This Privacy Policy explains how personal data is, and is not, handled in connection with the Chui Wallet browser extension and any related software, builds, source code, and documentation (collectively, the "Software").

​

The Software is published by OneByZero Tech Pte Ltd, 61 Robinson Road, #07-06, Singapore 068893 ("we", "us", "our"). In this Policy, "you" or "User" means a natural person who installs or uses the Software.

Read this first if you read nothing else:

• We do not operate any backend service, login, account system, or user database.
• We do not collect, transmit, store, sell, share, broker, profile, or monetise any personal data on any server we control.
• We do not embed any analytics, telemetry, crash reporter, A/B-testing, advertising, attribution, fingerprinting, or third-party tracker in the Software.
• The Software runs entirely inside your browser. Your seed phrase, password, account list, and preferences live on your device and are not transmitted to us.
• The Software does, however, cause your browser to talk directly to third-party blockchain data providers in order to function. Those providers will see your network address (IP) and the queries your browser makes (for example, which Bitcoin or Ethereum addresses you are looking up). They are operated independently of us.

This Policy explains those statements in detail.

This Policy covers the Software. It does not cover:

• the browser you run the Software in (governed by your browser vendor's privacy policy);
• the operating system and device you run the browser on;
• the Third-Party Services (defined below) the Software contacts;
• decentralised applications, smart contracts, or counterparties you interact with using the Software;
• the Chrome Web Store or any other distribution channel through which you may have obtained the Software (governed by that channel's policies);
• any chat, email, forum, or repository where you separately contact us.

For data protection purposes (including the Singapore Personal Data Protection Act 2012 ("PDPA"), the EU General Data Protection Regulation 2016/679 ("GDPR"), and the UK GDPR), OneByZero Tech Pte Ltd is the data controller in respect of any personal data that we cause to be processed. Because the Software is client-side and we do not operate any server that receives user data, the scope of personal data we control is extremely narrow. See clause 4.

​

For data processed by Third-Party Services as a result of your use of the Software, those Third-Party Services act as independent controllers in respect of the data they receive. We are not their processor and they are not ours.

We do not collect personal data through the Software. Specifically:

​

(a) The Software does not contain any analytics, telemetry, error-reporting, performance-monitoring, advertising, attribution, or fingerprinting library. (b) The Software does not "phone home". It does not send your IP, device identifier, installation identifier, version string, or usage events to any endpoint operated by us. (c) We do not operate any server, API, or database that receives data from the Software. We have no logs, sessions, accounts, or records of you as a User. (d) We do not place any cookie or use any browser-storage mechanism (localStorage, IndexedDB, etc.) on websites you visit through the Software. (e) The Software's source repository is public. You may verify the absence of telemetry by reading the source and inspecting the network requests in your browser's developer tools.

​

If you separately choose to contact us (by email, repository issue, or otherwise), we will receive whatever personal data you voluntarily send us in that message. That contact data is processed only to respond to your enquiry and is described in clause 9.

This data is held in memory for the duration of the browser session. It is cleared when the browser restarts, when the extension is disabled, reloaded, updated, or uninstalled, or when the Software explicitly removes it (for example, when you lock or log out, or when a stored value passes its expiry). It can survive normal background service-worker restarts during the same browser session. It is not copied into any persisted profile, browser sync, or cloud backup.

​

While you are unlocked, the Software keeps a short-lived copy of your password and a session encryption key in chrome.storage.session so it can sign transactions without re-prompting you for the password on every action.

If you do not want a session copy held in memory, lock the wallet or close your browser before stepping away.

​

If you uninstall the Software, the browser deletes both chrome.storage.local and chrome.storage.session data owned by the Software. If you have not previously backed up your mnemonic, your vault will no longer be recoverable.

​

We have no way to access, read, copy, decrypt, reset, or recover any of this local data. We cannot recover lost passwords or mnemonics.

To function as a wallet, the Software causes your browser to make network requests from your device directly to third parties that index, broadcast, price, or otherwise serve blockchain data ("Third-Party Services"). We do not proxy these requests. We do not see them.

​

Each Third-Party Service will typically observe:

​

(a) your IP address; (b) request timing and frequency; (c) the content of the request (for example, an Electrum script-hash lookup reveals which Bitcoin address or xpub you are checking; an Ethereum eth_getBalance call reveals which address you are checking); (d) any HTTP headers your browser sends, such as User-Agent.

​

Each Third-Party Service has its own privacy policy. We are not their agent and they are not ours. We do not control what they log, how long they retain it, or whom they share it with.

​

As of the effective date above, Third-Party Services contacted by default or by configuration include the following. The list may change as the Software evolves; the canonical list is the source code.

Privacy considerations:

​

(a) IP exposure. Every Third-Party Service the Software contacts will see your IP address. If you do not want a Third-Party Service to associate your IP with your wallet addresses, you can route the browser through a VPN, Tor, or an xpub-isolating workflow at your own discretion. (b) Address-cluster exposure. A single Third-Party Service that handles many of your queries can correlate your addresses into a cluster owned by the same User. You can mitigate this by running your own Electrum server, switching servers, or using independent wallets per use case. (c) Google Fonts. Loading the UI font causes requests to Google-operated font domains (fonts.googleapis.com for the stylesheet and fonts.gstatic.com for the font files). Google may receive your IP address, the requested font URL, and standard HTTP headers such as User-Agent and Referrer. Google publicly states it does not use Google Fonts data to profile end users or for targeted advertising; we relay that statement and cannot verify it. If you object, you can block these domains at the browser, host, or network level; the wallet will still function with a fallback system font.

We do not request the tabs, cookies, webRequest, clipboardRead, clipboardWrite, geolocation, notifications, nativeMessaging, or identity extension permissions.

​

The Software does, however, use two browser APIs that do not require their own permission entry:

​

(a) navigator.clipboard.writeText(): invoked only when you press a Copy button (for example, to copy an address, xpub, or mnemonic to the clipboard at your own request). The Software does not read the clipboard. (b) chrome.tabs.create(): invoked only to open links you click (for example, opening a transaction in a block explorer, or the Terms of Use / Privacy Policy in a new tab). The Software does not enumerate, query, or modify your existing tabs.

When you visit a website that detects the Chui Wallet provider and asks for your xpub or addresses:

​

(a) The website's request is handled inside your browser by the Software. It is not relayed to us. (b) The Software will surface a prompt asking for your approval before any address or extended public key is returned. (c) If you approve, the Software returns the requested data to that specific page's origin only. (d) Approvals are stored locally in your chrome.storage.local. They are not visible to us.

​

You are responsible for evaluating each dApp before approving it. Approving a malicious site may expose your address graph to that site.

If you separately email us, file an issue on the source repository, or otherwise contact us, we will receive whatever you include in your message (typically your email address, repository username, IP address as seen by the email/issue host, and the content of your message). We process this contact data only to:

​

(a) respond to your enquiry; (b) investigate and address security or legal issues; (c) comply with applicable law.

​

We retain contact data only as long as is reasonably necessary for those purposes. We do not use it for marketing.

Because we do not operate a server that receives user data from the Software, no data transfer is initiated by us. When the Software contacts Third-Party Services, the data leaves your device and travels directly to those services, which may be located anywhere in the world. We have no influence over where those servers are or where data is processed.

​

For any contact data you voluntarily send us (clause 9), processing takes place in Singapore.

Subject to applicable law (including the PDPA, GDPR, UK GDPR, and other data protection laws), you may have the following rights in respect of personal data we control:

​

(a) the right to access the data we hold about you; (b) the right to rectify inaccurate data; (c) the right to erase data ("right to be forgotten"); (d) the right to restrict or object to processing; (e) the right to data portability; (f) the right to withdraw consent where processing relies on consent; (g) the right to lodge a complaint with a supervisory authority (such as the Personal Data Protection Commission of Singapore, the data protection authority in your EU/UK country, or the equivalent in your jurisdiction).

​

In practice, because we do not collect any personal data through the Software, there is rarely anything for us to access, correct, port, or delete. Where you have contacted us directly (clause 9), you may exercise these rights against the limited contact data we hold by writing to the address in clause 14.

We use cryptographic primitives chosen with current best practice in mind (PBKDF2-SHA-256 with 600,000 iterations to derive the vault key from your password; authenticated symmetric encryption to seal the vault). No security measure is perfect. You acknowledge that:

​

(a) the security of your wallet depends on the strength of your password and the secrecy of your mnemonic; (b) a compromised device, a compromised browser, or a malicious extension installed alongside the Software can defeat the wallet's protections; (c) cryptographic primitives may be weakened over time, including by advances in quantum computing; (d) we do not warrant that the Software is free of vulnerabilities. See the Terms of Use for the full disclaimer.

​

If you believe you have found a security vulnerability in the Software, please report it responsibly via the contact address in clause 14 rather than disclosing it publicly.