Privacy Policy

Last Updated: April 2026

1. Introduction

HyperCluster ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our blockchain network, Quipu Protocol storage services, HyperPass browser extension, website, and related services (collectively, the "Services").

2. Information We Collect

We collect information in the following ways:

Information You Provide:

  • Contact information (email address, phone number) when you reach out to us
  • Account information when you register for validator or storage node programs
  • Payment information for paid storage tiers (processed by third-party payment processors)
  • Communications you send to us

Information Collected Automatically:

  • Blockchain transaction data (which is publicly visible on the blockchain)
  • Node heartbeat and performance data for Quipu Protocol operators
  • Website usage data (IP address, browser type, pages visited)
  • Technical logs for security and debugging purposes

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve our Services
  • Process transactions and distribute rewards
  • Monitor network health and node performance
  • Communicate with you about updates, security alerts, and support
  • Comply with legal obligations
  • Protect against fraud and unauthorized activity

4. Blockchain Data

Please note that blockchain transactions are inherently public. When you interact with the HyperCluster blockchain:

  • Transaction data is recorded on a public ledger
  • Wallet addresses and transaction history are publicly visible
  • This data cannot be deleted due to the immutable nature of blockchain technology

5. HyperPass Browser Extension

When you use the HyperPass browser extension for Chrome or Firefox:

5.1 Data We Collect

The HyperPass extension collects the following personal information:

  • Account registration data: Your name, email address, and phone number (optional), provided by you during signup
  • Wallet addresses: Ethereum-compatible addresses derived from your locally generated cryptographic keys
  • Encrypted recovery vault: A server-encrypted copy of your wallet recovery data, stored on our servers to enable account recovery across devices
  • Authentication tokens: Session tokens (JWT) used to authenticate your requests with HyperCluster services
  • Email verification codes: Temporary 6-digit codes sent to your email during registration, stored on our server for up to 10 minutes

5.2 How We Use Your Data

  • Account registration data: Used to create and manage your HyperCluster identity, send verification emails, and provide account recovery
  • Wallet addresses: Used to identify your account on the HyperCluster blockchain, process transactions, and register your on-chain identity
  • Encrypted recovery vault: Used solely to restore your wallet if you reinstall the extension or switch devices. We cannot decrypt this data.
  • Authentication tokens: Used to verify your identity when making API requests. Tokens expire after 24 hours.

5.3 Data Stored Locally on Your Device

The following data is stored only in your browser's local storage and is never sent to our servers in unencrypted form:

  • Your private keys and 12-word recovery phrase, encrypted with your password using PBKDF2 (600,000 iterations) and AES-256-GCM
  • Connected site permissions (which websites you have authorized)
  • Wallet preferences and account labels

The extension auto-locks after 15 minutes of inactivity and clears decrypted keys from memory.

5.4 Data We Do NOT Collect

  • We never have access to your unencrypted private keys, recovery phrase, or wallet password
  • We do not track your browsing history or activity on third-party websites
  • We do not inject analytics, advertising, or tracking scripts into web pages you visit
  • We do not collect or transmit any data from websites you visit other than HyperCluster services
  • We do not use your data for advertising or sell it to any third party

5.5 Network Requests and Data Transmission

The extension communicates exclusively with the following HyperCluster-operated servers:

  • passport.hypercluster.org — Authentication, account registration, email verification, and wallet synchronization
  • rpc.hypercluster.org — Blockchain JSON-RPC requests (balance queries, transaction submissions)

All communication uses HTTPS (TLS 1.2+) encryption. No data is sent to any other servers or third parties by the extension itself.

An API key is included in requests to authenticate the extension with our servers. This key identifies the extension as an authorized client and does not contain personal information.

5.6 Data Sharing

Personal data collected through the HyperPass extension may be shared with the following third-party service providers, solely for the purposes described:

  • Mailgun (email delivery): Your email address is shared with Mailgun Technologies, Inc. to send verification codes and account notifications. Mailgun Privacy Policy
  • Stripe (payment processing): If you make purchases on HyperCluster, your payment information is processed by Stripe, Inc. We do not store your credit card details. Stripe Privacy Policy

We do not sell, rent, or trade your personal information to any third party. We do not share your data with advertisers or data brokers.

5.7 Data Retention

  • Account data: Retained for as long as your account is active. You may request deletion by contacting us.
  • Session tokens: Expire after 24 hours and are automatically deleted
  • Email verification codes: Expire and are deleted after 10 minutes
  • Authentication nonces: Expire and are deleted after 5 minutes
  • Locally stored data: Remains on your device until you sign out or uninstall the extension

5.8 Your Rights Regarding Extension Data

  • You can view your account data at any time within the extension or at passport.hypercluster.org/account
  • You can export your recovery phrase and private key from the extension settings
  • You can sign out to erase all locally stored data from the extension
  • You can request complete account deletion by contacting [email protected]

6. Quipu Protocol Data

For Quipu Protocol storage:

  • Files stored on Quipu are distributed across the network
  • We do not access or view the contents of your stored files
  • Node operators receive hashed data and cannot read file contents
  • You maintain control over your data and encryption keys

7. Information Sharing

We may share your information with the following categories of recipients:

  • Mailgun Technologies, Inc.: Email delivery for account verification and notifications (receives your email address)
  • Stripe, Inc.: Payment processing for purchases (receives payment and billing information; we do not store credit card numbers)
  • Legal authorities: When required by law, court order, or to protect our legal rights
  • Business successors: In connection with a merger, acquisition, or sale of assets, with advance notice to users

We do not sell, rent, or trade your personal information to third parties. We do not share your data with advertisers or data brokers.

8. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security assessments
  • Employee training on data protection

9. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access your personal information
  • Correct inaccurate data
  • Delete your data (where technically feasible)
  • Object to certain processing
  • Data portability

Note that blockchain data cannot be modified or deleted due to its immutable nature.

10. International Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.

11. Children's Privacy

Our Services are not directed to individuals under 18. We do not knowingly collect information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on our website and updating the "Last Updated" date.

13. Contact Us

If you have questions about this Privacy Policy, please contact us: