Privacy Policy

Effective: 2026-04-28 · Version 1.0 · GDPR / Datenschutz-Grundverordnung (DSGVO)

LOSURIA does not collect personal data wherever technically possible. Below: what we do process, why, and your rights under GDPR.

1. Controller

The data controller within the meaning of Article 4(7) of Regulation (EU) 2016/679 (GDPR) is Negentralgorhythms LLC, a Wyoming limited liability company (filing number 2026-001994300), represented by its Manager Albrecht Georg Linck and acting through its domestic German service-of-process representative as identified in the Impressum. Contact: contact@losuria.com.

2. Categories of Data Processed

2.1 Data we deliberately do NOT collect

No private keys, no seed phrases, no recovery hexes.
No fiat payment instruments. The Service does not operate a fiat on-ramp; users acquire crypto through their own channels.
No KYC documents.
No email addresses (other than what you may include in correspondence with contact@losuria.com).
No phone numbers.
No analytics, behavioural tracking, or cross-site identifiers. No third-party cookies. No advertising trackers.
No persistent server-side IP-address logs (HTTP access logs are discarded at the reverse proxy).

2.2 Data we do collect or process

Category	Purpose	Retention	Legal basis
WebAuthn public credential identifier (per-account)	Authentication; lets you log in again after sign-out	Until you delete the account	Art. 6(1)(b) GDPR (contract performance)
Username / handle (chosen by you)	Disambiguating your account	Until you delete the account	Art. 6(1)(b) GDPR
Snipe orders, limit orders, fills (in-memory)	Operating your opt-in trading automation	Process lifetime; lost on restart	Art. 6(1)(b) GDPR
Ephemeral session keys (in-memory)	Signing autonomous snipe trades within your cap	Until expiry, disarm, or restart	Art. 6(1)(b) GDPR
Wallet addresses (EOA, Smart Wallet) you transmit to us	Read-only on-chain queries (balances, allowances, ENS)	Not persisted; queried per request	Art. 6(1)(b) GDPR
Web Push subscription endpoint + p256dh + auth keys	Delivering opt-in notifications when snipe fills, anti-rug fires, or limit orders trigger	Until process restart or you revoke push permission	Art. 6(1)(a) GDPR (consent)
Optional Telegram numeric user ID (only if you use the bot)	Allowlisting bot users; correspondence with the bot	Until you ask us to forget it	Art. 6(1)(b) GDPR
Operational metrics (request counts, latencies, error counters; aggregated)	Service health monitoring	~24 hours	Art. 6(1)(f) GDPR (legitimate interest)
Email correspondence with contact@losuria.com	Handling legally required notices (GDPR data-subject requests, sanctions enquiries, regulatory correspondence, contractual notices). Not a general support channel.	Until the matter is closed plus statutory retention obligations (typically 6 years for tax-related correspondence under § 147 AO)	Art. 6(1)(b) and 6(1)(c) GDPR

2.3 Public on-chain data

The blockchains supported by the Service are public. Wallet addresses, balances, transactions, and contract interactions associated with addresses you derive through LOSURIA are visible to anyone in perpetuity. We do not control and cannot delete on-chain data.

3. Recipients / Third-Party Processors

Recipient	What is shared	Why
Push delivery services (Mozilla, Apple, Google)	Your push endpoint URL and the encrypted notification payload	Delivering opt-in push notifications
Telegram (if you choose to interact with the bot)	Your Telegram username and message content	Bot conversation; governed by Telegram's own policy
Public blockchain RPC peers	Aggregated block-retrieval traffic; no per-user identifiers	Operating local Ethereum and Base nodes

We do not "sell" personal data to any party.

4. International Transfers

The Service is hosted in Germany (Frankfurt region). Some third parties (notably the push delivery services operated by Mozilla, Apple, and Google) may process data outside the EU/EEA. Where applicable, we rely on the EU Standard Contractual Clauses or equivalent safeguards. You may request a copy of the relevant transfer mechanism from contact@losuria.com.

5. Storage and Security

Servers are operated under sole administrative control of the operator from a Frankfurt-region VPS.
All transport is TLS 1.3 only.
Authentication is via WebAuthn passkeys (FIDO2). Passwords are not used.
Application logs are written without PII; HTTP access logs at the reverse proxy are discarded.
Server-side secrets are restricted to the backend host with file-system permissions.

No system is fully secure. We cannot guarantee against breach. In the event of a personal-data breach affecting your rights or freedoms, we will notify the supervisory authority within 72 hours and you without undue delay, as required by Articles 33 and 34 GDPR.

6. Your Rights (Articles 15–22 GDPR)

You have the right to:

request access to the personal data we hold about you (Art. 15);
have inaccurate data rectified (Art. 16);
have your data erased ("right to be forgotten", Art. 17);
have processing restricted (Art. 18);
receive your data in a portable format (Art. 20);
object to processing based on legitimate interest (Art. 21);
not be subject to a decision based solely on automated processing (Art. 22). The opt-in snipe automation operates on data you actively configure; we do not profile or rank users.
withdraw a consent you have granted, at any time and without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, email contact@losuria.com with sufficient detail to identify your account (handle and/or wallet address). We respond within one month per Art. 12(3) GDPR.

Right to lodge a complaint

You may lodge a complaint with a data-protection supervisory authority. The lead authority for the operator is the Hessischer Beauftragte für Datenschutz und Informationsfreiheit (HBDI), datenschutz.hessen.de. You may also lodge complaints in the member state of your habitual residence.

7. Cookies and Local Storage

LOSURIA does not set tracking cookies. The PWA uses browser localStorage on your device to persist:

Your handle, wallet address (EOA + Smart Wallet), and recovery-hex (encrypted with a PIN you set).
Your preferences (active wallet, MEV-saved counter, last-used chain).

This data never leaves your device. It is removed when you click "Forget all wallets" in the Wallets tab or clear your browser storage.

8. Children's Data

The Service is not directed at children under 18. We do not knowingly process data from minors. If you believe we have, contact us and we will erase it.

9. Automated Decision-Making

The opt-in snipe-automation feature executes trades autonomously based on parameters you configure (target token, spend cap, slippage, time-to-live). This is not "profiling" in the sense of Art. 22 GDPR — no decisions about you as a person are produced. The only decision made is whether a configured trade matches a configured market event.

10. Changes to this Policy

We will publish changes on this page. The "Effective" date at the top reflects the most recent revision. Material changes affecting your rights will be flagged at least 14 days before they take effect, where reasonably feasible.

11. Contact for Data-Protection Requests

Data-subject requests under Articles 15–22 GDPR: contact@losuria.com. We respond within one month as required by Article 12(3) GDPR. This address is for data-subject requests only and is not a general support channel.

Back · Terms of Use · Impressum

Follow: X · @LOSURIAOFFICIAL · Farcaster · @losuria · Telegram · launches @ @LOSURIA