Legal

Privacy Policy

Last updated: January 2026

Quilvion is designed with privacy at its core. Your wallet is your identity — we collect only what is necessary to operate a secure, fair, and decentralized commerce protocol.

1. Overview

Quilvion is built on a privacy-first, wallet-native identity model. Unlike traditional e-commerce platforms, Quilvion does not require you to create an account, provide an email address, or share personal information to browse or transact on the marketplace. Your wallet address is your identity.

2. Information We Collect

On-Chain Data: All blockchain interactions — including wallet addresses, transaction hashes, escrow events, and reputation scores — are recorded publicly on the respective blockchain (Sui, Ethereum, Solana, or Aptos). This data is inherently public and not controlled by Quilvion. Off-Chain Data (PostgreSQL): Quilvion's backend stores marketplace metadata including product listings, merchant profiles, order metadata, and AI-generated content. This data is necessary to operate the marketplace and is stored securely on Neon PostgreSQL infrastructure. Product Images: Uploaded product images are stored via Cloudinary CDN. Images are processed and delivered through Cloudinary's global infrastructure. AI Interaction Data: When you use the AI Buyer Assistant or other LLM-powered features, your queries are processed by Groq's LLaMA 3.3 70B model. Quilvion does not permanently store individual AI conversation logs beyond what is needed for fraud analysis.

3. How We Use Your Information

We use collected data to: operate the marketplace and process transactions; perform real-time fraud analysis via our XGBoost ML engine; generate AI-assisted dispute summaries and merchant risk profiles; maintain buyer reputation and XP tier systems; improve platform security and detect suspicious behavior; and comply with applicable legal obligations.

4. Fraud Detection & AI Analysis

Every transaction on Quilvion is analyzed by our AI fraud detection engine. This analysis uses wallet age, transaction history, order value, and behavioral signals to assign a risk score. This process is automatic and is designed to protect both buyers and merchants. High-risk transactions may be blocked without prior notice. You may contact us to appeal a blocked transaction.

5. Data Sharing

Quilvion does not sell your data to third parties. We share data only with: blockchain networks (inherently public); Groq API for LLM processing; Cloudinary for image hosting; Neon for database infrastructure. All third-party providers are required to handle data in accordance with applicable privacy laws.

6. Sensitive Information

If a transaction requires sharing sensitive information such as shipping addresses or contact details, this information is shared only between buyer and merchant and only for the duration necessary to fulfill the order. You may request removal of such information after order completion by contacting us through GitHub or LinkedIn.

7. Wallet Privacy

Quilvion does not associate your wallet address with your real-world identity unless you voluntarily provide that information. Your wallet history on public blockchains is publicly visible by design — this is a property of blockchain infrastructure, not Quilvion's data practices. We recommend using a wallet address you are comfortable making public.

8. Cookies & Tracking

Quilvion uses minimal client-side storage (session data, wallet connection state) to provide a functional experience. We do not use third-party advertising trackers, social media pixels, or behavioral analytics services that profile users for advertising purposes.

9. Data Retention

On-chain data is permanent by the nature of blockchain. Off-chain marketplace data is retained as long as your merchant profile or order history is active on the platform. You may request deletion of off-chain data by contacting us — however, on-chain records cannot be deleted.

10. Security

Quilvion employs smart contract role-based access control, treasury isolation, and spend-limit enforcement to protect on-chain assets. Off-chain data is stored in encrypted cloud infrastructure. Admin routes are protected by secret-key authentication. Despite these measures, no system is perfectly secure — users should exercise caution and never share private keys.

11. Testnet Notice

Quilvion is currently operating on testnet environments. Data collected during the testnet phase may be reset, deleted, or migrated without notice upon mainnet launch. Do not share real personal or financial information during the testnet phase.

12. Changes to This Policy

We may update this Privacy Policy as the platform evolves. Material changes will be communicated through the platform interface. Continued use after updates constitutes acceptance of the revised policy.

13. Contact

For privacy inquiries or data deletion requests, please contact us via the GitHub repository at github.com/Outlier1217/quilvion-multichain-testnet or reach out to the developer at linkedin.com/in/mustak1217.