# Privacy Policy

Peptype ("Peptype", "we", "us", or "our") provides a browser extension and related services that turn abstract user interaction signals into in-game progression, rewards, and account functionality. This Privacy Policy explains how we collect, use, disclose, and protect information when you use the Peptype browser extension, website, and related services.

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

**Last updated: Mar 12, 2026**

### 1. Single Purpose of the Product

Peptype’s core purpose is to provide a browser-based game experience that allows users to:

* create and manage a Peptype profile
* authenticate and access their account
* generate in-game progression through abstract interaction signals
* use gameplay, reward, and account recovery features
* interact with optional wallet-related and on-chain features

We collect and use data only as reasonably necessary to provide, maintain, secure, and improve these user-facing features.

### 2. Information We Collect

#### 2.1 Information You Provide to Us

Depending on how you use Peptype, we may collect the following information:

**a. Login and account information**

* If you sign in with Google, we may receive your Google account identifier and email address.
* If you sign in with X (ex. Twitter), we may receive your X (ex. Twitter) username / handle and account identifier made available through the authentication flow.
* If you use other login methods that may be available in the product, we may receive the identifier necessary to authenticate that method.

**b. Email verification information**

* During account setup or login security flows, you may provide an email address.
* We send a one-time password / one-time verification code (OTP) to verify ownership of that email address.
* We process the OTP verification status needed to complete authentication and account protection flows.

#### 2.2 Information Collected Automatically Through Product Use

To operate gameplay and progression systems, Peptype may collect limited technical and gameplay-related data, such as:

* abstract interaction event counts
* total number of qualifying key presses
* gameplay progression data
* reward, inventory, and profile status
* device/browser technical data necessary for security, compatibility, and service delivery

#### 2.3 Important Privacy Limitation: What Peptype Does Not Collect From Typing

Peptype does not collect the actual text you type.

More specifically:

* we detect only the fact that a qualifying keyboard interaction happened
* we may count the number of qualifying key presses
* we do not read, record, log, store, or transmit the actual characters, words, messages, search queries, passwords, or other content you type
* we do not collect form contents, message contents, or the substance of text input
* we do not collect page content for gameplay purposes

Peptype uses abstract interaction signals for gameplay mechanics, not the content of your communications or text input.

#### 2.4 Browsing and Website Content

Peptype is designed to react to user interaction in order to power gameplay. However:

* we do not collect or store the content of webpages you visit
* we do not collect or store the text of forms you fill out
* we do not collect or store message contents
* we do not use page content to profile you for advertising
* we do not sell browsing data

If the extension processes interaction signals while active, that processing is limited to what is reasonably necessary to provide the user-facing gameplay features described in the product.

#### 2.5 Wallet and On-Chain Related Data

If wallet-related or blockchain features are used, Peptype may process:

* your in-extension wallet address
* linked external wallet address, if you choose to connect one
* transaction status and on-chain activity necessary to support gameplay, rewards, or blockchain-enabled features

Private keys are not collected by Peptype servers.

Where the product generates a local in-extension wallet, private keys are intended to be generated locally and handled on the client side, not transmitted to us in plaintext.

### 3. How We Collect Information

We collect information through the following sources:

* directly from you during sign-up, login, verification, settings, support, or account actions
* from authentication providers such as Google or X, when you choose to sign in through them
* from the extension itself when it detects abstract interaction events needed for gameplay
* from backend systems that manage account status, progression, rewards, security, and service reliability
* from blockchain networks or infrastructure providers when you use wallet or on-chain features

### 4. How We Use Information

We use information only for disclosed, legitimate product purposes, including to:

* authenticate users and create accounts
* verify email ownership through OTP codes
* protect account security and support account recovery
* operate gameplay systems, progression, rewards, and user profile features
* count abstract interaction events required to power game mechanics
* maintain inventory, settings, and user preferences
* support wallet-related and on-chain functionality
* prevent abuse, spam, fraud, cheating, or unauthorized access
* debug issues, maintain performance
* comply with legal obligations and enforce our terms

We do not use personal data for personalized advertising.

We do not sell personal data to data brokers, advertisers, or information resellers.

