Welcome to Chatalystar ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI companion platform and related services (the "Service").
Data Controller Information:
Company: Chatalystar Inc.
Registered Address: 100 King St W, First Canadian Place #5700, Toronto ON M5X 1C7, Canada
Website: chatalystar.com
Data Protection Email: privacy@chatalystar.com
GDPR Representative: dpo@chatalystar.com
By accessing or using Chatalystar, you agree to this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.
1A. Legal Basis for Processing (GDPR)
For users in the European Economic Area, United Kingdom, and Switzerland, we process your personal data based on the following legal grounds:
Contract Performance: Processing necessary to provide the Service you requested
Device Information: Browser type, operating system, IP address
Cookies and Tracking: Session cookies, authentication tokens
2A. Blockchain and Payment Data
When you use cryptocurrency features within Chatalystar, we collect and process additional data related to blockchain transactions and digital payments:
On-Chain Transaction Hashes: Records of transactions broadcast to public blockchain networks (e.g., Base network) are stored to verify payment status and provide transaction history
USDC Balances: Your USDC token balance as reflected on the blockchain, queried to display account balances within the Service
Wallet Addresses (Server-Side): We store your wallet's public address on our servers to associate your account with blockchain transactions. We never store your private keys on our servers
Third-Party Payment Processors: We integrate with MoonPay (fiat-to-crypto on-ramp) and NOWPayments (cryptocurrency payment processing). These providers collect additional information pursuant to their own privacy policies when you use their services
Public Nature of Blockchain Data: Transactions recorded on public blockchains (including wallet addresses, transaction amounts, and timestamps) are inherently public and visible to anyone. We cannot control or limit access to on-chain data once a transaction is broadcast
Important: Blockchain transactions are permanent and publicly visible. Once a transaction is submitted to the network, the associated wallet addresses and transaction details become part of the public ledger. Please review the privacy policies of MoonPay and NOWPayments for details on how they handle your data.
3. How We Use Your Information
Provide, maintain, and improve the Service
Process transactions and manage your account
Personalize your experience and AI interactions
Track progress, achievements, and engagement
Send service-related communications
Detect, prevent, and address security threats
Comply with legal obligations
4. Data Sharing and Disclosure
We do not sell your personal information. We may share your data only in the following circumstances:
Service Providers: Third-party vendors who assist in operating our Service
Payment Processors: MoonPay (fiat-to-crypto on-ramp services) and NOWPayments (cryptocurrency payment processing) receive transaction data necessary to process your payments. Each operates under its own privacy policy and terms of service
Blockchain Networks: When you initiate a cryptocurrency transaction, your wallet address and transaction details are broadcast to and recorded on public blockchain ledgers (e.g., Base/Ethereum). This data is publicly accessible and cannot be deleted or modified
AI Processing: Messages processed through AI providers to generate responses
Legal Requirements: When required by law or to protect our rights
Business Transfers: In connection with a merger, acquisition, or sale
5. Data Security
We implement industry-standard security measures including encryption, secure password hashing, regular security audits, and access controls. However, no method of transmission over the Internet is 100% secure.
5.1 Wallet and Cryptographic Security
Client-Side Encryption: Wallet private keys are encrypted on your device using AES-256-GCM encryption before being stored in your browser's localStorage. Encrypted wallet data never leaves your device in unencrypted form
Private Keys Never Transmitted: Your wallet private keys are generated and stored exclusively on your device. They are never transmitted to, processed by, or stored on Chatalystar servers
PIN-Based Key Derivation: Your wallet encryption key is derived from your personal PIN using PBKDF2 (Password-Based Key Derivation Function 2) with cryptographically secure parameters, ensuring that your PIN alone can unlock your wallet on your device
Your Responsibility: Because private keys are stored only on your device and encrypted with your PIN, Chatalystar cannot recover your wallet if you lose your PIN or clear your browser data. You are solely responsible for safeguarding your PIN and any backup recovery phrases.
6. Your Rights
Access and review your personal information
Correct inaccurate or incomplete data
Delete your account and associated data
Export your data in a portable format
Opt-out of promotional communications
7. Children's Privacy
Chatalystar is intended for users 18 years of age and older. We do not knowingly collect personal information from anyone under 18.
8. Contact Us
If you have questions about this Privacy Policy, please contact us at: