Privacy Policy

This policy describes what data the ZendIQ browser extension collects, why, and how it is handled. We've written it to be readable, not just legally defensible.

1 Who we are

ZendIQ is a browser extension for Chrome and Brave that provides real-time risk analysis for Solana swaps on Jupiter, Raydium, and pump.fun. The extension is provided by the ZendIQ project and is available as open source at github.com/ZendIQ/ZendIQ-Extension-Lite.

For questions about this policy, contact us at privacy@zendiq.ai.

2 What data ZendIQ Lite collects

ZendIQ Lite sends anonymous, aggregated usage events to our backend (zendiq-backend.onrender.com). The full list of what is sent is below. No wallet address, no name, no email, and no IP address is ever stored by us.

Event	Data sent	When
extension_installed	Install reason (fresh install or update), previous version, browser type (Brave or Chrome)	Once on install or version update
daily_active	UTC calendar date only (e.g. "2026-03-14")	At most once per day when extension is active
token_checked	Token mint address, risk score (0–100), risk level, site hostname	When a token is scanned before a swap
high_risk_detected	Token mint address, risk score, risk level, site hostname	When a scanned token scores HIGH or CRITICAL
transaction_initiated	Token mint, risk score, risk level, site hostname	When the user clicks Swap or signs a transaction
proceeded_high_risk	Token mint, risk score, risk level, trade size in USD and SOL, site hostname	When the user proceeds despite a HIGH/CRITICAL warning
avoided_high_risk	Token mint, risk score, risk level, trade size in USD and SOL, site hostname	When the user cancels or walks away after a HIGH/CRITICAL warning
transaction_completed	Token mint, risk score, risk level, trade size in USD and SOL, site hostname	When a non-high-risk swap is confirmed and sent
transaction_aborted	Token mint, risk score, risk level, trade size in USD and SOL, site hostname	When the user cancels a non-high-risk swap before signing

Token mint addresses are public on-chain identifiers for tokens (e.g. SOL, USDC, BONK). They identify the asset being traded, not the person trading it. They are not linked to any wallet or individual.

All events also include the extension version number and a timestamp. No persistent user identifier or device fingerprint is generated or transmitted.

3 Why we collect this data

Product improvement — understanding which tokens are frequently flagged helps us tune risk scoring accuracy.
Reliability monitoring — daily active counts tell us whether the extension is functioning correctly after updates.
Aggregate safety statistics — we may publish anonymised summaries (e.g. "X high-risk tokens flagged this month") on our website.

We do not use this data for advertising, profiling, or any purpose beyond the above.

4 Data we do NOT collect

Wallet addresses or public keys
Transaction signatures or on-chain history
Token amounts or portfolio balances
Names, email addresses, or any account information
IP addresses (our backend does not log or store them)
Browser history or activity outside of swap interactions
Any data from sites other than jup.ag, raydium.io, and pump.fun

5 Data storage and retention

Events are stored in a SQLite database on our backend server hosted at Render.com (US region). Render's infrastructure privacy policy is available at render.com/privacy.

We retain event data for 12 months, after which it is automatically purged. Aggregated counts (totals with no individual event rows) may be retained indefinitely.

6 Data sharing

We do not sell, rent, or share individual event data with any third party. The only external services that receive data as part of a normal extension session are:

RugCheck.xyz — token risk report API (token mint sent, no wallet data)
DexScreener — token price and liquidity data (token mint sent)
GeckoTerminal — historical price data (token mint sent)
Solana RPC — on-chain token account data (no wallet address sent by ZendIQ; jup.ag's own RPC connection is used)

These are read-only lookups. ZendIQ does not send wallet addresses or trade data to any of these services.

7 Local storage

ZendIQ stores the following data locally in your browser using chrome.storage.local:

Your settings (monitoring enabled/disabled, risk threshold, per-site toggles)
Swap history (token pairs, risk scores, timestamps — never leaves your device)
Token score cache (5-minute cache to avoid redundant API calls)
Date of last active day (used to throttle the daily_active event to once per day)

This data stays on your device and is never transmitted to our backend. You can clear it at any time via Chrome's extension storage settings.

8 ZendIQ Pro (upcoming)

This section describes a feature not yet released. It is included here for transparency about our planned data practices.

The upcoming Pro edition will include on-chain trade verification — comparing the route ZendIQ suggested against what was actually executed on Solana. This feature will require:

Your wallet public address (to look up the transaction on-chain)
The transaction signature of each optimised swap

Public addresses are pseudonymous — they don't contain your name, but they are linkable to on-chain activity via public block explorers. We will:

Store addresses only for the purpose of trade verification and accuracy reporting
Never link Pro address data to the anonymous Lite usage events
Make this feature explicitly opt-in with a clear in-app disclosure before any address is transmitted
Provide a data deletion endpoint so you can request removal at any time
Update this policy with full details before Pro launches

9 Your rights

Since Lite events contain no personal data, there is nothing to access, correct, or delete on an individual basis. If you believe an event was sent in error or want to enquire about data held under a future Pro account, contact us at privacy@zendiq.ai.

If you are in the EU/EEA and believe we have processed personal data about you, you have the right to lodge a complaint with your local data protection authority.

10 Changes to this policy

We will update this page when our data practices change. The "Last updated" date at the top of this page reflects the most recent revision. Significant changes (such as Pro launch adding wallet address storage) will also be disclosed in the extension's release notes.

11 Open source

ZendIQ Lite is fully open source. You can inspect exactly what data is collected and when at github.com/ZendIQ/ZendIQ-Extension-Lite. The relevant files are src/utils/analytics.js and src/scripts/page-interceptor.js.