Privacy Policy
At SHIELD CryptoGuard, operated by Edutech Wise FZCO (UAE), we treat the privacy of our users as a foundational principle — not a legal formality. We are aware that the people who use a Web3 security tool are precisely the people who understand the value of sovereignty over their own data. For this reason, we have structured our data practices around a single rule: we collect only what is strictly necessary to deliver the Service, and nothing more. We do not sell, rent, or trade your personal information to any third party for commercial gain. We do not build advertising profiles. We do not monetize your behavior. Your data exists in our systems to protect you — and for no other purpose.
We also want to be direct about something that few companies acknowledge openly: SHIELD CryptoGuard is a beta product, still under active development, and it operates at the intersection of browser activity and public blockchain networks. This means that not every aspect of data flow is fully within our control. When you interact with Web3 protocols — decentralized exchanges, smart contracts, NFT platforms, wallet connections — those interactions occur on public blockchain infrastructure that is, by its nature, transparent, permissionless, and outside the reach of any single company, including ours. We cannot modify, erase, or restrict what is written to a public ledger. We can only be honest about it, which is what this policy is for.
As a beta-stage product, SHIELD CryptoGuard may undergo significant changes to its architecture, data handling mechanisms, and feature set over time. Practices described in this policy reflect our current state and may be updated as the product matures. We will notify users of material changes by updating the "Last Updated" date above and, where feasible, through in-extension notices.
Furthermore, on-chain data — including your wallet address and any transaction you broadcast to a public blockchain — is permanently and publicly visible to anyone, by design. SHIELD CryptoGuard reads portions of this data to deliver its threat assessments, but we do not control the underlying protocols, cannot delete blockchain records, and are not responsible for the inherent transparency of decentralized networks.
This Privacy Policy ("Policy") describes how Edutech Wise FZCO, incorporated under the laws of the United Arab Emirates and operating the SHIELD CryptoGuard browser extension and website at cryptoguard.site ("we", "us", "our"), collects, uses, stores, and protects information in connection with your use of the Service.
This Policy applies to information collected through the SHIELD CryptoGuard browser extension, the cryptoguard.site website, our backend APIs, and any communications between you and us. It does not apply to third-party websites, blockchain protocols, or services that may be linked to or referenced by the extension.
By using SHIELD CryptoGuard, you acknowledge that you have read and understood this Policy. If you do not agree with these practices, please discontinue use of the Service.
We operate on a minimal data collection philosophy. Depending on how you interact with SHIELD CryptoGuard, we may collect the following categories of information:
- Account & subscription data: If you subscribe to the PRO plan, Stripe processes your payment. We receive only a confirmation of subscription status and a masked billing reference. We do not store your full card number or banking details in our systems.
- Email address: Collected only if you sign up for updates, support requests, or subscription management. Used exclusively for service communications. Never shared with third parties for marketing purposes.
- Extension usage signals: Anonymized, aggregated data about which threat categories are triggered (e.g., how many phishing alerts were generated) may be logged to improve detection accuracy. This data is not linked to your identity.
- Public wallet addresses: When you interact with a Web3 site while the extension is active, SHIELD CryptoGuard may read your publicly visible wallet address to perform threat assessments. This address is queried against security APIs (such as GoPlus Security) but is not stored persistently in our databases.
- URLs and smart contract addresses: The extension analyzes URLs and contract addresses you encounter to detect threats in real time. These are processed transiently for threat evaluation and are not retained as personally identifiable records.
- Technical metadata: Standard server logs may capture your IP address, browser type, and access timestamps when you interact with our backend API. This is used solely for security monitoring and abuse prevention, and is retained for a limited period.
We do not collect government-issued identification, social security numbers, biometric data, or any sensitive personal data beyond what is described above.
Every piece of information we collect serves a specific, limited purpose. We use your data exclusively to:
- Deliver real-time threat detection and security assessments within the extension;
- Manage your subscription and provide access to PRO features;
- Respond to support requests and resolve technical issues;
- Detect and prevent abuse, fraud, or misuse of the Service;
- Improve the accuracy and coverage of our threat detection systems using aggregated, anonymized signals;
- Comply with applicable legal obligations under UAE law.
We do not use your data to build advertising profiles, serve targeted ads, or sell behavioral data to data brokers or marketing companies under any circumstances.
SHIELD CryptoGuard is designed to protect you within the Web3 environment. However, the decentralized, public nature of blockchain networks means that certain data flows are entirely outside our control.
