CRYPTOLPHIN - PRIVACY POLICY AND TERMS OF USE
Last Updated: March 4, 2026
Jurisdiction: New Zealand
Operator: Cryptolphin
IMPORTANT NOTICE - READ BEFORE USING
By installing, accessing, or using Cryptolphin in any form - including the browser extension, website, or any associated service - you acknowledge that you have read, understood, and agreed to this policy in its entirety. If you do not agree, do not install or use Cryptolphin.
We make no warranties. Crypto is volatile, scams evolve, and losses are possible from user error, network changes, or sophisticated exploits. Use at your own risk.

WHO WE ARE

Cryptolphin is operated by a sole trader registered in New Zealand. References to "Cryptolphin," "we," "us," or "our" in this document refer to that operator. We build and maintain the Cryptolphin browser extension and associated website at cryptolphin.com.

WHAT WE COLLECT

The Cryptolphin browser extension is designed from the ground up with a zero data collection architecture. Our website operates separately and uses minimal, anonymised analytics as described below.
2.1 The Extension - Zero Data Collection
Within the Cryptolphin browser extension, we collect nothing. Specifically, the extension does not collect: wallet addresses you view, scan, or enter; transaction history, signing activity, or pending transactions; IP addresses or device identifiers; browsing history or visited URLs; clipboard contents (clipboard is read locally only, to compare against the local threat database - nothing is transmitted); names, email addresses, or any personal information; usage patterns, feature interactions, or error reports; any data whatsoever.
All threat detection, address scanning, network validation, clipboard monitoring, and risk analysis performed by the extension happens entirely on your local device. No data leaves your machine as part of the protection process. The threat intelligence database (the "Pack") is downloaded once to your device and queried locally. Your queries never reach our servers or any third-party server.
2.2 The Website - Minimal Anonymous Analytics
The Cryptolphin website (cryptolphin.com) uses only essential cookies required for legal compliance, including GDPR and cookie consent management functionality. These are set only to record your cookie preferences and cannot be used to identify you individually. Basic anonymous site analytics (such as page view counts, referral sources, and general geographic region at country level) are used to understand overall traffic patterns and improve the site. These analytics collect no personally identifiable information, cannot be linked to individual users or devices, and are never shared with, sold to, or used by third parties.
We do not use advertising cookies, behavioural tracking, retargeting pixels, social media trackers, session recordings, heatmaps, or fingerprinting of any kind on the website.
You will be asked for your consent before any non-essential cookies are set on the website, in accordance with applicable cookie law including GDPR, UK PECR, and the New Zealand Privacy Act 2020. You may withdraw consent at any time via the cookie settings link in the site footer.
2.3 Voluntary Contact
If you contact us by email or submit a community threat report through the extension, we receive only what you choose to send - typically an address you are reporting and a brief description. We use this solely to review and potentially add the address to our threat database after independent verification. We do not store your contact details beyond what is necessary to respond, and we do not use them for marketing purposes.
2.4 Payment Data
Payments for the one-time paid upgrade are processed exclusively by third-party payment providers. We do not receive, store, or have access to your full payment card details at any point. The payment processor's own privacy policy governs how your payment data is handled. We receive only a confirmation that a payment was completed successfully.
2.5 API Keys (User-Provided)
If you choose to enter a third-party API key (such as an Etherscan API key) in the extension settings to enable optional features, that key is stored locally on your device only using your browser's built-in encrypted storage. We never see, transmit, or have access to any API key you enter into the extension.

WHAT WE SHARE - NOTHING

Because the extension collects nothing, there is nothing to share, sell, or rent from extension usage. Website analytics data is anonymous and cannot be attributed to any individual.
We will disclose information only if required to do so by applicable New Zealand law or a valid, binding court order - and given that we hold no meaningful personal data, there is nothing of substance to disclose.
We do not, and will never, sell user data to any third party. We do not share data with advertisers, data brokers, or marketing platforms. We receive no revenue from user data of any kind.