We do not use user data to determine credit-worthiness or for lending-related purposes.

### 5. How We Share Information

We do not sell your personal information.

We share information only in the limited circumstances described below:

#### 5.1 Service Providers

We may share information with trusted service providers that process data on our behalf only as necessary to operate, secure, maintain, and support the Service.

These service providers may support functions such as:

* authentication
* email delivery and OTP verification
* cloud hosting and backend infrastructure
* database and storage services
* security and key-management related services
* wallet-related or blockchain infrastructure support, where applicable

These providers may access information only as necessary to perform services for us and are not permitted to use it for unrelated purposes.

Current categories of service providers may include:

* authentication providers, such as Google and X, when chosen by the user
* cloud hosting and backend infrastructure providers, including DigitalOcean Spaces, Droplets, and managed database services
* email and verification delivery providers
* security and key-management related providers, including AWS KMS for key handling
* blockchain infrastructure providers, where applicable to wallet-related or on-chain features

#### 5.2 Legal Compliance

We may disclose information if required to do so by law, regulation, legal process, or a valid governmental request.

#### 5.3 Security and Abuse Prevention

We may disclose limited data where reasonably necessary to detect, prevent, investigate, or respond to fraud, abuse, security threats, or technical issues.

### 6. What We Do Not Do With User Data

For clarity, Peptype does not:

* read or store the actual content of what you type for gameplay purposes
* collect form contents, message contents, or page content for gameplay purposes
* sell personal data
* share personal data with ad networks for personalized advertising
* transfer personal data to data brokers or other information resellers
* use collected data for unrelated hidden purposes outside the functionality described to users

### 7. Data Retention

We retain information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

* maintain your account
* provide gameplay and progression features
* support security, fraud prevention, and dispute resolution
* comply with legal obligations

In general:

* account identifiers and profile-related data may be retained while your account remains active
* verification, security, and server logs may be retained for a limited period reasonably necessary for security and operational purposes
* support communications may be retained as needed to resolve issues and maintain records
* blockchain records are public and may remain permanently available on the relevant blockchain

### 8. Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information.

These measures may include:

* encryption of personal or sensitive data in transit using secure protocols
* access controls and least-privilege internal access
* monitoring for abuse, unauthorized access, and misuse
* secure handling of authentication and verification workflows
* encryption or protected handling of sensitive wallet-related components where applicable

No system can be guaranteed to be 100% secure, but we take reasonable steps to reduce risk and improve protection.

### 9. Your Choices and Rights

Depending on your location and applicable law, you may have rights to:

* stop using the extension at any time
* remove the extension from your browser
* stop using optional login methods or linked integrations, where available

### 10. Children’s Privacy

Peptype is not intended for children under the age required by applicable law to use. We do not knowingly collect personal information from children in violation of applicable law.

If you believe a child has provided personal information to us improperly, please contact us so we can take appropriate action.

### 11. Third-Party Services and Links

Peptype may integrate with or link to third-party services, including authentication providers, wallet tools, blockchain infrastructure, and external websites.

We are not responsible for the privacy practices of third-party services. We encourage you to review the privacy policies of those providers before using them.

This includes, where applicable:

* Google
* X (ex. Twitter)
* external wallet providers
* blockchain and infrastructure providers

### 12. Google API Data and Limited Use Statement

If Peptype receives information from Google APIs or Google authentication services, the use of that information will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

We use Google-provided information only for the disclosed functionality of authentication, account access, and related user-facing product features, and not for unrelated advertising or resale purposes.

### 13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the Service, our practices, legal requirements, or security needs.

If we make material changes, we will update the "Last Updated" date.

### 14. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our data practices, contact us at:

* **Website:** <https://peptype.xyz/>
* **X (formerly Twitter):** <https://x.com/peptype_xyz>
* **Support Email:** <support@peptype.xyz>

### 15. Chrome Web Store Disclosure Alignment

This Privacy Policy is intended to work together with the disclosures provided in the Chrome Web Store listing and any in-product disclosures.

If a feature requires collection or handling of personal or sensitive data beyond what is closely related to the functionality described to users, Peptype will provide appropriate in-product disclosure and obtain consent where required.