Privacy notice.
What we collect, why, and the levers you can pull. No marketing tracking on this site, and the API only stores what your account explicitly retains.
Who we are
TxShield is operated by Grundlabs (Inh. Hakob Chobanyan), Berlin. We are the data processor for transaction-simulation requests; the API customer who submits a transaction is the data controller for any of their users' data.
What we collect
This split is deliberate — the public marketing site and the API are very different surfaces.
On txshield.dev (this website)
- No analytics. No Google Analytics, no Plausible, no third-party tracking pixels.
- One localStorage entry —
txshield-landing-theme— to remember your light/dark preference. You can clear it any time from your browser. - Server access logs retained 14 days for ops/security: IP, user-agent, requested path, status code. Not joined to anything else.
On the API (api/v1/sol/tx/simulate and friends)
- The transaction body you submit. Stored under your account for the configured retention window (Pro: 90 days, Enterprise: configurable up to 7 years).
- The verdict we returned, plus the per-vector breakdown.
- Latency, region, plan tier — operational metrics, not personal data.
- API-key fingerprint (HMAC-SHA256, never the key itself).
What we use it for
- Running the service — returning a verdict to your call.
- Debugging your support requests — when you quote a
sim_idwe look it up. - Improving detection vectors — aggregate, anonymised analysis of which vector caught what. Never per-customer or per-end-user.
- Billing — counting calls against your plan limits.
We do not sell, trade, or share data with marketing partners. We don't send promotional email to API users; transactional email only (key rotation reminders, billing notices, incident notifications).
Your rights (GDPR)
- Access — full data export from the dashboard at any time.
- Erasure — delete your account and we purge within 30 days; backup tail-off may extend to 6 months.
- Rectification — edit profile data from the dashboard.
- Portability — exports are JSON, importable elsewhere.
- Objection / restriction — email privacy@txshield.dev.
You can also lodge a complaint with a supervisory authority. The competent authority for Grundlabs is the Berliner Beauftragte für Datenschutz und Informationsfreiheit.
Cookies
None. We use a single localStorage key for the theme preference, which is stored on your device and never transmitted to us. No tracking cookies, no consent banner needed.
Contact
- Privacy questions
- privacy@txshield.dev
- DPA / contract
- hello@txshield.dev
- Postal
- Grundlabs, Inh. Hakob Chobanyan · c/o Hakob Chobanyan · Berlin (full address on invoices)
Last updated 2026‑05‑06. We notify customers in-product and by email at least 30 days before any material change.