privacy policy
effective: january 1, 2026 | updated: january 6, 2026
1. introduction
arrakis, a product of The Honey Jar Corp ("company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. this privacy policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website at arrakis.community, discord bot, telegram bot, apis, and related services (collectively, the "service").
please read this privacy policy carefully. by using the service, you consent to the practices described in this policy.
2. information we collect
2.1 information you provide
account information:
+ email address (for account registration and communication)
+ username or display name
+ password (stored in hashed form)
+ payment information (processed by third-party processors)
community configuration:
+ discord server settings and configurations
+ telegram group settings and configurations
+ token contract addresses and chain selections
+ tier thresholds and badge configurations
+ custom theme settings (enterprise)
2.2 information collected automatically
platform identifiers:
+ discord user id
+ discord server id
+ telegram user id
+ telegram group id
wallet information:
+ public wallet addresses you connect to the service
+ publicly available blockchain data (balances, transactions, nft ownership)
usage data:
+ log data (ip address, browser type, device information)
+ feature usage patterns
+ error logs and diagnostic data
+ timestamps of interactions
cookies and similar technologies:
+ session cookies for authentication
+ preference cookies
+ analytics cookies (with consent where required)
2.3 information from third parties
blockchain data:
+ public blockchain data via rpc providers and our score service
+ token balances, nft ownership, transaction history
platform apis:
+ discord api (server membership, roles, permissions)
+ telegram api (group membership, user status)
3. how we use your information
3.1 to provide the service
+ verify blockchain asset ownership for token-gating
+ calculate conviction scores based on on-chain behavior
+ assign and manage tier roles in discord and telegram
+ award badges based on activity and achievements
+ generate analytics and insights for community operators
+ process payments for paid subscriptions
3.2 to improve the service
+ analyze usage patterns to improve features
+ debug issues and fix errors
+ develop new features and capabilities
+ conduct research and analysis
3.3 to communicate with you
+ send service-related notifications
+ respond to support requests
+ provide important updates about your account
+ send marketing communications (with consent, where required)
3.4 for security and compliance
+ detect and prevent fraud or abuse
+ enforce our terms of service
+ comply with legal obligations
+ respond to legal requests
4. legal basis for processing (gdpr)
if you are in the european economic area (eea) or uk, we process your personal data based on the following legal grounds:
| purpose | legal basis |
|---|---|
| providing the service | contract performance |
| account management | contract performance |
| payment processing | contract performance |
| security and fraud prevention | legitimate interests |
| service improvement | legitimate interests |
| marketing communications | consent |
| legal compliance | legal obligation |
5. how we share your information
5.1 service providers
we share information with third-party service providers who assist in operating the service:
| provider type | purpose | data shared |
|---|---|---|
| cloud hosting | infrastructure | all service data |
| payment processors | billing | payment information |
| analytics providers | usage analysis | anonymized usage data |
| rpc providers | blockchain queries | wallet addresses |
| email services | communications | email addresses |
5.2 community visibility
certain information is visible within communities you participate in:
+ your tier rank (if configured by community operator)
+ badges you've earned
+ conviction score (if displayed by community operator)
+ your discord/telegram username
community operators can see aggregated analytics about their community members.
5.3 public blockchain data
wallet addresses and associated blockchain data are publicly available on blockchain networks. our service reads this public data but does not make private data public.
5.4 legal requirements
we may disclose information if required by law, court order, or government request, or if we believe disclosure is necessary to:
+ comply with legal obligations
+ protect our rights or property
+ prevent fraud or security issues
+ protect the safety of users or the public
5.5 business transfers
in the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
5.6 with your consent
we may share information for other purposes with your explicit consent.
6. data retention
6.1 retention periods
| data type | retention period |
|---|---|
| account information | until account deletion + 30 days |
| community configurations | until community removal + 30 days |
| wallet connections | until disconnected + 30 days |
| usage logs | 90 days |
| analytics data | 24 months (anonymized) |
| payment records | 7 years (legal requirement) |
| support communications | 3 years |
6.2 deletion
when you delete your account or disconnect a wallet:
+ we remove your personal data within 30 days
+ some data may be retained in backups for up to 90 days
+ anonymized or aggregated data may be retained indefinitely
+ data required for legal compliance is retained as required
7. data security
7.1 security measures
we implement appropriate technical and organizational measures to protect your data:
technical measures:
+ encryption in transit (tls/https)
+ encryption at rest for sensitive data
+ postgresql row-level security (rls) for tenant isolation
+ secure password hashing
+ regular security assessments
organizational measures:
+ access controls and authentication
+ employee security training
+ incident response procedures
+ vendor security assessments
7.2 multi-tenant isolation
our platform uses row-level security (rls) at the database level to ensure complete isolation between communities. your community's data cannot be accessed by other communities.
