Privacy Policy

Last updated: May 2026  ·  XRPLAnalytics by StackStats Apps LLC

1. Who We Are

XRPLAnalytics is operated by StackStats Apps LLC. We provide real-time analytics for the XRP Ledger public blockchain. For any privacy-related questions, contact us at [email protected].

2. What We Collect

We collect the minimum data necessary to operate the service:

• Account users only: email address and a hashed password (we never store your plaintext password).
• API usage logs: request timestamps, endpoints called, response codes, and API key identifiers — retained for 30 days on a rolling basis.
• Theme preference: stored in your browser's localStorage only — never sent to our servers.
• We never collect: financial data, private keys, seed phrases, wallet credentials, or any sensitive personal information beyond what is listed above.

3. How We Use It

The data we collect is used solely for:

• Authenticating your account and managing sessions.
• Enforcing per-user API rate limits to ensure fair access.
• Sending transactional emails for account-related events (e.g., password reset, billing).
• Aggregate product analytics to improve the service (no individual user profiling).

4. Third Parties

We share minimal data with the following trusted infrastructure providers:

• Cloudflare — infrastructure, CDN, and Web Application Firewall. Processes network-level data per their privacy policy.
• Stripe — future billing processor. Will handle payment data directly; we will not store card numbers.
• Resend — transactional email delivery (account events only).
• XRPL public validator nodes — public blockchain data only; no personal data is sent to the ledger.

We do not sell, rent, or trade your personal data to any third party.

5. Data Retention

• Account data: retained for the lifetime of your account plus 90 days following account deletion.
• API usage logs: retained on a 30-day rolling basis, then automatically purged.

6. Security

We take security seriously:

• Passwords are hashed using PBKDF2 with 100,000 iterations before storage.
• All data in transit is protected by HTTPS/TLS.
• Our infrastructure is protected by Cloudflare WAF and DDoS mitigation.
• Session tokens (JWT) expire after 30 days.

7. Your Rights

You have the right to request access to, correction of, or deletion of your personal data at any time. To exercise these rights, email [email protected]. We will respond within 30 days.

8. Cookies

We use only browser localStorage for storing your theme preference (light/dark mode). We do not set tracking cookies, advertising cookies, or third-party analytics cookies of any kind.

9. Children

XRPLAnalytics is not intended for use by persons under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us immediately.

10. Changes to This Policy

Material changes to this Privacy Policy will be announced via email to registered users at least 14 days in advance. Continued use of the service after changes take effect constitutes acceptance of the updated policy.

11. Contact

Privacy questions and data requests: [email protected]