Privacy Policy

Last updated: June 5, 2025

This Privacy Policy describes how Hyperflow Finance (“we”, “our”, or “us”) collects, uses, and shares information when you connect to our RPC endpoint (currently hosted on AWS) or otherwise interact with our services. By using our RPC or visiting hyperflow.finance, you consent to the practices described below.

1. Information We Collect

• Usage Logs: When you make JSON-RPC calls to our endpoint, we log metadata such as your IP address, timestamp, method invoked, and RPC request payload (truncated). These logs help us monitor abuse, diagnose issues, and maintain service stability.
• Network Metrics: We may collect aggregate analytics (e.g. number of requests per minute) to understand traffic patterns. This data is anonymized and never tied back to individual users.
• Cookies and Tracking: At this stage, we do not serve any website beyond this privacy page—no cookies or third-party trackers are active. If/when a full website is launched, we will update this policy accordingly.

2. How We Use Your Information

• Service Provision: Log data is used strictly to keep the RPC endpoint running smoothly, troubleshoot downtime, and implement rate-limiting or DDoS protection as needed.
• Security: IP logs and request metadata help us detect malicious activity (e.g., spam, abuse, or excessive requests) and block offenders.
• Improvements: Aggregate, anonymized metrics let us optimize performance, plan capacity, and decide when to scale or add new regions.

3. Information Sharing & Disclosure

• Service Providers: We may share log data and metrics with AWS (our hosting provider) and any third-party monitoring tools we explicitly choose (e.g., analytics dashboards). These providers are contractually prohibited from using data for any purpose other than service improvement and uptime monitoring on our behalf.
• Legal Compliance: We will disclose your data if required by law (e.g., subpoena, court order) or to respond to claims that your use of the service violates the rights of others.
• Business Transfers: If Hyperflow Finance is acquired or merges with another entity, log data and user metadata may be transferred to the new owner—but only under confidentiality agreements that preserve user privacy.

4. Data Retention

We retain raw RPC logs (IP addresses, timestamps, method calls) for up to 90 days to ensure we can investigate incidents. After 90 days, raw logs are purged automatically. Aggregate statistics (e.g., hourly request counts) are kept indefinitely in anonymized form.

5. Security

We follow industry best practices for securing our AWS infrastructure:

• All servers run minimal, hardened Linux builds with auto-applied security patches.
• Access to log storage is limited to our DevOps team over MFA-protected SSH.
• Backups of anonymized metrics are encrypted at rest (AES-256) and in transit (TLS 1.2+).

6. Your Choices

• Opt-Out of Logging: Since our RPC is publicly accessible, you cannot “opt out” of server logs entirely. If you wish to avoid server-side logging, you would need to run your own full node instead of relying on our hosted RPC.
• Contact Us: If you believe we have inaccurate data about your use or have any privacy concerns, email us at privacy@hyperflow.finance.

7. Changes to This Policy

We may update this Privacy Policy over time. The “Last updated” date at the top will always reflect when changes take effect. If material changes are made, we will post a notice on this page or (when we launch a full site) via a banner on hyperflow.finance.

8. Contact Information

If you have any questions about this Privacy Policy, please contact:

Hyperflow Finance
Email: privacy@hyperflow.finance