Privacy notice

Last updated: 2026-05-08

Short version: we do not collect any personal data through this website. No analytics, no cookies, no IP logging, no off-chain database. The only place where anything related to you may be recorded is the public Base blockchain, when you yourself sign and submit a transaction.

1. What this website does

This website is a non-commercial informational interface for the open-source Onepot smart contract. It serves static and read-only content. It does not maintain user accounts, sessions, or any server-side state about visitors.

2. What we do not collect

We do not run any web analytics service (no Google Analytics, no Hotjar, no Plausible, no Vercel Analytics).
We do not log IP addresses on our servers.
We do not set tracking cookies. The only cookies that may be present are technically required by the framework rendering this page; they expire automatically and are not used to identify or track you.
We do not maintain any database of visitors, depositors, wallet addresses, or any other identifier.
We do not sell, share, transfer, or disclose anything about you to anyone, because we have nothing to sell, share, transfer, or disclose.

3. The risk-acknowledgment signature (when the contract is live)

Once the smart contract is deployed, depositing into the contract will require you to sign a short risk-acknowledgment message with your own wallet. This signature, together with your wallet address and the timestamp of the signing, is included on-chain as part of your deposit transaction.

The contributors of this project do not collect, store, log, or transmit this signature to any off-chain destination. The signature lives entirely on the Base blockchain in the public event logs of the Onepot contract. To retrieve or verify your own acknowledgment, query the public Base blockchain directly via any block explorer (e.g. basescan.org).

Because the signature is recorded by your own transaction and lives only on-chain, the contributors are not a controller, processor, or recipient of this data within the meaning of the GDPR or analogous regimes.

4. External services this website may load

The website loads a small number of external resources to render properly:

Google Fonts (`fonts.googleapis.com`, `fonts.gstatic.com`) for typography. Google may log requests to these endpoints under its own privacy policy. We do not control this; if you object, install a font-blocker or local-fonts extension.
Base / Ethereum RPC endpoints when you connect your wallet. Your wallet provider (MetaMask, Rabby, Coinbase Wallet, etc.) sends RPC requests to its configured provider. We do not operate these endpoints or see this traffic.
The public Megapot Data API (`api.megapot.io`) is queried server-side by our `/api/megapot/jackpot` endpoint to display the live Megapot jackpot value. The requests are made from our server to Megapot, not from your browser to Megapot, so your IP is not exposed to Megapot through the site. Megapot may apply its own logging to the requests it receives from our server under its own policy.
WalletConnect / Reown infrastructure may be contacted by your wallet when you connect. These services are operated by third parties under their own privacy policies; we do not see or store any data they handle.

5. Hosting and logs

This website is hosted on Vercel. Vercel may, by default, generate request-level edge logs that include IP addresses. These logs are short-lived, accessed only by us for debugging when the site malfunctions, and never exported, analysed, or shared with any third party. We do not retain a copy of these logs after they expire.

6. Changes

If we ever begin collecting any data — analytics, accounts, cookies, anything — this notice will be updated to disclose exactly what, why, and how to opt out. We will not change this practice silently.

7. Contact

Questions about privacy can be raised by opening an issue on the frontend repository. There is no other contact channel we operate for this site.

See also the About, Risks, and Terms pages.