Namebase Privacy Policy
Effective Date: July 4, 2026
Welcome to Namebase.
This Privacy Policy ("Privacy Policy") explains how Namebase ("Namebase," "we," "our," or "us") collects, uses, stores, discloses, and protects information when you access or use the Namebase website, software, applications, APIs, registry platform, customer support services, and all related products and services (collectively, the "Services").
Namebase provides software and infrastructure that enables users to participate in decentralized naming systems. Unlike custodial exchanges, hosted wallet providers, or traditional domain registrars, Namebase is designed around a non-custodial architecture that allows users to retain control of their own blockchain assets, credentials, and naming infrastructure.
Because of that architecture, we intentionally collect significantly less personal information than many traditional online services. We do not custody cryptocurrency, private keys, recovery phrases, or digital assets on behalf of users, and we design our systems to minimize the collection and retention of personal information whenever reasonably practicable.
By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.
For purposes of applicable data protection laws, including the European Union General Data Protection Regulation ("GDPR"), the United Kingdom GDPR, and similar privacy laws, Namebase is the data controller with respect to the personal information that we collect directly through the Services.
This includes information relating to:
However, Namebase is not the controller of information permanently recorded on public blockchain networks or decentralized naming protocols.
Public blockchain information is created, validated, stored, replicated, and distributed by decentralized networks operating independently of Namebase. Once information has been published to a blockchain, Namebase generally cannot:
Accordingly, this Privacy Policy applies only to the information that Namebase collects, stores, or otherwise processes through the Services.
It does not govern information permanently maintained by decentralized blockchain networks except to the extent Namebase independently processes publicly available blockchain information as part of providing the Services.
Privacy is a foundational design principle of the Namebase platform.
Rather than relying upon centralized custody of digital assets or sensitive authentication information, Namebase has been designed to utilize decentralized protocols, cryptographic verification, and user-controlled credentials wherever reasonably practicable.
Our objective is to minimize the amount of personal information necessary to operate the Services while still providing a secure, reliable, and functional platform.
Accordingly, we strive to collect only the information reasonably necessary to:
We intentionally avoid collecting information that is unnecessary for these purposes.
In particular, Namebase does not intentionally collect or store:
This privacy-by-design approach reflects our commitment to decentralization, security, user autonomy, and data minimization.
The following principles guide how we design, build, and operate the Services.
We Collect the Minimum Information Necessary. We believe users should not be required to disclose unnecessary personal information simply to use decentralized infrastructure. Whenever reasonably practicable, we collect only the information needed to operate the Services, maintain security, communicate with users, satisfy legal obligations, and improve reliability. We regularly review our systems to identify opportunities to reduce the collection and retention of personal information.
You Control Your Digital Assets. Namebase is a non-custodial platform. We do not own your digital assets, control your wallets, possess your private keys, or maintain cryptocurrency balances on your behalf. You remain solely responsible for your blockchain credentials and digital assets.
We Favor Decentralization. Wherever reasonably practicable, Namebase relies upon decentralized protocols rather than centralized infrastructure, including blockchain verification, cryptographic signatures, decentralized naming protocols, user-controlled wallets, and direct blockchain interactions.
Security Is Built Into the Platform. We employ commercially reasonable administrative, technical, and organizational safeguards designed to protect the information entrusted to us. Although no software system can eliminate all risk, we continually seek to improve the security and resilience of our infrastructure.
Transparency Matters. We believe users should understand what information we collect, why we collect it, how it is used, when it is shared, how long it is retained, and what rights users possess. Accordingly, we strive to describe our privacy practices in clear, straightforward language.
User Autonomy Comes First. Whenever reasonably practicable, users - not Namebase - control their wallets, digital assets, blockchain credentials, registry operations, and naming infrastructure.
