Privacy Policy | TWZRD
This page explains, in plain words, what information TWZRD collects and why. TWZRD runs a trust rail for agent payments: a free preflight check that helps an agent vet a counterparty before paying over the x402 standard, and signed receipts it can verify afterward. TWZRD is operated by TWZRD, Inc., a Delaware corporation, which is the data controller for the information described here.
Just visiting the site
When you load twzrd.xyz, we get the usual technical info any website sees: your IP address, browser type, when you visited, and which pages. If you use the contact form, we keep the email and message so we can reply.
We don't sell or trade your info to advertisers or data brokers.
Signing in or linking a wallet
If you connect a wallet, we only get what you choose to share — usually a public address plus a signature to prove it's yours. We use Privy as our sign-in and embedded-wallet provider; you can read how they handle data in the Privy privacy policy.
- Wallets are self-custodial — you control them, not us.
- Private keys are split into shares (sharded). The full key is never assembled by us.
- TWZRD never has access to your private keys.
Data for the trust rail
TWZRD builds its counterparty reputation from public, on-chain payment activity. When wallets pay each other over x402 on Solana, those payments are already public on the blockchain. We read that public activity — through Solana data providers such as Helius and public on-chain records — and organize it so an agent can ask a simple question: is this counterparty safe to pay?
This is wallet-level information only: public addresses and how they have transacted. It is not personal data. We do not collect names, emails, or identities to build the graph, and we do not try to figure out who is behind a wallet.
Receipts
When an agent buys a trust receipt, we issue a signed credential (our V6 receipt format) describing what we observed about a counterparty. Receipts are portable and user-controlled:
- You can store them, share them, and reuse them.
- You can verify them offline with our open verifier library — you don't need to come back to us to check one.
- We keep a copy so a receipt can be re-served if you ask, but the receipt is yours to hold.
Reputation signals
From the public payment patterns above, we derive trust signals — for example, to flag wallets that look like they are wash-trading or gaming the system. We tell you what a signal means, not the exact method behind it. These signals are about on-chain behavior, never about a person.
Agents and AI
Most of the trust rail's users are software agents, not people. The rail does not profile individuals. It works only with public wallet addresses and their public on-chain activity. We do not use your data to train models about you, and we do not build advertising profiles.
Public things stay public
If you do something on a public blockchain or ledger, that part is public by nature and can't be hidden or deleted by us. We only mention this because it's how those systems work.
Our APIs
Our API surfaces (such as api.twzrd.xyz and intel.twzrd.xyz) log basic usage and security info so we can keep things running smoothly. Paid calls use the x402 payment standard and may go through third-party processors who have their own rules.
Cookies and local storage
We use functional cookies and browser local storage to make the site work — not for cross-site advertising. This includes:
- Session and sign-in storage, including the Privy wallet device share, so your wallet works across visits.
- Small preferences, such as remembering that you dismissed a banner.
- Cloudflare cookies used for analytics and security (for example, to help block abuse).
We do not use cross-site ad tracking, and we do not sell this data to advertisers.
Who helps us run the service (sub-processors)
To operate TWZRD, some data may be processed by trusted service providers. The main ones are:
- Privy — sign-in and embedded wallets.
- Cloudflare — content delivery, security, and analytics.
- Helius — Solana data, on-chain reads, and payment activity feeds.
- Coinbase / CDP — onramp or payments, where used.
- Payment processors — for paid API calls.
These providers process data only to help us run the service, and they have their own privacy terms.
What we don't collect
- No passwords or private keys.
- No tracking your browsing outside TWZRD sites.
- No attempt to identify the person behind a wallet.
- No selling your data to advertisers.
How long we keep things
We hold onto info only as long as we need it to run the service, answer you, stop abuse, or follow the law. You can ask us to delete what we control by emailing the address below. Public ledger records can't be removed by us.
Your data rights
You can ask us to:
- Access the personal data we hold about you.
- Delete data we control (subject to legal limits).
- Object to or limit certain uses of your data.
- Remove a wallet's intel record from our systems. The underlying on-chain activity stays public on the blockchain and is outside our control.
To make a request, email privacy@twzrd.xyz. One important limit: data written to a public blockchain is permanent. It is not under our control and cannot be deleted by us or by you.
Age
You should be 18 or older to use TWZRD. We don't knowingly collect info from kids under 18.
Keeping things safe
We use normal secure connections (HTTPS). No system is 100% risk-free, but we take reasonable steps to protect what we have.
Updates
If we change this page in a big way, we'll update the date at the top.
Questions?
Reach us at privacy@twzrd.xyz