🔐 BonfireStellar Wallet Privacy Policy

Effective Date: April 18, 2025
Website: https://bonfirestellar.org

1. Introduction

BonfireStellar (“we,” “our,” or “us”) operates the BonfireStellar Wallet, a non-custodial cryptocurrency wallet built on the Stellar blockchain.

Your privacy is extremely important to us. This Privacy Policy explains how we collect, use, and protect your information when you use our wallet, website, and related services, including the SafeSend transaction protection feature.

2. Non-Custodial Wallet Statement

BonfireStellar is a non-custodial wallet, meaning:

  • We do NOT store, access, or control your private keys
  • We do NOT have access to your funds
  • All transactions are signed locally on your device
  • You are solely responsible for securing your wallet credentials

⚠️ If you lose your private key or recovery phrase, we cannot recover your funds.

3. Information We Do NOT Collect

We are committed to minimizing data collection. We do NOT collect:

  • Private keys (Secret Keys)
  • Recovery phrases / seed phrases
  • Full transaction signing data
  • Custodial account balances

4. Information We May Collect

a. Public Blockchain Data

When you use BonfireStellar:

  • Your public wallet address is used to:
    • Display balances
    • Track transaction history
    • Enable features like federation usernames

⚠️ Blockchain data is public and permanently recorded on the Stellar network.

b. Device & Technical Data

We may collect limited technical data such as:

  • Device type and OS version
  • App version
  • Basic diagnostic logs (errors, crashes)

This is used strictly for:

  • Improving performance
  • Debugging issues
  • Securing the app

c. Optional User Data (If Enabled)

If you use optional features, we may store:

  • Federation username (e.g., john*bonfirestellar.org)
  • Wallet address association
  • Subscription status (Free, Basic, Pro)

We aim to associate accounts with wallet addresses instead of personal identity whenever possible.

5. SafeSend Privacy & Data Handling

SafeSend is a transaction protection feature that allows users to temporarily delay and optionally reverse transactions.

How SafeSend Works (Privacy Perspective):

  • Transactions may enter a temporary holding/escrow state
  • During this period:
    • The transaction is tracked using public blockchain data
    • A time-based release condition is applied
  • The sender may request a refund within the allowed window (e.g., 15 min, 1 hour, 24 hours)

SafeSend Data Handling:

We may process:

  • Transaction hash
  • Sender and recipient public addresses
  • Asset type and amount
  • Time-lock duration
  • Refund status (used / unused)

Important:

  • SafeSend does NOT give BonfireStellar custody of funds
  • Funds are controlled via smart transaction logic and user authorization
  • BonfireStellar cannot arbitrarily access or move funds

6. Federation & Username Privacy

BonfireStellar may support federation usernames such as:

username*bonfirestellar.org

or simplified:
username

Data Stored:

  • Username
  • Associated wallet address

Important Notes:

  • Usernames are publicly resolvable
  • Usernames are permanently linked to the wallet unless deleted
  • External wallets may require full format (username*bonfirestellar.org)

7. Third-Party Services

We may integrate with third-party services including:

  • Stellar Network / Horizon APIs
  • MoneyGram Ramps (for USDC on/off-ramps)
  • Firebase / Google Cloud (backend services)
  • Analytics or crash reporting tools

These services may process limited data necessary for functionality.

⚠️ Each third party has its own privacy policy.

8. Security Measures

We implement security measures such as:

  • Local transaction signing
  • Encrypted storage on device (where applicable)
  • App integrity checks (e.g., Firebase App Check / Play Integrity)
  • Secure API communication

However:

⚠️ No system is 100% secure. Users must protect their own devices and keys.

9. Data Retention

We retain only minimal data:

  • Cached app data (may be stored locally on your device)
  • Backend configuration data (non-sensitive)
  • Federation mappings (if used)

We do not store sensitive wallet credentials.

10. Your Privacy Rights

Depending on your jurisdiction, you may have rights to:

  • Access your stored data
  • Request deletion of optional data (e.g., username)
  • Opt out of analytics

Since we collect minimal personal data, most users remain fully anonymous.

11. Children’s Privacy

BonfireStellar is not intended for users under the age of 18.
We do not knowingly collect data from minors.

12. Updates to This Policy

We may update this Privacy Policy periodically.
Updates will be posted at:

👉 https://bonfirestellar.org/privacy

13. Contact Information

For questions or concerns:

📧 support@bonfirestellar.org
🌐 https://bonfirestellar.org