What we don’t collect.

You connect a wallet. That’s the entire identity layer. We never ask for your name, email, phone, location, or any personal data. We don’t store who you are because we never know.

Mints, listings, sales, primary-name updates, and target-address edits all happen on the public Igra L2 chain (chain ID 38833). Once on-chain, that data is public, permanent, and queryable by anyone via the Igra explorer or the Igra RPC. This is not data we collect — it’s how blockchains work. Your wallet address, the names you own, and the prices you paid are visible to everyone forever.

Our reverse proxy (Caddy) logs incoming HTTP requests to insdomains.org for operational health and abuse prevention: timestamp, requesting IP, user-agent, path, response code. These logs rotate every 14 days and are not used for any other purpose. We do not associate IPs with wallet addresses.

/api/resolve, /api/reverse, and /api/reserved-labels are open, CORS-enabled, and pass through directly to the on-chain registry contracts. They’re cached at the edge for ~60s. We don’t log API requests beyond the standard reverse-proxy access log above.

The dApp ships zero third-party analytics: no Google Analytics, no Meta Pixel, no PostHog, no Sentry. The only outbound calls your browser makes are to: the Igra RPC (read your owned names + chain state), our own API (when you use the resolver endpoints), and WalletConnect’s relay (only if you choose WalletConnect as your connector).

Our /api/suggest endpoint calls Anthropic’s Claude API server-side to generate name ideas from a seed word. The seed word is sent to Anthropic; nothing else. No wallet address, no IP, no other context. Anthropic’s own privacy policy applies to that hop.

Your wallet (MetaMask, KasWare, Kastle, Rabby, WalletConnect, etc.) handles all signing locally. We never see your private keys, your seed phrase, or any signing material. We see only the broadcasted transactions — same as any block explorer.

We use browser localStorage to remember your preferred TLD selection on /admin, your apply-all toggles on admin batch flows, and your manually-untracked reserved labels. That’s it. No cookies are set. Local-storage data never leaves your browser.

Since we don’t collect personal data, there’s nothing for us to delete on request. On-chain data (mints, listings, etc.) is by design permanent and outside our control — we can’t erase chain history, and neither can anyone else.

Questions, concerns, or anything else about this notice — reach us via the INS Telegram or open an issue on GitHub.