AtlasGraph

Privacy Policy

Last updated: 2026-02-15

1. Introduction & Data Controller

Atlas Graph ("we," "our," or "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our smart contract dependency analysis platform (the "Service").

Data Controller: Limbic Node is the data controller responsible for your personal data. For data protection inquiries, contact us at contact@limbicnode.com.

2. Information We Collect

2.1 Information You Provide

  • Wallet Address: When you connect your wallet for authentication
  • Payment Information: Transaction details when making x402 payments
  • Communications: Information you provide when contacting us

2.2 Automatically Collected Information

  • Usage Data: API calls, endpoints accessed, timestamps
  • Device Information: Browser type, operating system
  • Log Data: IP address, access times, pages viewed

2.3 Blockchain Data

We analyze publicly available blockchain data including smart contract bytecode, transaction traces, and on-chain events. This data is public by nature and not collected from you personally.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Provide, operate, and maintain the Service
  • Process payments and track usage
  • Authenticate your identity via wallet signature
  • Monitor and analyze usage patterns to improve the Service
  • Detect and prevent fraud or abuse
  • Communicate with you about updates or support
  • Comply with legal obligations

4. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR) and similar laws, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide the Service you requested (authentication, API access, payment processing)
  • Legitimate Interests: Processing for our legitimate business interests, such as improving the Service, analytics, and fraud prevention, where these interests are not overridden by your rights
  • Legal Obligation: Processing required to comply with applicable laws (e.g., maintaining payment records for tax purposes)
  • Consent: Where required, we obtain your consent for specific processing activities such as non-essential cookies. You may withdraw consent at any time without affecting the lawfulness of prior processing

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: Third-party services that help us operate (cloud hosting, payment facilitators)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Third-Party Services

Our Service integrates with third-party services:

  • Coinbase CDP (x402 Facilitator): Processes on-chain payments on your behalf via the x402 protocol (Privacy Policy)
  • Google Cloud Platform: Hosts our Service and stores data (Privacy Notice)
  • Blockchain Networks: Public networks where transactions are recorded (data is publicly accessible by design)

7. Cookies and Tracking

We use cookies and similar technologies. These are categorized as:

Essential Cookies (Required)

These cookies are necessary for the Service to function and cannot be disabled:

  • Authentication: Session cookies to keep you signed in
  • Security: CSRF protection and secure session management

Optional Cookies (Consent Required)

These cookies require your consent and can be disabled:

  • Analytics: Help us understand how users interact with the Service
  • Preferences: Remember your settings and preferences

You can manage cookie preferences through your browser settings or our cookie banner. Disabling essential cookies may prevent you from using the Service.

8. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy. Specifically:

  • Account Data: Retained while your account is active
  • Usage Data: Retained for up to 2 years for analytics
  • Payment Records: Retained as required by law (typically 7 years)

Note: Blockchain transactions are immutable and cannot be deleted from public networks.

9. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of sensitive data at rest
  • Regular security assessments
  • Access controls and authentication

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

10. Your Rights

Under GDPR and similar data protection laws, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request restriction of processing in certain circumstances
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us at contact@limbicnode.com. We will respond to your request within 30 days.

Right to Lodge a Complaint: If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

Blockchain Limitation: On-chain data cannot be modified or deleted due to blockchain immutability. This is a technical limitation of distributed ledger technology.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States where our cloud infrastructure is located.

For transfers from the European Economic Area (EEA), UK, or Switzerland, we rely on:

  • Standard Contractual Clauses (SCCs): EU-approved contractual terms that provide adequate data protection
  • Adequacy Decisions: Transfers to countries recognized by the European Commission as providing adequate protection
  • Vendor Commitments: Our service providers (e.g., Google Cloud) maintain appropriate certifications and safeguards

12. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. Our rate limiting and fraud detection systems use automated rules, but these do not make decisions about your legal rights and you can always contact us to review any automated actions.

13. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on the Service with an updated "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

contact@limbicnode.com

Terms of Service | Pricing