PantsirПанцирь
Legal

Privacy Policy

Effective: January 1, 2026

Pantsir provides interactive security labs with wallet-enabled subscriptions. This policy explains what we collect, how we use it, and the choices you have.

Scope & Controller

This Privacy Policy applies to the Pantsir website, apps, and APIs (the “Services”). When we say “we” or “us,” we mean Pantsir. Contact:hello@pantisr.cc.

Data We Collect

  • Account data: ID from our auth provider (Privy), email (if provided), display name, linked wallet addresses.
  • Wallet data: Chain, address, on-chain balance and transaction metadata required to show history and process withdrawals/subscriptions. We do not store private keys.
  • Usage and device data: Pages viewed, navigation, approximate timestamps, browser and OS information, and basic diagnostics to secure and improve the Service.
  • Labs activity: Labs joined/completed, attempt correctness, and timing to provide feedback and progress stats.
  • Cookies: Essential cookies for sessions and preferences; optional analytics and marketing cookies if you consent via the cookie banner.

Where Data Comes From

Data comes from you (account details, labs usage), your device (technical data), third parties we integrate with (e.g., Privy for auth/wallet), and public blockchains (on-chain transactions and balances).

How We Use Data

  • Provide, operate, and secure the Services and your account.
  • Provision wallets and process on-chain withdrawals/subscriptions you request.
  • Deliver lab content, track progress, and personalize learning.
  • Monitor performance, debug issues, and prevent fraud/abuse.
  • Communicate updates, respond to support, and run optional newsletter emails.
  • Comply with legal obligations and enforce our Terms.

Legal Bases (GDPR)

  • Contract: To create your account, deliver labs, and process subscriptions.
  • Legitimate interests: Security, product improvement, and fraud prevention.
  • Consent: Optional analytics/marketing cookies and newsletters.
  • Legal obligation: Record-keeping and compliance where required.

Sharing & Processors

We do not sell personal data. We share data with service providers under contract to operate the Services, such as authentication and wallet providers (e.g., Privy), cloud hosting and databases, blockchain RPC providers, email delivery, error monitoring, and analytics (if enabled by you). These providers must process data only on our instructions and with appropriate safeguards.

International Transfers

We may transfer data to countries other than your own. Where required, we use safeguards such as Standard Contractual Clauses and technical controls.

Retention

  • Account and labs data: kept while you maintain an account.
  • Subscription and wallet history: retained for at least the period needed for billing/support and to meet legal obligations.
  • Diagnostics and logs: typically 30–180 days unless extended for security.
  • We may anonymize data for analytics and product improvement.

Security

We use reasonable organizational and technical measures, including encryption in transit, least-privilege access, and auditing. However, no system is perfectly secure.

Your Rights

Depending on your location, you may request access, correction, deletion, restriction or portability of your data, and object to certain processing. You may withdraw consent at any time (e.g., cookie preferences). To exercise rights, contacthello@pantisr.cc.

Cookies

  • Essential: security, sessions, preferences.
  • Analytics (optional): usage insights to improve features.
  • Marketing (optional): measure campaign effectiveness.

Use the cookie banner to manage preferences. Your choice is stored and can be changed at any time.

Blockchains & Wallets

  • On-chain data is public and may be immutable. We cannot edit or delete blockchain records.
  • Wallets are provisioned via our auth/wallet provider. We never store your private keys on our servers.
  • Some transactions may be initiated by server-side session signers only with your authenticated context and instruction (e.g., starting a subscription or withdrawal).

Children

The Services are not directed to children under 16. If you believe a child provided us personal data, contact us to remove it.

Changes to This Policy

We may update this Privacy Policy. Material changes will be communicated and become effective when posted.

Contact

Questions or requests? Email hello@pantisr.cc.

This page summarizes our practices and is not legal advice.