404

Crypto404

Address Security Scanner

Privacy Policy

Your privacy matters. Here is how Crypto404 collects, uses, and protects your data.

Effective Date: February 1, 2026

Last Updated: February 1, 2026

1. Introduction

Crypto404 ("we," "us," or "our") operates the Crypto404 blockchain address security scanner (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using Crypto404, you agree to the practices described in this policy.

2. Information We Collect

2.1 IP Address Hashing

We collect a one-way cryptographic hash of your IP address for rate limiting and abuse prevention purposes. We do not store raw IP addresses. The hashed value cannot be reversed to recover your original IP address.

2.2 Scan Data

When you submit an address for scanning, we store the scanned address, the selected blockchain, the resulting risk assessment, and a timestamp. This data is used to maintain scan history, generate aggregate statistics, and improve our threat detection capabilities.

2.3 Private Key and Seed Phrase Handling

If you use the seed phrase or private key scanning feature, all key derivation and address generation is performed locally on our server during your request. We store the raw input to enable scan history lookups. We strongly recommend users understand this before submitting sensitive key material. No private keys are ever transmitted to third-party services.

2.4 No Tracking Cookies

Crypto404 does not use cookies for tracking, advertising, or analytics purposes. We may use essential cookies strictly necessary for the operation of the Service, such as session management.

3. Data Retention

We retain scan data as follows:

  • Scan results: Retained indefinitely to power aggregate statistics and threat intelligence.
  • IP hashes: Retained for up to 90 days for rate limiting purposes, then automatically purged.
  • Community reports: Retained indefinitely as part of our threat intelligence database.
  • Daily statistics: Aggregated and anonymized; retained indefinitely.

4. Third-Party Services

During a scan, we may query the following third-party services on your behalf:

OFAC SDN List (U.S. Treasury)

We fetch the OFAC Specially Designated Nationals list from a public GitHub mirror. The scanned address is checked locally against this cached list. No address data is sent to the U.S. Treasury or any government endpoint.

ChainAbuse API

If configured, we query the ChainAbuse API with the scanned address to check for crowdsourced scam reports. The address being scanned is sent to ChainAbuse as part of this query. ChainAbuse has its own privacy policy governing how they handle this data. This integration is optional and may not be active on all deployments.

5. How We Use Your Information

  • To provide and maintain the scanning Service
  • To enforce rate limits and prevent abuse
  • To generate aggregate, anonymized statistics about scan activity
  • To improve our threat detection algorithms and pattern analysis
  • To respond to security incidents and user reports

6. Your Rights (GDPR and International Users)

If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with applicable data protection laws, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure: Request deletion of your personal data, subject to legitimate retention needs.
  • Right to Restrict Processing: Request that we limit how we use your data.
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Object: Object to processing of your data for certain purposes.

To exercise any of these rights, please contact us at support@crypto404.com. We will respond to your request within 30 days.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), secure database storage, and access controls. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Children's Privacy

Our Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us so we can take appropriate action.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: support@crypto404.com

Security Issues: security@crypto404.com

Terms of Service|Disclaimer|Contact Us