MemeMint
← Back home
Legal · Privacy Policy

Privacy Policy

Last updated: May 2026 — DRAFT, attorney review pending.

1. What we collect

When you use MemeMint we collect:

  • Account info: email address, chosen username, hashed password
  • Usage: credits balance, generation history (prompts, output URLs), launched-token records, login timestamps
  • Wallet info: the Solana public address you connect via Phantom (we never see your private key or seed phrase)
  • Payment info: for crypto payments, the on-chain transaction signature; for fiat-via-NowPayments, only the order ID — payment-method details never touch our servers
  • Technical: IP address, browser user-agent, basic request logs (kept ~30 days for security & abuse prevention)

2. What we don't collect

  • Wallet seed phrases or private keys (the Service is non-custodial)
  • Credit-card numbers (handled by the payment processor, never our servers)
  • Browsing activity outside MemeMint
  • Off-platform social-media data unless you explicitly link it

3. How we use your data

  • To run the Service (credits, image generation, token launches)
  • To send transactional emails (signup confirmation, password reset)
  • To prevent abuse and comply with applicable law
  • To improve the Service in aggregate, with no personally-identifiable export

4. Who we share with

We share only the minimum necessary with:

  • OpenAI: your image-generation prompts (governed by OpenAI's API terms — they don't train on our data)
  • Supabase: account + usage data (database hosting)
  • Vercel: request logs (application hosting)
  • Resend: email address + transactional email content
  • NowPayments / on-chain Solana: payment-related metadata where applicable

We do not sell your data to anyone. We do not run third-party advertising on the Service.

5. Cookies & similar

We use first-party cookies for authentication sessions (Supabase) and to remember UI preferences. No third-party advertising or tracking pixels.

6. Data retention

Account data is retained while your account is active. If you close your account, identifiable data is deleted within 30 days, except records we're legally required to keep (financial transactions: 7 years).

7. Your rights

Depending on your jurisdiction (GDPR, CCPA, etc.) you may have rights to access, correct, export, or delete your data. Contact the email associated with your account to make a request — we'll respond within 30 days.

8. Security

Passwords are bcrypt-hashed by Supabase. The database encrypts data at rest. All traffic is HTTPS. We follow least-privilege principles for service-role keys and rotate them on a regular schedule.

9. Children

MemeMint is not directed at children under 18. We don't knowingly collect personal data from minors. If we learn we have, we delete it.

10. Changes

Material changes will be announced via the Service. Continued use after changes means you accept the updated Policy.