THIRD-PARTY SERVICES

4.1 Threat Intelligence Sources
Our threat database is compiled from publicly available sources including but not limited to: GoPlus Security, ScamSniffer, MyEtherWallet Darklist, MetaMask Phishing Detect, OFAC SDN List, AvengerDAO, De.Fi Shield, Chainabuse, Forta Network, SlowMist, DeFiYield REKT, and various community-maintained open-source repositories. These sources are queried by our servers during database compilation only - not by your device at runtime. We are not affiliated with any of these providers and are not responsible for the accuracy, completeness, timeliness, or continued availability of their data.
4.2 Blockchain Explorers
The extension may provide links to third-party blockchain explorers (such as Etherscan, Polygonscan, BscScan, or similar services) for your convenience. Clicking these links takes you to external websites entirely outside our control. Their own privacy policies apply when you visit them. We are not responsible for their data practices, content, accuracy, or availability.
4.3 Browser APIs
The extension uses browser-provided APIs - including clipboard access and local storage - only when explicitly required for a feature you have enabled or triggered. Clipboard access is used solely to detect whether a pasted address matches known scam addresses. No clipboard content is transmitted anywhere outside your device.
4.4 Payment Processors
Our payment processing is handled by third-party providers. When you complete a purchase, you are subject to that provider's terms of service and privacy policy. We recommend reviewing their policies before completing payment.

PAYMENTS AND REFUND POLICY

Cryptolphin offers a free tier and a one-time paid upgrade providing lifetime access for USD $1 (one American dollar). There are no subscriptions, recurring charges, hidden fees, or ongoing costs.
5.1 No Refunds
All payments are final and non-refundable under any circumstances. Once the upgrade is activated, access is granted immediately and permanently. Given the nature of digital goods and the availability of a fully functional free tier to evaluate the product before purchase, we do not offer refunds for any reason including change of mind, technical incompatibility, or dissatisfaction. If you are uncertain whether the paid tier is right for you, we strongly encourage you to use the free version first.
5.2 Chargebacks
Initiating a chargeback or payment dispute after activating the paid upgrade, without first contacting us in good faith to attempt resolution, may result in immediate and permanent suspension of access without further notice or refund.
5.3 Lifetime Access - Scope and Limits
"Lifetime access" means access for the operational lifetime of the Cryptolphin product as currently constituted. It does not guarantee access in perpetuity regardless of circumstances. In the event of product discontinuation, acquisition, or material change in service, no additional compensation, refund, or alternative access will be provided beyond what is stated in the Business Transfer section.

DISCLAIMER OF WARRANTIES

WE MAKE NO WARRANTIES. CRYPTO IS VOLATILE, SCAMS EVOLVE, AND LOSSES ARE POSSIBLE FROM USER ERROR, NETWORK CHANGES, OR SOPHISTICATED EXPLOITS.
To the maximum extent permitted by applicable law, Cryptolphin is provided "as is" and "as available" without warranty of any kind, whether express, implied, statutory, or otherwise, including: no warranty of merchantability or fitness for a particular purpose; no warranty that the service will be uninterrupted, timely, secure, error-free, or free of harmful components; no warranty as to the accuracy, completeness, or timeliness of the threat database or any detection result; no warranty that any specific scam address, phishing domain, poisoned address, clipboard hijack attempt, or malicious contract will be detected; no warranty that the extension will function correctly with any particular browser version, operating system, wallet software, or device configuration; no warranty that any threat flagged is in fact malicious (false positives are possible and do not constitute grounds for any claim).
The threat landscape changes continuously. New scam addresses are created every day. Our database is updated on a best-effort basis and will never be exhaustive. A clean result from Cryptolphin does not mean an address or contract is safe - it means it was not in our database at the time of the check. You must always verify independently before signing any transaction.

LIMITATION OF LIABILITY

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, CRYPTOLPHIN, ITS OPERATOR, CONTRIBUTORS, DATA PROVIDERS, AND AFFILIATES SHALL NOT BE LIABLE FOR ANY: direct, indirect, incidental, special, consequential, punitive, or exemplary damages of any kind whatsoever; loss of funds, cryptocurrency, digital assets, NFTs, or profits; losses arising from missed detections, false positives, or incorrect network or address validation results; losses arising from user error, including sending funds to a wrong address or on a wrong network; losses arising from malware, clipboard hijacking, address poisoning, social engineering, or exploits that bypass or circumvent the extension's protections; losses arising from inaccuracies in third-party threat intelligence sources we rely upon; losses arising from extension downtime, bugs, failed updates, or browser incompatibility; losses arising from your reliance on any alert, warning, score, or recommendation produced by the extension; any other loss or damage, however caused, arising out of or in connection with your use of or inability to use Cryptolphin.
This limitation applies regardless of the legal theory asserted - contract, tort, negligence, strict liability, or otherwise - and even if we have been expressly advised of the possibility of such damages.
You expressly acknowledge that cryptocurrency transactions are irreversible and final, that you are solely responsible for verifying all transaction details before signing, and that no security tool - including Cryptolphin - eliminates risk entirely.

