Start Investigation

Choose how you want to start

Pick a victim assessment or a firm workspace.

Secure intake
Privacy Policy

Your data.
Your rights.
Our obligations.

We handle sensitive situations involving financial loss. Our approach to your data reflects that — minimal collection, clear purpose, no selling, no surprises. This policy tells you exactly what we collect, why, and what control you have over it.

Last updated Platform launch date  ·  Version 1.0
Privacy at a Glance
Key commitments summarised
Only public blockchain data is analysed
Minimum personal data collected
You can request deletion at any time
No advertising, no data brokers
We never ask for private keys or seed phrases
We never sell your data to third parties
No tracking cookies or behavioural profiling
How your data moves

What Enters Our System — and What Doesn't

Our data model is built around a simple principle: collect only what is genuinely necessary to deliver the service you requested. The diagram below shows what we receive, what we process, and what we never touch.

You
The user
Transaction hash (TXID)
Email (optional, for delivery)
Private key / seed phrase
Wallet credentials
We receive
Platform
Traces & analyses
Trace report → You
Secure logs → Infrastructure only
Data brokers — never
Advertisers — never
We send
Blockchain
Public data only
Accepted input / permitted output Never collected / never shared Output to you
01 Who We Are

The Data Controller

This Privacy Policy explains how we — the operator of this blockchain transaction tracing platform — collect, use, store, and protect your personal data when you use our website or purchase our services.

We are the data controller for any personal data you provide to us through this platform. Our contact details for data protection matters are provided in Section 11 of this policy.

This policy applies to all users of the platform, including those who only browse our resources without purchasing a service. By using this platform, you acknowledge that you have read this policy.

02 Data We Collect

What Information We Collect — and What We Don't

We apply a minimum-collection principle: we only collect data that is genuinely necessary to provide the service you requested.

Data we collect
Transaction hash (TXID)
Essential — the primary input for the tracing service
Blockchain network
Required to route the trace to the correct explorer
Email address
Optional — only collected if you want report delivery by email
Payment information
Processed by our payment provider only — we hold no card data
IP address & server logs
Automatic — collected for security, abuse prevention, and diagnostics
Communications with us
If you contact support or compliance, those messages are retained
Data we never collect
Private keys or seed phrases
We never ask. We never store. Anyone asking is not us.
Wallet passwords or exchange credentials
Entirely unnecessary for our service — never requested
Government ID or biometric data
We are not a regulated financial institution and do not run KYC
Precise location data
We do not use GPS, cell-tower, or device location tracking
Behavioural or advertising profiles
No cross-site tracking, no profiling for advertising purposes
03 Why We Collect It

Legal Basis & Purpose of Processing

For users in jurisdictions governed by GDPR or similar data protection law, we process personal data under the following legal bases:

Data Purpose Legal basis
Transaction hash Performing the tracing service you purchased Contract performance
Email address Delivering your report and service communications Contract performance
Payment data Processing and recording the transaction Contract performance
Server logs / IP Security, fraud prevention, platform diagnostics Legitimate interests
Support communications Responding to queries, resolving complaints Legitimate interests
Compliance records Legal obligations, regulatory reporting if required Legal obligation

We do not use your data for purposes beyond those listed above without obtaining your explicit consent first. We do not use your data for marketing unless you have separately opted in to receive marketing communications.

04 Sharing & Disclosure

Who We Share Your Data With

We do not sell, rent, or trade your personal data. We share data only in the limited circumstances below:

05 Retention

How Long We Keep Your Data

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by law.

Data type Retention period Reason
Transaction hash & report 12 months from delivery Support, dispute resolution
Email address Until deletion requested or 12 months inactive Service delivery, re-query
Payment records 7 years Legal and tax obligations
Server / security logs 90 days Security monitoring, then deleted
Support communications 3 years from last contact Complaint history, dispute records

On expiry of a retention period, data is securely deleted or anonymised. You may request earlier deletion of certain data at any time — see Section 7 for details on how to exercise this right.

06 Security

How We Protect Your Data

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure. Our security practices include:

Encryption in transit

All data transmitted between your browser and our servers is encrypted using TLS.

Access controls

Access to user data is restricted to staff who require it to deliver or support the service.

Minimal staff access

No employee accesses your data without a legitimate operational need. Access is logged.

Breach response

In the event of a data breach affecting your rights, we will notify you and relevant authorities within the legally required timeframe.

No system is entirely immune to risk. We cannot guarantee absolute security, but we take all reasonable steps to protect the data we hold. If you believe your data may have been compromised, contact us immediately.

07 Your Rights

What You Can Ask Us to Do

Depending on your jurisdiction, you have a range of rights regarding your personal data. We honour all of the following:

Right to access

Request a copy of all personal data we hold about you, including the purposes for which it is used.

Right to rectification

Ask us to correct any inaccurate personal data we hold about you without undue delay.

Right to erasure

Request deletion of your personal data where there is no compelling reason for us to continue holding it.

Right to object

Object to processing of your data where we rely on legitimate interests as our legal basis.

Right to restrict

Request that we limit processing of your data in certain circumstances, such as while a dispute is resolved.

Right to portability

Receive your personal data in a structured, commonly used, machine-readable format for transfer to another service.

How to exercise your rights

Submit your request in writing to support@chaingracelabs.com. We will respond within 30 days. We may ask you to verify your identity before processing the request. There is no charge for exercising your rights. If you believe we have not handled your data correctly, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.

08 Cookies

Our Use of Cookies

We use a minimal set of cookies necessary for the platform to function securely. We do not use advertising cookies, cross-site tracking cookies, or any third-party marketing technology.

09 Children

Children's Privacy

This platform is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has submitted personal data to us, please contact us immediately and we will delete it promptly.

10 Policy Changes

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, technology, or applicable law. When we make material changes, we will notify registered users by email and update the version number and date at the top of this page. The current version of this policy always governs how we use your data.

We encourage you to review this policy periodically. Continued use of the platform after a policy update constitutes acceptance of the revised policy.

11 Contact

Data Protection Contact

For any privacy-related queries, to exercise your data rights, or to raise a concern about how we handle your information:

Privacy enquiries
support@chaingracelabs.com
Data deletion requests
support@chaingracelabs.com
Subject: Data Deletion Request
Response time
Within 30 calendar days of receiving your request