Privacy Policy

Last updated: February 2026

At Anchora, we are committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, store, and protect information when you use our blockchain infrastructure API services and visit our website. By using Anchora's services, you agree to the practices described in this policy.

1. Information We Collect

We collect the following types of information to provide and improve our services:

Account Information

  • Name, email address, and company name provided during registration
  • Billing and payment details required for paid plans
  • API keys and authentication credentials associated with your account

Usage Data

  • API call volumes, request frequency, and endpoint usage patterns
  • Feature usage and interaction data within the Anchora dashboard
  • Device information, browser type, IP address, and referring URLs

API Logs

  • Request and response metadata (timestamps, status codes, latency)
  • Error logs and diagnostic data for troubleshooting and reliability
  • Rate limit and quota consumption records

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, and maintain our blockchain infrastructure API services
  • To authenticate your identity and manage access to your account
  • To process transactions and manage billing for your subscription plan
  • To monitor, analyze, and improve the performance and reliability of our APIs
  • To detect, prevent, and address security threats, fraud, or technical issues
  • To communicate with you about service updates, incidents, and new features
  • To provide technical support and respond to your inquiries
  • To comply with applicable legal obligations and regulatory requirements

3. Data Storage & Security

We take the security of your data seriously and implement industry-standard measures to protect it.

All sensitive data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Your API keys are hashed and never stored in plaintext.

  • Your data is stored in secure, SOC 2-compliant cloud infrastructure with redundant backups
  • We employ strict access controls, ensuring only authorized personnel can access production systems
  • Regular security audits and penetration testing are conducted to identify vulnerabilities
  • Database backups are encrypted and stored in geographically separated regions
  • Only cryptographic hashes of your data are written to the blockchain -- your actual data is never exposed on any public ledger

4. Blockchain Data

Anchora uses blockchain technology to provide immutable verification and tamper-proof records. It is important to understand how your data interacts with public blockchains:

Only cryptographic hashes are stored on the public blockchain. Your actual documents, files, and personal data are never written to any blockchain. The hashes serve as tamper-proof fingerprints that can verify data integrity without revealing the underlying content.

  • Cryptographic hashes (SHA-256) are one-way functions -- your original data cannot be reconstructed from a hash
  • Blockchain transactions are immutable by design and cannot be deleted once confirmed
  • Transaction IDs and timestamps are recorded on-chain for verification purposes
  • No personally identifiable information (PII) is ever stored on the blockchain

Because blockchain records are permanent and immutable, the cryptographic hashes written to the chain will persist indefinitely. However, since these hashes cannot be reversed to reveal any personal or sensitive data, this does not compromise your privacy.

5. Data Retention

We retain your information only for as long as necessary to fulfill the purposes described in this policy:

  • Account data is retained for the duration of your active account and for up to 30 days after account deletion to allow for recovery
  • API logs are retained for 90 days for operational purposes and then automatically purged
  • Billing records are retained as required by applicable tax and financial regulations (typically 7 years)
  • Blockchain hashes are permanent and immutable by nature and cannot be deleted, but they contain no personally identifiable information
  • Usage analytics are aggregated and anonymized after 12 months

You may request early deletion of your data at any time, subject to our legal obligations and the immutable nature of blockchain records.

6. Your Rights

Under the General Data Protection Regulation (GDPR) and other applicable data protection laws, you have the following rights regarding your personal data:

  • Right of Access -- You may request a copy of the personal data we hold about you
  • Right to Rectification -- You may request correction of inaccurate or incomplete personal data
  • Right to Erasure -- You may request deletion of your personal data, subject to legal retention requirements and the immutable nature of blockchain records
  • Right to Data Portability -- You may request your data in a structured, machine-readable format for transfer to another service
  • Right to Restrict Processing -- You may request that we limit how we process your data in certain circumstances
  • Right to Object -- You may object to the processing of your personal data for direct marketing or legitimate interest purposes
  • Right to Withdraw Consent -- Where processing is based on consent, you may withdraw that consent at any time

To exercise any of these rights, please contact us using the details provided in the Contact Us section below. We will respond to your request within 30 days.

7. Cookies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyze site traffic.

  • Essential Cookies -- Required for core website functionality such as authentication and security. These cannot be disabled.
  • Analytics Cookies -- Help us understand how visitors interact with our website by collecting anonymous usage data
  • Preference Cookies -- Remember your settings and preferences (such as theme or language) for future visits

You can manage your cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of our website and services.

8. Third-Party Services

We use trusted third-party services to operate and improve our platform. These providers may process your data on our behalf:

  • Cloud Infrastructure -- For hosting, data storage, and compute services
  • Payment Processors -- For securely handling billing and subscription payments
  • Analytics Providers -- For aggregated website and API usage analytics
  • Email Services -- For transactional emails, notifications, and service communications
  • Blockchain Networks -- For anchoring cryptographic hashes to public, immutable ledgers

All third-party providers are contractually bound to protect your data and are prohibited from using it for purposes other than delivering services to Anchora. We do not sell your personal data to any third party.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data practices. When we make material changes, we will:

  • Update the "Last updated" date at the top of this page
  • Notify registered users via email for significant changes
  • Post a prominent notice on our website or dashboard

We encourage you to review this policy periodically to stay informed about how we protect your data. Your continued use of our services after any changes constitutes your acceptance of the updated policy.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to reach out:

We aim to respond to all privacy-related inquiries within 30 days.