Privacy Policy

This Privacy Policy explains how the DegensQuest team (“DegensQuest”, “we”, “us”, or “our”) collects, uses, shares, and protects information when you use our SocialFi gaming platform on Base — including our Telegram bot @degensquestbot, our websites, applications, and related services (together, the “Services”).

It should be read together with our Terms of Service and Risk Disclosure. By using the Services, you acknowledge the practices described here.

We collect the following categories of information to operate and improve the Services:

• Telegram identifiers. Your Telegram user ID, username/handle, and (where you provide them) display name and group/chat identifiers needed to run games where you play.
• Wallet and on-chain data. Public wallet addresses you connect, along with associated on-chain activity such as transactions, reward claims, and balances that are inherently public on the blockchain.
• Gameplay and analytics data. Matches played, scores, XP, achievements, guild membership, leaderboard standings, quest completions, and similar gameplay records.
• Device and usage data. IP address, approximate location derived from it, browser and device type, operating system, referring pages, and interactions with our sites and app, collected via cookies and analytics tools.
• Communications. Information you provide when you contact us for support, partnerships, or other inquiries.

We do not intentionally collect special categories of sensitive personal data, and we ask that you do not submit them through the Services.

We use the information we collect to:

• operate the Services — run games, matchmaking, guilds, seasons, leaderboards, and reward settlement;
• authenticate you via your Telegram account and connected wallet (for example, using SIWE);
• maintain security, prevent fraud and cheating, enforce cooldowns and anti-cheat, and investigate abuse;
• measure and improve performance, content, and features using analytics;
• communicate with you about updates, support, and important changes to the Services; and
• comply with legal obligations and enforce our Terms.

Where the EU/UK General Data Protection Regulation applies, we rely on the following legal bases to process your personal data:

• Performance of a contract — to provide the Services you request and operate your account.
• Legitimate interests — to secure the Services, prevent fraud and cheating, and understand and improve how the Services are used, balanced against your rights.
• Consent — for non-essential cookies and certain analytics, where required. You may withdraw consent at any time.
• Legal obligation — where we must process data to comply with applicable law.

We use cookies and similar technologies for essential functionality, preferences, and analytics. For product and traffic analytics we use Google Analytics (GA4) and PostHog, which may set cookies or use identifiers to measure usage, retention, and conversion across our sites and app.

You can control cookies through your browser settings and, where offered, through our cookie controls. Blocking some cookies may affect how the Services function. These providers process data under their own privacy terms.

We share information with service providers who process it on our behalf and with infrastructure we interoperate with, including:

• Telegram — the messaging platform through which the bot and many interactions occur;
• The Base network and underlying Ethereum infrastructure, where on-chain transactions are recorded;
• Analytics providers — Google Analytics (GA4) and PostHog;
• Email delivery — Resend, for transactional and update emails;
• Hosting, infrastructure, and security providers that help us run and protect the Services.

We do not sell your personal data. We may disclose information if required by law, to enforce our Terms, or to protect the rights, safety, and security of users, the public, or DegensQuest.

A core part of the Services operates on a public blockchain. Information recorded on-chain — including wallet addresses, transactions, reward claims, and related activity — is public, permanent, and outside our control. It is replicated across a decentralized network and cannot be edited, deleted, or recalled by us or by you.

Before connecting a wallet or transacting, please understand that on-chain data may remain publicly available indefinitely and may be linked to other public information. Our ability to honor deletion or correction requests is limited to off-chain personal data that we control.

We retain off-chain personal data only for as long as necessary for the purposes described in this policy — including providing the Services, security and anti-fraud, and meeting legal, accounting, or reporting obligations — after which we delete or anonymize it. On-chain data, by its nature, persists on the blockchain indefinitely and is not subject to our retention controls.

Subject to applicable law, you may have the right to access, correct, delete, restrict, or object to our processing of your personal data, to data portability, and to withdraw consent. To exercise these rights, contact us at privacy@degensquest.xyz.

Rights vs. immutable ledgers. We can act on these rights only for off-chain personal data we control. We cannot alter or erase data already written to a public blockchain. Where you request erasure of off-chain data, we will delete or anonymize it and, where appropriate, retain a minimal tombstone or scrub record solely to demonstrate that the request was honored and to meet legal obligations. You may also have the right to lodge a complaint with your local data protection authority.

We and our service providers may process your information in countries other than where you live, including outside the EEA/UK. Where we transfer personal data internationally, we rely on appropriate safeguards — such as adequacy decisions or Standard Contractual Clauses — to protect it in line with applicable law.

The Services are not directed to, and may not be used by, anyone under 18 years old (or the age of majority in their jurisdiction, if higher). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will take appropriate steps to delete it.

We use technical and organizational measures — including access controls, encryption of secrets, rate limiting, monitoring, and audit logging — designed to protect personal data. No system is perfectly secure, however, and we cannot guarantee absolute security. You are responsible for safeguarding your own credentials, wallet, private keys, and seed phrases; see our Terms of Service and Risk Disclosure.

We may update this Privacy Policy from time to time. When we do, we will revise the “last updated” date above and, where appropriate, provide additional notice. Your continued use of the Services after changes take effect constitutes acknowledgment of the updated policy.

Questions or requests regarding this Privacy Policy or your personal data can be sent to privacy@degensquest.xyz.