Privacy Policy

Solaris AI Flow is a Web3 workflow automation platform with AI, integrations, marketplace features, and wallet-connected functionality. The Service is built around wallet-based authentication and does not require you to provide a real name, email, or other personal identification to use it.

To run, the Service needs to process some technical data (such as wallet addresses, workflow content, and basic diagnostics) and may pass data through third-party providers you choose to interact with. The exact data involved depends on how you use the Service.

Because the Service is made available by independent contributors rather than by a single incorporated entity, it is not set up to act as a regulated enterprise data-processing counterparty. Some information is processed directly through the Service, while other information is processed by upstream providers that support authentication, hosting, analytics, blockchain infrastructure, or integrations you choose to connect. Each provider handles its own systems under its own terms and privacy policy. For information directly controlled through the Service, we review reasonable requests in good faith and act where technically feasible.

The Service handles the following categories of data. Most of it is technical rather than personal, and the Service is designed to avoid asking you for personal information.

• Wallet and on-chain data: public wallet addresses, on-chain transaction hashes, payment status, and marketplace transaction records. This is the primary identifier used by the Service.
• Auth-provider data: whatever identifiers your authentication provider (such as Privy) chooses to expose to the Service for the login methods you use. If you log in with a wallet only, this is generally just a wallet address. If you choose to link an email or social login, that provider may also pass an email or basic profile information.
• Workflow and content data: workflow definitions, prompts, uploaded content, configuration values, execution logs, template data, marketplace listing content, and related metadata.
• Credentials and integration data: credentials metadata, connected service details, webhook configuration, and other data necessary to run integrations you add. Sensitive credentials are stored in encrypted form.
• Usage and device data: pages viewed, features used, browser type, device type, IP address, approximate location derived from IP, timestamps, referrer data, and diagnostic or error information.
• Cookies and local data: cookies, analytics identifiers, local storage values, session data, and UI preference data used to keep the product working and remember settings.
• Voluntary communications: any information you choose to send by email or through community channels. We ask you not to send personal information unless it is necessary to resolve a specific issue.

We use information we collect to:

• provide, operate, maintain, and improve the Service;
• authenticate users and manage accounts, wallets, and sessions;
• run workflows, integrations, marketplace actions, and payments;
• store and display workflow history, logs, and purchased assets;
• prevent abuse, fraud, unauthorized access, and security incidents;
• debug errors, monitor performance, and understand product usage;
• communicate with you about product updates, billing, support, or security matters;
• comply with legal obligations and enforce our Terms.

Where required by law, we rely on a legal basis such as contract performance, legitimate interests, consent, or legal compliance.

We do not sell your personal data for money. We also do not knowingly share personal data for cross-context behavioral advertising. If this changes, we will update this Policy and provide any required choices.

We may share information with:

• Infrastructure and hosting providers, including providers used to run the web app and backend services.
• Authentication and wallet providers, such as Privy, to support sign-in, wallet linking, and transaction flows.
• Backend and database providers, such as Convex, to store and deliver application data.
• Analytics providers, such as Vercel Analytics and, where enabled, PostHog, to understand product usage and improve the Service.
• Blockchain infrastructure and third-party integrations, when needed to execute on-chain actions, payments, or the integrations you choose to connect.
• Legal or compliance recipients, if required by law, regulation, court order, or to protect rights, safety, or the Service.

If you choose to connect third-party services, send workflow data to integrations, or publish content in the marketplace, the information involved may be shared with those recipients as part of the functionality you asked us to perform.

Our current infrastructure and analytics providers may include Privy, Convex, Vercel, PostHog, blockchain RPC providers, AI model providers, and other integrations selected by you or enabled by the Service. This list may change as the Service evolves.

We keep personal data for as long as reasonably necessary to provide the Service, maintain security, keep required business records, resolve disputes, and comply with legal obligations.

