Data Safety
A plain-language summary of the data the Wallet Spec app and website handle, how it is used, and your security and deletion choices.
Last updated: June 22, 2026Data collected and why
We only collect what is needed to run the Service. Each type below is collected; none of it is sold or shared for advertising. We may share limited data with infrastructure providers that process it on our behalf and with public data sources used to compute a result — see the Privacy Policy.
Account management, app functionality, security
App functionality (billing). Card details are not collected in this build.
App functionality
App functionality (to produce a risk result). Queried against public on-chain and open-source data.
Security, fraud and abuse prevention (rate limiting, lockout, audit log)
Data we do not collect
- Precise device location
- Contacts, calendar, photos, audio or files
- Advertising IDs or cross-app tracking
- Health, biometric or messaging content
How to delete your data
You can permanently delete your account and all associated data at any time:
- In the app: Profile → Security → Delete account (confirm with your password).
- By email: write to privacy@specwallet.com and we will action the request.
Deletion removes your account, checks, saved wallets, reports, API keys, settings and security logs. Note that public blockchain records are outside our control and are not affected.
Security practices
- Encryption in transit (HTTPS/TLS) for all requests.
- Passwords stored only as bcrypt hashes; optional two-factor authentication (TOTP) with backup codes.
- Per-account lockout and per-IP rate limiting against brute force.
- Session revocation on password change or “sign out everywhere”.
- Security audit log and strict HTTP security headers.
This summary mirrors the information used to complete app-store “Data safety” forms and complements our full Privacy Policy. It is provided for transparency and is not legal advice — confirm the details and contact information before publishing in production.