CTRL
Effective May 11, 2026

Privacy Policy

CTRL respects your privacy. This Privacy Policy explains what we collect, how we use it, and your rights.

1. Information we collect

You provide

  • Wallet address — when you connect a wallet
  • Workflow definitions — triggers, conditions, actions you build
  • Chat messages — prompts and conversations with the Argus AI builder
  • Optional — Telegram handle if you opt in to Telegram notifications; email if you contact support; bug reports you submit

Collected automatically

  • Usage — pages visited, features used, error events (via Vercel Analytics and Sentry)
  • Technical — IP address, browser type, device type, referrer (via Vercel)
  • On-chain — transaction history publicly readable on Base mainnet (we read this but do not own it)

2. How we use it

  • Operate the Service (execute workflows, sign transactions on your behalf via vault rules you set)
  • Improve and debug the Service
  • Send transactional notifications you've requested (Telegram, webhooks)
  • Detect abuse and enforce our Terms
  • Comply with legal obligations

3. Third parties

We share data with the following service providers, each governed by their own privacy policies:

  • Vercel — hosting, analytics, edge functions
  • Supabase — database, authentication
  • Render — keeper execution infrastructure
  • Sentry — error reporting
  • OpenAI, DeepSeek — AI workflow builder (chat content sent to these providers when you use the Argus chat)
  • Privy, RainbowKit — wallet connection
  • Telegram — notifications, if you opt in
  • dRPC, Alchemy — blockchain RPC providers
  • Pyth, DexScreener — price oracles

We do not sell your data. We do not share it with advertisers. We may disclose information when required by law or to protect our rights.

4. Retention

  • Workflows — retained while your account is active; deleted on user request
  • Chat messages — retained for 90 days
  • Execution logs — retained for 30 days for debugging
  • Analytics — retained per Vercel and Sentry retention policies (typically 30–90 days)
  • On-chain data — public and permanent on Base; we cannot delete it

5. Security

We use industry-standard security: TLS in transit, encryption at rest for sensitive fields, parameterized database queries, and signature-verified API writes. No system is perfectly secure. Use a hardware wallet for high-value funds and set conservative vault rule limits.

6. Your rights

Depending on your jurisdiction (GDPR, CCPA, and similar laws), you may have rights to:

  • Access the personal data we hold about you
  • Request deletion of your data (we cannot delete public on-chain records)
  • Correct inaccurate data
  • Port your data
  • Object to or restrict processing
  • Lodge a complaint with a data protection authority

To exercise any of these rights, email hello@ctrl.build. We will respond within 30 days.

7. Children

The Service is not intended for anyone under 18. We do not knowingly collect data from minors. If you believe a minor has provided us with data, contact us and we will delete it.

8. International transfers

Our service providers are based primarily in the United States. Using CTRL means your data may be processed in the U.S. and other countries. We rely on standard contractual clauses and other lawful mechanisms for international transfers where applicable.

9. Changes

We may update this Privacy Policy. Material changes will be highlighted on the Service or via notice.

10. Contact

Questions or requests: hello@ctrl.build

Questions? hello@ctrl.build
© 2026 CTRL