Privacy Policy

This policy revised and last updated: June 16, 2026.

OVERVIEW

This Privacy Policy describes how your personal information is collected, used, and shared when you visit starduststaking.com (the “SITE”). It informs you of our policies regarding the collection, use, and disclosure of personal data when you use our SITE.

For information about what Stardust Staking does and does not do as a business — including the fact that we are a non-custodial validator infrastructure provider and do not hold client crypto-assets — please see our Legal & Disclaimer page.

DEFINITIONS

SERVICE

The starduststaking.com website and related server infrastructure operated by Stardust Staking.

PERSONAL DATA

Data relating to a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

USAGE DATA

Data collected automatically either generated by the use of the SERVICE or from the SERVICE infrastructure itself (for example, the duration of a page visit).

COOKIES

Small pieces of data stored on your device (computer or mobile device).

DATA CONTROLLER

The natural or legal person who (either alone or jointly with others) determines the purposes for which and the manner in which personal information is processed. For the purpose of this Privacy Policy, Stardust Staking is the Data Controller of your Personal Data. You can contact us at [email protected] or by post at Tallinn 10111, Estonia.

DATA PROCESSORS (OR SERVICE PROVIDERS)

Any natural or legal person who processes the data on behalf of the DATA CONTROLLER. We may use the services of Service Providers in order to process your data more effectively (for example, hosting and email delivery).

DATA SUBJECT (OR USER)

Any living individual who is using our SERVICE and is the subject of Personal Data.

PERSONAL INFORMATION WE COLLECT

When you visit the SITE, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. As you browse the SITE, we collect information about the individual web pages that you view, what websites or search terms referred you to the SITE, and information about how you interact with the SITE. We refer to this automatically-collected information as “Device Information.”

We collect Device Information using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit www.allaboutcookies.org.
  • “Log files” track actions occurring on the SITE, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

If you contact us by email or via a linked messaging channel, we may also process the contents of your message and any contact details you choose to share with us (such as your email address and your name).

If you use our public RPC endpoints, we apply data minimisation in line with the GDPR. Our Zcash RPC fleet runs with nginx access logging disabled: we do not record client IP addresses or per-request metadata. We retain only aggregate operational metrics — such as per-host request counts by method and response-status class — which are not linked to any IP address, wallet address, or on-chain identity, and which we do not sell. Server error logs may briefly capture technical details for security and debugging purposes and are kept only for a limited period. For any other RPC endpoint, we process only the minimum technical data required to operate and secure the service and never link it to wallet addresses or on-chain identities.

We do not collect or process payment information through this SITE. We do not operate user accounts on this SITE.

TRACKING & COOKIES DATA

The SITE itself does not currently load third-party analytics, advertising, or tracking scripts. We use only first-party cookies strictly necessary for the SITE to function (for example, to remember basic preferences). You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our SITE.

If we add third-party analytics or other non-essential cookies in the future, we will update this notice and seek prior consent in accordance with the EU ePrivacy Directive and applicable national law.

HOW DO WE USE YOUR PERSONAL INFORMATION?

We use the information we collect to:

  • Provide and maintain our SERVICE.
  • Detect, prevent, and address technical or security issues, including potential abuse of the SITE.
  • Improve and optimise our SITE based on aggregated, non-identifying interaction data.
  • Respond to enquiries you send us.

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR):

If you are from the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it. We may process your Personal Data because:

  • We need to perform a contract with you (where one exists).
  • You have given us permission to do so.
  • The processing is in our legitimate interests (for example, operating and securing the SITE) and is not overridden by your rights.
  • We need to comply with a legal obligation.

SHARING YOUR PERSONAL INFORMATION

We share your Personal Information only where necessary for the purposes described above. For example, we use hosting and email-delivery service providers acting as Data Processors on our behalf. We do not sell your Personal Information.

We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant, or other lawful request for information, or to otherwise protect our rights. We may disclose your Personal Data in good faith where such action is necessary to:

  • Comply with a legal obligation.
  • Protect and defend the rights or property of Stardust Staking.
  • Prevent or investigate possible wrongdoing in connection with the SERVICE.
  • Protect the personal safety of users of the SERVICE or the public.
  • Protect against legal liability.

DO NOT TRACK

“Do Not Track” Signals Under California Online Privacy Protection Act (CalOPPA): we do not currently alter our SITE’s data collection and use practices when we see a Do Not Track signal from your browser. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

YOUR RIGHTS

If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us at [email protected].

YOUR DATA PROTECTION RIGHTS UNDER GENERAL DATA PROTECTION REGULATION (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us at [email protected].

In certain circumstances, you have the following data protection rights:

  • The right to access, update, or delete the information we have on you. You can access or request deletion of your Personal Data by writing to us at [email protected].
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable, and commonly used format.
  • The right to withdraw consent. You have the right to withdraw your consent at any time where we relied on your consent to process your personal information. We may ask you to verify your identity before responding to such requests.
  • You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. In Estonia, that authority is the Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate).

DATA RETENTION

We retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies. Usage Data is generally retained for a shorter period of time, except where this data is used to strengthen the security or improve the functionality of our Service, or we are legally obligated to retain it for longer.

SECURITY

We safeguard the security of your personal information with industry-standard physical, electronic, and managerial procedures. The safety and security of your personal information also depends on you. Where you have chosen a password for access to any service of ours, you are responsible for keeping that password confidential. The transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to or through our SERVICE. Any transmission of personal information is at your own risk.

MINORS

The SITE is not intended for individuals under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

INTERNATIONAL TRANSFER OF DATA

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place.

CHANGES

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at [email protected].