Legal

Privacy Policy

This Privacy Policy explains how Chroma LLC (“Chroma”, “we”, “us”) handles information when you use the Chroma interface and websites (the “Interface”). Chroma is a non-custodial interface to a public blockchain; we collect as little personal data as possible to operate it.

Chroma LLC · Last updated: June 10, 2026

01Data controller

Chroma LLC is the controller responsible for the limited personal data processed through the Interface. You can reach us about privacy matters at privacy@chroma.fund.

02What we collect

Blockchain data: when you connect a wallet or transact, your public wallet address and on-chain activity are processed by the Interface. This data lives on the Solana blockchain — it is inherently public, permanent, and outside Chroma’s control; we neither create nor can delete it.

Technical data: like most websites, our hosting and infrastructure providers automatically process technical information such as IP address, browser type, and request logs, for the limited purposes of serving the site, security, and abuse prevention.

We do not ask for your name, email, or government ID to use the Interface, and we do not run advertising or behavioral tracking. We do not knowingly collect data from anyone under 18.

03Cookies & analytics

This build uses only the storage strictly necessary for the Interface to function (for example, remembering a connected wallet session). No third-party advertising or behavioral-analytics cookies are enabled by default. Where consent is legally required for any future analytics, we will request it before such cookies are set.

04Legal basis (for EU/EEA users)

Where the GDPR applies, we process technical and blockchain data on the basis of our legitimate interest in operating, securing, and improving the Interface (Art. 6(1)(f)), and on the basis of your consent (Art. 6(1)(a)) where consent is required.

05Sharing & processors

We share data only with service providers that help us run the Interface — such as website hosting, content delivery, and Solana RPC providers — and only as needed for those services, under appropriate confidentiality and data-processing terms. We do not sell personal data. We may disclose information where required by law or to protect our rights, users, or the public.

06Your rights

Depending on where you live, you may have rights to access, correct, delete, port, or object to the processing of your personal data, and to withdraw consent. To exercise these rights, contact privacy@chroma.fund. Please note that data recorded on the blockchain cannot be altered or erased by Chroma.

07International transfers

Our service providers may process data in countries other than your own, including the United States and the European Union. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for such transfers.

08Retention & security

We retain technical and log data only for as long as necessary for the purposes above, and then delete or anonymize it. We use reasonable technical and organizational measures to protect the data we hold, though no system is perfectly secure. On-chain data is permanent and public by the nature of the blockchain.

09Changes & contact

We may update this Policy from time to time; changes take effect when posted with a new “Last updated” date. Questions or requests: privacy@chroma.fund.