Cowallet ("we", "our", "the Service") is operated by Block Three Co., Ltd., a company registered in South Korea. This policy explains how we handle your data.
1. Self-Custody Architecture
Cowallet is a non-custodial wallet. We never have access to your private keys, seed phrases, or funds. All sensitive material is encrypted on your device with your password using AES-256-GCM.
2. Data We Process
Stored locally on your device only:
- Encrypted seed phrase (AES-256-GCM)
- Wallet addresses and metadata
- Custom token preferences
- Transaction history cache
Sent to third-party services (only when you initiate an action):
- RPC providers (Alchemy, public nodes): wallet addresses, balance queries
- DEX aggregators (Kyberswap, Jupiter, OKX): swap quotes
- MoonPay / Ramp: wallet address + currency for fiat onramp
- Sentry (optional): anonymous error reports
We do NOT collect:
- Personal identifying information (no signup required)
- Email or phone (unless opt-in for notifications)
- Browsing history outside Cowallet
- Analytics tracking your trading patterns
3. Cookies
We use only essential cookies for session state. No tracking cookies, no advertising.
4. Third-Party Services
When you use specific features:
- MoonPay / Ramp: subject to their privacy policies (KYC required by them, not us)
- dApps via WalletConnect: each dApp has its own privacy policy
5. Your Rights
- Delete all data: Settings → Wallets → Delete (removes seed from device)
- Export: Recovery phrase export (one-time display, password protected)
- Portability: Move your seed to any compatible wallet (MetaMask, Phantom, etc.)
6. Security
- AES-256-GCM encryption for seed storage
- No server holds your keys — no custody breach possible
- Open source code review available on GitHub
7. Changes
We notify in-app for material changes. Continued use after notification constitutes acceptance.