• Account and workflow data are generally kept while your account remains active.
• Execution logs and workflow run data may be retained for a limited operational period unless you delete them earlier through the dashboard or unless longer retention is needed for security, abuse prevention, billing, dispute resolution, or legal compliance.
• Diagnostics and support records may be retained for operational and security purposes.
• Billing, subscription, payment, and marketplace records may be retained longer for accounting, fraud prevention, and compliance needs.
• If you request deletion, we may delete or anonymize certain data, but some records may be retained where necessary for legitimate or legal reasons.

Because the Service is built around wallet-based identity and deliberately minimizes personal information, some privacy requests may require technical verification, such as confirming wallet ownership or identifying the relevant workflow, credential, or execution record. You can also control much of your data directly from the dashboard.

In the dashboard: you can delete workflows, clear execution history, remove stored credentials, manage marketplace listings, and disconnect integrations. Disconnecting your wallet and stopping use of the Service is the most complete way to end your interaction with it.

Marketplace purchases: When you buy a workflow in the marketplace you receive an editable copy that runs under your own account and configuration. The original creator does not gain ongoing access to data you process with that workflow.

Upstream providers: For data held by upstream providers (for example, your authentication provider, blockchain RPC providers, or any integrations you connect), those providers act as your counterparties for any data-access, correction, or deletion requests. Refer to their own policies and contact channels.

If you have questions, contact us at contact@solarisai.io. Because the Service holds limited personal data and depends heavily on upstream providers, we cannot guarantee a specific regulatory response, but we will review reasonable requests in good faith and act on them where technically feasible.

We use cookies and similar technologies for a few different reasons:

• Essential cookies and session tools: used for login flows, session continuity, fraud prevention, and core application functionality.
• Preferences and local storage: used to remember UI state, layout choices, and other product preferences.
• Analytics technologies: used to understand traffic, feature usage, and product performance.

You can usually control cookies through your browser settings. Blocking some cookies may affect how the Service works.

We use reasonable administrative, technical, and organizational safeguards designed to protect information. These may include encryption, access controls, secure infrastructure, and monitoring.

No method of transmission or storage is completely secure. You are also responsible for protecting your devices, wallet credentials, API keys, and account access.

If you use wallet-connected or on-chain features, some data is inherently public by design. Public wallet addresses, transaction hashes, token transfers, and other blockchain data may be visible to anyone and may remain publicly accessible even if you close your account.

We cannot delete or change information that has already been written to a public blockchain.

The Service may be operated using providers located in different countries. As a result, your information may be processed or stored outside your home jurisdiction. By using the Service, you understand that information may be transferred internationally, subject to applicable legal requirements.

Solaris AI Flow is not intended for children. We do not knowingly collect personal data from children under the age required to lawfully use the Service in their jurisdiction. If you believe a child has provided personal data to us, contact us and we will investigate.

The Service displays and connects to third-party content, including integration interfaces, external protocol data, marketplace listings published by other users, AI model outputs from third-party providers, and links to external services. We are not responsible for the privacy practices of third parties.

When you connect integrations or execute workflows that send data to external services, those services handle your data according to their own terms and privacy policies.

Solaris AI Flow is not operated by a single incorporated legal entity and does not offer regulated enterprise data-processing commitments. The Service is designed to minimize personal information and to rely on wallet-based authentication where possible.

To the extent privacy or data-access requests relate to information held by upstream providers, such as authentication, hosting, analytics, RPC, or connected integration providers, those providers remain responsible for their own systems and policies and are the appropriate contact for requests about that data.

For information directly controlled through the Service, such as workflows, execution history, connected integration settings, and marketplace records, we will review reasonable requests in good faith and act on them where technically feasible.

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice by updating this page, publishing in-product notice, or contacting you where appropriate.

Your continued use of the Service after an updated policy becomes effective means the new policy will apply going forward.

For questions, privacy requests, or complaints about this Privacy Policy, contact us at contact@solarisai.io. If relevant, include your account email, wallet address, workflow ID, or a short description of your request.