully processed.

Right to Restriction — Request that we limit processing of your personal data in certain circumstances.

Right to Data Portability — Request that your personal data be provided to you or another controller in a structured, commonly used, machine-readable format.

Right to Object — Object to processing of your personal data based on legitimate interests.

Right to Withdraw Consent — Withdraw consent at any time for processing based on consent, including marketing communications.

Right to Lodge a Complaint — File a complaint with a supervisory data protection authority in your jurisdiction.

To exercise any of these rights, contact us at dev@clkd.xyz. We may need to verify your identity before processing your request.

10. Third-Party Links and Services

Our services may contain links to third-party websites or services (e.g. ENS, Uniswap, Porto). We have no control over the content, privacy policies, or practices of these third-party services and assume no responsibility for them.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know — You may request the categories and specific pieces of personal information we have collected about you.
  • Right to Delete — You may request that we delete your personal information, subject to certain exceptions.
  • Right to Opt-Out — You have the right to opt out of the "sale" or "sharing" of your personal information. Cloaked does not sell or share your personal information as defined under the CCPA.
  • Right to Non-Discrimination — We will not discriminate against you for exercising any of your CCPA rights.

To exercise these rights, contact us at dev@clkd.xyz.

12. Children's Privacy

The services are not intended for users under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

13. Email Notifications

If you subscribe to our newsletter or updates, we will send communications based on your consent. These communications may contain tracking pixels to measure open rates and engagement. You can unsubscribe at any time via the unsubscribe link in any email or by contacting us.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes become effective upon posting to our website. Where changes are material, we will make reasonable efforts to notify you (e.g. via email or an in-app notice).

15. Contact Us

For questions or requests regarding this Privacy Policy, contact us at:

Cloaked Technologies, Inc. dev@clkd.xyz