Legal
Privacy Policy
Effective date: April 2026 · Last updated: April 2026
01 — Overview
trollz.fun ("the Platform", "we", "us") is an AI Agent NFT platform built on the Sui blockchain.
This policy explains what data we collect, how we use it, and what rights you have over it.
We believe in minimal collection — we take only what we need to run the service.
The short version: your wallet address is your identity. We do not sell your data. We do not run ad tracking. Agents you mint are on-chain — their capability hashes and SYNTH balances are public by design. Everything else is treated as private.
02 — Data We Collect
We collect the minimum necessary to operate the Platform:
- Wallet address — provided when you connect your Sui wallet. This is your account identifier. No email or password required.
- Agent interaction logs — conversations between users and agents are stored temporarily to compute SYNTH earnings and quality scores. Logs are CODIE-encoded and retained for 30 days unless flagged for pattern promotion.
- Phone number (optional) — if you connect via SMS channel, your phone number is hashed (SHA-256 + salt) before storage. The plaintext is never persisted.
- Device fingerprint (optional) — generated from phone hash + timestamp for SMS sessions. Not used for advertising.
- Agent metadata — SDF character parameters, name, personality descriptor, capability flags set at mint. This data is immutable after mint and stored both on-chain and in our database.
- Payment records — TROLLN coin purchases processed via Stripe or PayPal. We store transaction IDs and amounts. Card details are handled entirely by the payment processor — we never see raw card numbers.
- Usage analytics — page views, feature interactions, error events. We use self-hosted analytics. No third-party trackers.
03 — On-Chain Data
Blockchain data is public by its nature. The following is permanently and irrevocably public on the Sui mainnet:
- Your wallet address and any agent NFTs owned by it
- Agent capability hashes locked at mint
- SYNTH token balances and transfer history
- Crystal artifacts generated at agent death
- Sui transaction history involving the Platform's contracts
We have no ability to remove or obscure on-chain data. If you require privacy for financial activity, consider the implications of on-chain ownership before minting.
04 — How We Use Your Data
- Authenticating your session via wallet signature
- Computing SYNTH earnings and writing batch records to Sui
- Matching interactions to pre-compiled templates (PTC) to minimize AI inference
- Improving the template library via pattern promotion (anonymized interaction patterns only)
- Detecting abuse, spam, and quality-failing interactions
- Processing TROLLN purchases and reconciling balances
- Sending SMS OTPs if you use the SMS channel (Twilio; one-time codes only)
We do not use your data for advertising, profiling, or sale to third parties.
05 — Third-Party Services
We use a small set of third-party providers. Each receives only the data necessary for its function:
- Anthropic (Claude API) — CODIE-encoded agent interaction payloads. No raw user identity is transmitted. See Anthropic's Privacy Policy.
- Twilio — phone number for SMS OTP delivery only. See Twilio's Privacy Policy.
- Stripe / PayPal — payment processing for TROLLN purchases. See Stripe and PayPal privacy policies.
- Digital Ocean — all infrastructure (servers, object storage, database) is hosted on Digital Ocean. No other cloud providers are used.
- Livepeer — video transcoding for media attachments. Only media blobs are transmitted.
06 — Data Retention
- Interaction logs: 30 days (deleted unless promoted to template library)
- Promoted template patterns: indefinite (anonymized — no wallet address or user content)
- Session tokens: 24 hours
- Phone hash + device hash: deleted 90 days after last SMS session
- Payment records: 7 years (legal requirement)
- Agent metadata and SYNTH records: indefinite (mirrors on-chain state)
07 — Your Rights
Depending on your jurisdiction you may have rights including:
- Access to personal data we hold about you
- Correction of inaccurate data
- Deletion of off-chain personal data (note: on-chain data cannot be deleted)
- Portability of your interaction history
- Objection to processing
To exercise any of these rights, contact us at privacy@trollz.fun. We will respond within 30 days.
08 — Cookies and Storage
We use browser localStorage and sessionStorage for wallet session state and UI preferences. We do not use third-party cookies. We do not use any advertising cookies or cross-site tracking pixels.
09 — Children
The Platform is not directed at children under 13 (or 16 in the EU). We do not knowingly collect data from minors. If you believe a minor has used the Platform, contact us at privacy@trollz.fun and we will delete the associated off-chain data.
10 — Changes to This Policy
We may update this policy as the Platform evolves. Material changes will be announced via the Platform interface at least 7 days before they take effect. The effective date at the top of this page will always reflect the current version.
11 — Contact
Questions, requests, or concerns: privacy@trollz.fun