Privacy Policy
Last updated: May 17, 2026
This Privacy Policy explains how Opal Wallet ("Opal Wallet," "we," "us," or "our") collects, uses, and shares information when you use the Opal Wallet mobile and web applications and related services (the "Service"). By using the Service, you agree to the practices described in this policy.
Who we are
Opal Wallet provides a self-custodial multichain crypto wallet. You can contact us about privacy matters at privacy@opalwalletxyz.com.
The most important thing to understand
Opal Wallet is self-custodial. This shapes everything in this policy:
- Your wallet's private keys are created and stored on your device, in your device's secure hardware. They never leave your device and are never transmitted to us.
- We cannot access, move, freeze, or recover your funds.
- We store information about your wallet (such as public addresses and transaction history), but never the keys that control it.
Information we collect
Information you provide:
- Email address — only if you choose to give it (for example, to join a waitlist or receive notifications).
- Labels and notes you add — for example, a name you assign to a contact in your address book.
- Support communications — messages you send us when you contact support.
Information created when you use the Service:
- Passkey public keys and credential identifiers — the public portion of the passkeys you register. We never receive the private portion.
- Wallet addresses — your public smart-account addresses on supported blockchains.
- Device information — device name, operating system and platform, app version, and a last-active timestamp, used to show you your list of active devices and to secure your account.
- Session information — temporary, encrypted session identifiers used to keep you signed in.
- Transaction metadata — for transactions you make through the Service: transaction identifiers, the blockchain used, amounts, assets, counterparties, timestamps, and a human-readable summary. Note that blockchain transactions are inherently public; we index and label them so you can see your own activity.
- Connections and permissions — records of decentralized applications you connect to and the spending permissions ("access keys") you create.
- Usage and diagnostic data — app interaction events and error reports, used to improve the Service. Identifiers in this data are pseudonymized.
Information we do NOT collect:
- We do not collect seed phrases — Opal Wallet does not use them.
- We do not collect or store private keys or signing material for your wallet.
- We do not collect passwords — the Service uses passkeys, not passwords.
- We do not collect your biometric data — Face ID / Touch ID happens entirely on your device through your operating system; we receive only the result of a successful device check.
How we use information
We use information to:
- create and operate your wallet and authenticate you;
- display your balances, activity, and transaction previews;
- generate optional suggestions that help you manage your wallet (see Section 5);
- secure the Service and detect and prevent fraud and abuse;
- provide customer support;
- understand how the Service is used and improve it;
- communicate with you about the Service.
Suggestions and automated processing
Opal Wallet includes a feature that reviews patterns in your transaction activity to suggest changes that may make the wallet easier or safer to use. To generate these suggestions, transaction- pattern information may be processed by a third-party AI provider. This processing uses activity patterns and does not require sharing your identity. Suggestions are optional and never act on your wallet without your explicit confirmation.
How information is shared
We share information only as described here. We do not sell your personal information.
Service providers (sub-processors). We use third-party providers to operate the Service, including for: cloud hosting and infrastructure, database and storage, blockchain data and transaction-submission services, transaction simulation, error tracking and logging, email delivery, push notifications, customer support, and the suggestion feature described in Section 5. These providers process information only as needed to provide their service to us.
Buying crypto through a third party. If you choose to buy crypto using a card or bank transfer, that purchase is handled by a third-party on-ramp provider. When you do this, you interact directly with that provider under their privacy policy and terms, and that provider — not Opal Wallet — collects any payment or identity information needed for the purchase.
Legal reasons. We may disclose information if required by law or valid legal process, or to protect the rights, safety, or property of users, the public, or Opal Wallet.
Business transfers. If Opal Wallet is involved in a merger, acquisition, or sale of assets, information may be transferred as part of that transaction.
Blockchain data is public and permanent
Transactions on a blockchain are recorded on a public ledger that is outside Opal Wallet's control and that cannot be changed or deleted by anyone, including us. Any wallet address and transaction you create is permanently public on that blockchain. This is a property of blockchains generally, not of Opal Wallet.
Data retention
We keep information for as long as needed to provide the Service and for legitimate business and legal purposes. Session data expires automatically. Security and audit logs are retained for a limited period. You may request deletion as described in Section 9, subject to the limit in Section 7.
Your rights and choices
Depending on where you live, you may have rights to access, correct, delete, export, or restrict the processing of your personal information, and to object to certain processing.
To exercise these rights, contact privacy@opalwalletxyz.com.
An important limit: we can act only on information we hold. We can delete your account and the information in our systems, but we cannotalter or remove data recorded on a public blockchain (see Section 7), because that is not within anyone's control.
International transfers
Opal Wallet operates globally, and information may be processed in countries other than the one you live in.
Security
We use technical and organizational measures to protect information, including encryption and the self-custodial architecture described in Section 2. No system is perfectly secure, but because we never hold your keys, the most sensitive thing in crypto — control of your funds — never depends on our security.
Children
The Service is not directed to, and is not intended for, anyone under 18 (or the age of majority in your jurisdiction). We do not knowingly collect information from children.
Changes to this policy
We may update this policy. If we make material changes, we will notify you through the Service or by other reasonable means. Continued use of the Service after an update means you accept the updated policy.
Contact
Questions about this policy: privacy@opalwalletxyz.com.