Specifically, you should be aware that:
- All transactions you broadcast to a public blockchain (Ethereum, BNB Chain, Polygon, etc.) are permanently and publicly recorded and cannot be deleted, modified, or erased by SHIELD CryptoGuard or any other party;
- Your wallet address, transaction history, token balances, and smart contract interactions are visible to anyone with access to a blockchain explorer;
- Third-party security APIs we query (such as GoPlus Security, PhishFort, or CryptoScamDB) to perform threat analysis operate under their own privacy policies, which we encourage you to review;
- DeFi protocols, NFT platforms, and decentralized applications you interact with while using our extension are independent services with their own data practices, which are not governed by this Policy.
We read publicly available on-chain data to provide threat intelligence. We do not claim ownership of, and cannot delete, any information that exists natively on public blockchain networks.
We do not sell your personal information. We do not share your data with third parties for advertising, marketing, or commercial profiling purposes. Limited data sharing occurs only in the following strictly necessary circumstances:
- Stripe: Processes subscription payments. Operates under its own PCI-DSS compliant privacy framework. We receive only transaction confirmation and subscription status.
- Security API providers (e.g., GoPlus Security, PhishFort, CryptoScamDB): Receive wallet addresses and contract addresses for threat analysis queries. These queries are necessary to deliver the core functionality of the extension.
- Infrastructure providers: Our backend runs on Railway (hosting). Standard infrastructure providers may process technical metadata as part of service delivery.
- Legal requirements: We may disclose information if required to do so by a valid legal order, court ruling, or regulatory obligation under applicable UAE law or international legal cooperation frameworks. We will notify you where legally permissible.
No data is shared with project teams, advertisers, data brokers, or any party not listed above.
We retain personal information only for as long as necessary to fulfill the purposes described in this Policy, or as required by applicable law. Specifically:
- Subscription and billing records are retained for the duration of your active subscription plus any period required for legal and accounting compliance;
- Email addresses for support communications are retained until you request deletion or your account is closed;
- Technical server logs are retained for a maximum of 90 days for security monitoring purposes, after which they are purged;
- Threat analysis queries (URLs, wallet addresses passed to security APIs) are processed transiently and not retained in persistent storage on our systems.
Upon request, we will delete your personal information from our systems within a reasonable timeframe, subject to any legal retention obligations.
The SHIELD CryptoGuard website (cryptoguard.site) uses minimal tracking. We do not deploy advertising tracking pixels, behavioral analytics networks, or third-party retargeting cookies. The website may use:
- Strictly necessary cookies: Required for basic website functionality and session management;
- Analytics: If basic, privacy-respecting analytics are used to understand traffic patterns, data is aggregated and anonymized and is not linked to individual users.
The SHIELD CryptoGuard browser extension itself does not set cookies on the websites you visit. It reads page content and network requests solely to perform security analysis.
We implement reasonable technical and organizational measures to protect personal information against unauthorized access, loss, alteration, and disclosure. These include encrypted communications (HTTPS/TLS), access controls on our backend systems, and limited personnel access to user data.
However, no security system is impenetrable. As a beta product, SHIELD CryptoGuard may have limitations in its security architecture that are actively being addressed. We are transparent about this reality. You are responsible for maintaining the security of your own wallet credentials, seed phrases, and private keys — SHIELD CryptoGuard does not and will never request access to these.
Subject to applicable law, you have the right to:
- Request access to the personal information we hold about you;
- Request correction of inaccurate or incomplete data;
- Request deletion of your personal data from our systems (subject to legal retention obligations);
- Withdraw consent to any processing based on your consent at any time;
- Object to certain types of data processing.
To exercise any of these rights, contact us via the information in Section 11 below. We will respond within a reasonable timeframe and may need to verify your identity before processing your request. Note that rights regarding data recorded on public blockchains cannot be fulfilled, as that data is beyond our control by design.
SHIELD CryptoGuard is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us immediately and we will take reasonable steps to remove it from our systems.
As SHIELD CryptoGuard evolves from beta toward a mature product, this Policy will be updated to reflect changes in our data practices, legal requirements, or product functionality. We will update the "Last Updated" date at the top of this page whenever changes are made. Continued use of the Service following any update constitutes acceptance of the revised Policy.
For material changes that significantly affect your privacy rights, we will make reasonable efforts to provide advance notice through the extension or website.
For any questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact:
Edutech Wise FZCO
Operating as: SHIELD CryptoGuard — Web3 Antivirus
Jurisdiction: United Arab Emirates
Website: cryptoguard.site
We are committed to resolving privacy concerns promptly and transparently.