Back to Home

Privacy Policy

Last Updated: March 8, 2026

1. Introduction

TimeCap is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use our decentralized time capsule application built on the XPR Network blockchain.

2. Information We Collect

2.1 Blockchain Data (Public)

Because TimeCap operates on a public blockchain, the following information is permanently recorded on the XPR Network and is publicly accessible:

  • Your XPR Network wallet address (username)
  • Transaction hashes and timestamps
  • Payment amounts (100 XPR per capsule)
  • Recipient wallet addresses
  • Unlock times for capsules

2.2 Capsule Content

Content you upload to TimeCap is stored in two locations:

  • Database Storage: Messages and metadata are stored in our Supabase database with access restricted by Row Level Security policies.
  • IPFS Storage: Images are uploaded to IPFS (InterPlanetary File System), a decentralized storage network. Once uploaded, content on IPFS is publicly accessible and permanent.

2.3 Wallet Connection Data

When you connect your WebAuth wallet, we temporarily store your session information in your browser's local storage to maintain your connection. This data never leaves your device.

3. How We Use Your Information

  • To provide and maintain the TimeCap service
  • To process your capsule creation requests and blockchain transactions
  • To display your sent and received capsules in your dashboard
  • To enforce our Terms of Service and prevent abuse
  • To improve and optimize the service

4. Information We Do NOT Collect

  • We do NOT collect your email address, phone number, or other personal contact information
  • We do NOT collect your real name or physical address
  • We do NOT access or store your wallet private keys
  • We do NOT track your browsing activity on other websites
  • We do NOT use cookies for tracking or advertising purposes
  • We do NOT sell your data to third parties

5. Data Security

We implement security measures to protect your data:

  • Row Level Security (RLS): Database policies ensure users can only access their own capsules (as creator or recipient).
  • Encrypted Connections: All data transmission uses HTTPS/SSL encryption.
  • No Password Storage: We never store passwords. Authentication is handled by WebAuth wallet.
  • Blockchain Security: Transactions are secured by the XPR Network's consensus mechanism.

However, you acknowledge that no method of transmission over the internet or electronic storage is 100% secure. You are responsible for securing your own wallet and private keys.

6. Public Nature of Blockchain

Important Notice:

The XPR Network blockchain is a public ledger. All transactions, including your wallet address, payment amounts, and transaction times, are permanently visible to anyone. This is an inherent characteristic of blockchain technology and cannot be changed.

7. IPFS and Content Permanence

Images uploaded to TimeCap are stored on IPFS, a decentralized storage network. Once uploaded:

  • Content may be permanently accessible via its IPFS hash
  • Content may be replicated across multiple IPFS nodes globally
  • We cannot guarantee deletion of content from IPFS
  • Anyone with the IPFS hash can access the content

Do not upload sensitive, private, or confidential content to TimeCap.

8. Third-Party Services

TimeCap integrates with the following third-party services:

  • XPR Network: Blockchain infrastructure and wallet authentication
  • Supabase: Database hosting and authentication
  • IPFS/NFT.Storage: Decentralized image storage
  • Vercel: Web hosting and deployment

These services have their own privacy policies, which we encourage you to review.

9. Your Rights

You have the right to:

  • Access the capsules you created or received via the dashboard
  • Stop using TimeCap at any time
  • Request deletion of your capsules from our database (note: blockchain and IPFS data may persist)

Due to the immutable nature of blockchain technology, we cannot delete or modify data already recorded on the XPR Network blockchain or IPFS.

10. Children's Privacy

TimeCap is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you are under 18, do not use TimeCap.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Your continued use of TimeCap after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, please reach out through the XPR Network community channels.

By using TimeCap, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of information as described herein.