← Home

Privacy Policy

Last updated: May 27, 2026

1. What we collect

HyperTap is non-custodial — we never see your seed phrase or private keys. We do receive: (a) your master wallet address when you sign in with Ethereum (SIWE); (b) the public address of the trading key your master wallet approves; (c) a device identifier we generate locally for install attribution; (d) an Expo push token if you grant notification permission; (e) order metadata (asset, side, size, price) when you submit a trade so we can relay it to Hyperliquid and persist bracket-order linkages; (f) preferences you set in Settings.

2. What we do not collect

We do not collect your name, email, phone number, geolocation beyond the country level (used for legal geofencing), browsing history outside the App, or any data from third-party apps. We do not sell or share personal data with advertisers.

3. Why we collect it

To authenticate you, relay your signed orders to Hyperliquid, deliver alerts and fill notifications, calculate and pay referral fees, and meet legal obligations (sanctions screening, age verification).

4. Where it lives

User records, sessions, bracket-order linkages, alerts, push tokens, and referral attributions live in our managed Postgres database. Live price data is cached in Redis. Aggregate logs are retained for 30 days for debugging and abuse detection. Your trading-key private key never leaves your device.

5. Third parties

Hyperliquid (your signed orders go directly to api.hyperliquid.xyz). WalletConnect / Reown AppKit (wallet connection protocol). Expo Push (notification delivery via APNs / FCM). Apple App Store + Google Play (distribution + crash reports per their own policies). We do not use third-party analytics, advertising networks, or session-replay tools.

6. Your rights

You can revoke your trading key, sign out, and delete your local data at any time from Settings. To request deletion of server-side records, email privacy@gethypertap.com; we'll respond within 30 days. We retain the minimum data necessary to comply with regulatory requirements (notably referral payouts and audit logs).

7. Security

All traffic is TLS-encrypted. Sessions are signed with HMAC and rotated every 30 days. Trading-key private keys are stored in iOS Keychain / Android Keystore behind biometric authentication. We do not store master wallet private keys at any point.

8. Children

HyperTap is not directed to children under 18. We do not knowingly collect data from anyone under 18.

9. Changes

We may update this policy from time to time. Material changes will be surfaced in-app before they take effect.

10. Contact

Privacy questions: privacy@gethypertap.com.