Privacy Policy

Soldi ("Company", "we", "us") operates the soldi.dev platform, including the dashboard, API, middleware packages, and related services (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Account Information

When you create an account, we collect:

• Email address (used for authentication and communications)
• Name (optional, for display purposes)
• Site URL (the website you wish to monetize)
• Wallet address (for cryptocurrency payouts, if provided)

Transaction Data

When transactions occur through your integrated site, we collect:

• Transaction amounts, fees, and payment methods
• URL paths accessed by AI agents
• AI agent identifiers and user-agent strings
• Timestamps of transactions and visits

Technical Data

We automatically collect:

• IP addresses (for rate limiting and security)
• Browser type and device information
• Log data (API request/response metadata)
• Cookies and session tokens for authentication

Third-Party Authentication

If you sign in with GitHub, we receive your public profile information (email, name, avatar) from GitHub's OAuth service. We do not access your repositories or private data.

We use collected information to:

• Provide, maintain, and improve the Service
• Process transactions and disburse payments to publishers
• Send transactional emails (magic links, payment notifications)
• Generate analytics and reports visible in your dashboard
• Detect and prevent fraud, abuse, and security threats
• Enforce our Terms of Service and EULA
• Respond to support requests

We do not sell your personal information. We do not use your data for targeted advertising.

We may share your information with:

• Payment processors — Stripe and blockchain networks (Base/Ethereum) to process payments. Stripe's use of your data is governed by Stripe's Privacy Policy.
• Infrastructure providers — Vercel (hosting), Supabase (database), Upstash (rate limiting) to operate the Service. These providers process data on our behalf under data processing agreements.
• Email services — Resend to deliver transactional emails such as magic links.
• Legal requirements — When required by law, subpoena, or to protect our rights and safety.

We retain your account data for as long as your account is active. Transaction records are retained for a minimum of 7 years for financial compliance purposes. You can request deletion of your account through the dashboard settings, at which point we will delete your personal data within 30 days, except where retention is required by law.

We implement security measures to protect your data, including:

• API keys are stored as SHA-256 hashes; plaintext keys are never persisted
• All data in transit is encrypted via TLS/HTTPS
• Database connections use SSL encryption
• Rate limiting protects against brute-force and abuse
• JWT tokens are signed with secure secrets and have limited expiry

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party analytics cookies. The session cookie is HTTP-only and secure, containing an encrypted JWT token.

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Object to or restrict certain processing activities
• Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at privacy@soldi.dev.

Your data may be processed in countries other than your own. Our infrastructure is primarily hosted in the United States (AWS US-East-1). By using the Service, you consent to the transfer of your data to these locations.

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a minor, please contact us and we will promptly delete it.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.

For privacy-related inquiries, contact us at:

• Email: privacy@soldi.dev
• General: support@soldi.dev