NOT FINANCIAL, INVESTMENT, OR LEGAL ADVICE

Nothing produced, displayed, or communicated by Cryptolphin - including threat warnings, risk scores, network mismatch alerts, wallet age scores, contract analysis, history audits, or any other output - constitutes financial, investment, tax, or legal advice of any kind. Cryptolphin is a security assistance tool only.
You should consult a qualified financial, legal, or security professional before making any significant financial or legal decision. Cryptolphin is not a substitute for professional advice, independent due diligence, or your own verification of all transaction details before signing.

DISPUTE RESOLUTION AND ARBITRATION

9.1 Mandatory Pre-Dispute Resolution
Before initiating any formal dispute process, you agree to contact us and give us a reasonable opportunity (no less than 30 days) to resolve the matter informally.
9.2 Binding Arbitration
If informal resolution fails, any dispute, claim, or controversy arising out of or relating to Cryptolphin shall be resolved exclusively by binding arbitration in Christchurch, New Zealand, under New Zealand law and the arbitration rules of the New Zealand Arbitration Act 1996 (as amended). The arbitrator's decision shall be final and binding on both parties.
9.3 No Class Actions
YOU WAIVE YOUR RIGHT TO PARTICIPATE IN, OR BRING, A CLASS ACTION LAWSUIT, CONSOLIDATED ACTION, OR CLASS-WIDE ARBITRATION PROCEEDING OF ANY KIND. All claims must be brought solely in your individual capacity.
9.4 No Jury Trial
TO THE EXTENT PERMITTED BY LAW, YOU WAIVE YOUR RIGHT TO A JURY TRIAL FOR ANY CLAIM RELATING TO CRYPTOLPHIN.
9.5 Governing Law and Jurisdiction
This policy and all disputes are governed exclusively by the laws of New Zealand, without regard to conflict of law principles.
9.6 Time Limitation on Claims
ANY CLAIM ARISING FROM YOUR USE OF CRYPTOLPHIN MUST BE FILED WITHIN ONE (1) YEAR OF THE DATE ON WHICH THE CLAIM AROSE.

INTELLECTUAL PROPERTY

All intellectual property rights in Cryptolphin are owned exclusively by the Cryptolphin operator. All rights are reserved. We grant you a limited, non-exclusive, non-transferable, revocable licence to use the Cryptolphin extension solely for your personal, non-commercial security purposes.

ACCEPTABLE USE

You agree not to use Cryptolphin to: circumvent, reverse engineer, or attempt to extract the threat database for redistribution or commercial use; submit false, misleading, or malicious threat reports; automate, scrape, or systematically query the extension or pack server beyond normal personal use; use the extension in any way that violates applicable law; attempt to interfere with or disrupt the pack server, signing infrastructure, or any associated service.

NO AFFILIATION

Cryptolphin is an independent product. We are not affiliated with, endorsed by, sponsored by, or in any way associated with MetaMask, Phantom, Coinbase, Binance, Kraken, Ledger, Trezor, Uniswap, OpenSea, Ethereum Foundation, Solana Foundation, Polygon, Arbitrum, Optimism, Base, or any other wallet, exchange, blockchain protocol, DeFi protocol, or crypto project.

YOUR RIGHTS UNDER NEW ZEALAND LAW

New Zealand's Privacy Act 2020 governs the collection, use, and storage of personal information in New Zealand. Because the extension collects no personal information and website analytics are fully anonymised, there is generally no data to access, correct, or delete. If you believe we hold personal information about you, you have the right to request confirmation, access, and correction of any such information.

UPDATES, SECURITY AND DATABASE INTEGRITY

All distributed extension files are cryptographically signed. The threat intelligence database is updated periodically. All pack files are signed with an HMAC-SHA256 signature and include a SHA-256 integrity hash. The extension verifies these signatures automatically before loading any new pack.

CONTACT

Email: hello@cryptolphin.com
Website: cryptolphin.com
Location: New Zealand
We aim to respond to all enquiries within 10 business days. Please include "Privacy" or "Legal" in your subject line.
WE MAKE NO WARRANTIES. CRYPTO IS VOLATILE, SCAMS EVOLVE, AND LOSSES ARE POSSIBLE FROM USER ERROR, NETWORK CHANGES, OR EXPLOITS. USE ENTIRELY AT YOUR OWN RISK.
Copyright 2026 Cryptolphin. All Rights Reserved.