7.3 security limitations
no system is completely secure. while we strive to protect your data, we cannot guarantee absolute security. you are responsible for maintaining the security of your account credentials and wallet private keys.
8. your rights
8.1 general rights
you have the right to:
access — request a copy of your personal data
correction — request correction of inaccurate data
deletion — request deletion of your data
portability — receive your data in a portable format
objection — object to certain processing activities
withdrawal — withdraw consent where processing is based on consent
8.2 gdpr rights (eea/uk)
if you are in the eea or uk, you additionally have the right to:
+ lodge a complaint with a supervisory authority
+ restrict processing in certain circumstances
+ not be subject to automated decision-making with legal effects
8.3 ccpa rights (california)
if you are a california resident, you have the right to:
+ know what personal information we collect
+ request deletion of personal information
+ opt-out of the sale of personal information (we do not sell personal information)
+ non-discrimination for exercising your rights
8.4 exercising your rights
to exercise your rights, contact us at privacy@0xhoneyjar.xyz. we will respond within the timeframes required by applicable law (typically 30 days).
we may need to verify your identity before processing requests. for wallet-related requests, we may ask you to sign a message to prove wallet ownership.
9. cookies and tracking
9.1 types of cookies
| cookie type | purpose | duration |
|---|---|---|
| essential | authentication, security | session |
| functional | preferences, settings | 1 year |
| analytics | usage statistics | 2 years |
9.2 managing cookies
you can control cookies through your browser settings. note that disabling certain cookies may affect service functionality.
9.3 do not track
we currently do not respond to "do not track" browser signals, as there is no industry standard for interpretation.
10. international data transfers
10.1 transfer locations
your data may be transferred to and processed in countries outside your country of residence, including the united states and other countries where our service providers operate.
10.2 transfer safeguards
for transfers from the eea/uk, we use appropriate safeguards including:
+ standard contractual clauses (sccs) approved by the european commission
+ data processing agreements with service providers
+ additional technical measures where appropriate
11. children's privacy
the service is not intended for users under 18 years of age. we do not knowingly collect personal information from children. if we learn we have collected information from a child under 18, we will delete that information promptly.
12. third-party links and services
the service may contain links to third-party websites or integrate with third-party services (discord, telegram, blockchain networks). this privacy policy does not apply to those third parties. we encourage you to review their privacy policies.
13. specific data processing activities
13.1 wallet address processing
what we collect:
public wallet addresses you connect to the service.
how we use it:
+ verify token/nft ownership for access control
+ calculate conviction scores based on public blockchain data
+ determine tier placement based on holdings and behavior
what we DON'T do:
— access your private keys or seed phrases
— execute transactions on your behalf
— store cryptocurrency or digital assets
13.2 conviction scoring
what we analyze:
+ holding duration of tokens/nfts
+ trading patterns (accumulation vs distribution)
+ historical transaction data
+ cross-wallet behavior patterns
data sources: publicly available blockchain data only.
purpose: identify high-conviction community members for tiering and engagement features.
13.3 discord/telegram data
what we access:
+ user ids and usernames
+ server/group membership
+ role assignments we manage
what we DON'T access:
— message content (except bot commands)
— direct messages
— voice chat data
14. changes to this policy
we may update this privacy policy from time to time. we will notify you of material changes by:
+ posting the updated policy on our website
+ updating the "last updated" date
+ sending email notification for significant changes
your continued use of the service after changes constitutes acceptance of the updated policy.
15. contact us
for questions about this privacy policy or to exercise your rights, contact us at:
The Honey Jar Corp
d/b/a arrakis
email: privacy@0xhoneyjar.xyz
website: arrakis.community
last updated: january 6, 2026. see also: [terms of service]