Wallet AuraWallet

Privacy Policy

Last updated: May 2026

Controller

JustHendi — Hendrik Müller · contact@auraforge.net

Full contact details: Imprint

What data we process

Wallet data — local only

Your seed phrase, private keys, and all wallet data are encrypted and stored exclusively in your browser's localStorage. This data never leaves your device and is never accessible to us.

Hosting and CDN — Cloudflare

We use the "Cloudflare" service provided by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter referred to as "Cloudflare").

AuraWallet runs on Cloudflare Workers and uses Cloudflare's content delivery network with DNS that is available worldwide. As a result, the information transfer that occurs between your browser and our website is technically routed via Cloudflare's network. This enables Cloudflare to analyze data transactions between your browser and our website and to work as a filter between our servers and potentially malicious data traffic from the Internet. In this context, Cloudflare may also use cookies or other technologies deployed to recognize Internet users, which shall, however, only be used for the herein described purpose.

The use of Cloudflare is based on our legitimate interest in a provision of our website offerings that is as error free and secure as possible (Art. 6(1)(f) GDPR).

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details and further information on security and data protection at Cloudflare can be found here: cloudflare.com/privacypolicy.

Cloudflare is certified in accordance with the "EU-US Data Privacy Framework" (DPF), an agreement between the European Union and the US intended to ensure compliance with European data protection standards for data processing in the US. For more information: dataprivacyframework.gov.

We have concluded a data processing agreement (DPA) with Cloudflare as required by Art. 28 GDPR. Legal basis: Art. 6(1)(f) GDPR — legitimate interest in operating the service securely.

Analytics — self-hosted Umami

We use a self-hosted instance of Umami to understand how AuraWallet is used. Umami collects anonymized page views and interaction events (e.g. which coin is selected, whether a send was completed). It uses no cookies, does not track individual users across sessions, and does not process personal data. All analytics data remains on our own server and is not shared with third parties.

Legal basis: Art. 6(1)(f) GDPR — legitimate interest in improving the service.

Your rights

Under the GDPR, you have the right to access, correct, or delete personal data we hold about you, as well as the right to object to or restrict processing. Because we store no personal data beyond what Cloudflare processes as part of standard infrastructure operation, these rights are primarily exercised with Cloudflare directly.

To exercise your rights or ask questions, contact us at admin@aurawallet.net.

No third-party sharing

We do not sell, rent, or share any data with third parties for marketing or advertising purposes.

Changes to this policy

We may update this policy at any time. The date at the top reflects the most recent revision.