Last updated: 11 June 2026
Avatarada is built around collecting as little data as possible. For people who sign in with a wallet, we collect no personal data: no name, no phone number, no external email address, no password, no SMS. Your identity is your Cardano stake address, which is already a public on-chain identifier. Developers who register OAuth applications may optionally provide service metadata such as a support email (see "Developer-provided service data" below), which is distinct from end-user authentication data. This policy explains the limited data we do handle and why.
Your account is your stake address, proven by a wallet signature. We store what is needed to operate your account and sessions (your stake address, enrolled passkey credentials, active session records) and the list of services you have connected with the scopes you granted. We do not link your stake address to any real-world identity, and recovery never deanonymizes you.
When you consent, a connected service receives your identity (stake address) and, for the scopes you grant, read-only public on-chain wallet data (such as balance, tokens, NFTs, and delegation) and/or permission to deliver mail to your inbox. This is data that is already public on the Cardano blockchain or that you explicitly authorize. We do not share personal data about you, because we do not collect any from you as an end user.
If you register an OAuth application in the developer console, you may optionally provide service metadata — a support email, homepage URL, terms and privacy URLs, a logo, and the sending domains you declare. This is information about your application that you supply, not personal data we collect from end users. We store it to operate your client integration: the support email and URLs are passed to the OAuth layer (Ory Hydra) as the client's contact and policy metadata so they can be shown on the consent screen, and the record is kept in your service's row. We do not sell or share this data, and it is retained only for as long as the client exists — deleting the client removes it.
If a connected service sends mail to your Avatarada address, we store that message so you can read it in your inbox. Stored data includes the sender, message headers, authentication results (SPF/DKIM/DMARC), a sanitized body, and attachments. Mail is accepted only from the verified sending domains of services you have connected; all other mail is silently discarded and never stored. Stored mail is retained for 90 days and up to the 500 newest messages per recipient, after which it is pruned. The inbox is read-only and rendered safely; we do not read your mail for advertising and run no analytics on it.
Avatarada uses only strictly functional storage and no tracking or analytics cookies. Two cookies are used: a session cookie that keeps you signed in and a "locale" cookie that remembers your chosen language. Your light/dark theme preference is kept in your browser's local storage (not a cookie, so it is never sent to our servers).
Account and session data persist until you sign out or disconnect, as applicable. Inbox mail is pruned on the 90-day / 500-message rule above. Disconnecting a service stops any further mail from it from being accepted or shown.
To read public on-chain data we use an on-chain data provider (initially Koios). The OAuth2 / OpenID Connect protocol layer is handled by Ory Hydra, and inbound mail is received by a Stalwart mail server we operate. These components process only the limited data described above.
From your dashboard you can see every service you have connected, the scopes each holds, and disconnect any of them. Disconnecting revokes the grant and stops further mail from that service.
We may update this policy; material changes are reflected by the "last updated" date.
Avatarada is currently a community project without a staffed support desk. Questions about privacy, and account or data requests, can be raised through the project's public channel linked from the developer console. A dedicated contact address will be published here once a support channel is in place.