Commitment to Data Minimization. Wherever reasonably practicable, Namebase limits both the amount and the type of personal information collected, and periodically evaluates whether information currently collected remains reasonably necessary for security, fraud prevention, legal compliance, operation of the Services, and user support. Where information is no longer reasonably necessary, we will make commercially reasonable efforts to securely delete or anonymize it, subject to applicable law, legitimate business needs, backup retention schedules, and the technical limitations of decentralized networks. Because blockchain information is generally immutable, information permanently published to public blockchain networks cannot ordinarily be deleted by Namebase.
No Sale of Personal Information. We do not sell, rent, license to advertisers, or monetize your personal information through data brokerage activities. We disclose personal information only as described in this Privacy Policy, including to service providers acting on our behalf, where required by law, to protect the security or integrity of the Services, and in connection with lawful corporate transactions. For purposes of applicable privacy laws, including the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), Namebase does not sell personal information as those terms are defined under applicable law.
Namebase believes decentralized naming systems should promote user ownership, portability, interoperability, and long-term resilience.
Subject to applicable law, security considerations, and the technical capabilities of supported protocols, we endeavor to design the Services in a manner that allows users to retain meaningful control over their names, registry configurations, and related information rather than creating unnecessary vendor lock-in.
Where technically feasible and consistent with our contractual obligations, we will make commercially reasonable efforts to provide users with reasonable opportunities to export registry-related information before permanently discontinuing material functionality.
Nothing in this Privacy Policy expands or modifies the contractual obligations contained in the Terms of Service, Registry Services Agreement, or any other agreement governing the Services.
This Privacy Policy applies to personal information collected through:
This Privacy Policy does not apply to:
Those services remain governed by their own privacy policies and terms.
The information we collect depends upon how you use the Services.
A. Information You Provide. You may voluntarily provide information including:
If you operate a registry through Namebase, we may also collect:
We request that you do not submit private keys, recovery phrases, or wallet seed phrases through support requests or other communications.
B. Information Collected Automatically. When you use the Services, we may automatically collect technical information such as:
This information helps us provide the Services, maintain platform security, investigate abuse, troubleshoot technical issues, improve performance, and understand feature usage.
The Services interact with decentralized blockchain networks and decentralized naming protocols.
Unlike traditional centralized databases, blockchain networks are public, distributed systems maintained by independent participants rather than by Namebase.
As a result, certain information associated with your use of the Services may become publicly visible through the underlying blockchain, including:
This information is generally visible to blockchain explorers, network participants, third-party indexing services, search engines, researchers, and other members of the public.
Namebase does not create or control these public records.
Because blockchain data is generally immutable, Namebase cannot modify, delete, or prevent blockchain records from being copied or indexed, and cannot remove blockchain information from third-party services.
Although Namebase may display publicly available blockchain information through the Services, that information originates from decentralized networks rather than from Namebase.
As part of our privacy-by-design philosophy, Namebase intentionally avoids collecting certain categories of highly sensitive information whenever reasonably practicable.
In particular, we do not intentionally collect or store:
We also do not request that users transmit wallet secrets through customer support.
If sensitive credentials are accidentally submitted through support channels, we request that users notify us immediately so that we may make commercially reasonable efforts to securely delete the information where technically feasible.
Because support communications may be stored in backup systems for limited periods, immediate deletion cannot always be guaranteed.
We use the information we collect only for legitimate business purposes related to the operation of the Services. These purposes include:
Providing the Services. To create and manage accounts; authenticate users; operate registry services; verify TLD ownership; process Listings, Delistings, and Migrations; maintain registry configurations; provide APIs; and facilitate customer support.
Security. To detect fraud; investigate abuse; prevent unauthorized access; identify compromised accounts; detect malicious activity; enforce rate limits; maintain platform integrity; and protect users.
Improving the Services. To improve usability; fix software defects; measure performance; develop new features; improve documentation; understand feature usage; and improve reliability. Whenever reasonably practicable, we use aggregated or de-identified information for these purposes.
Communications. To send account notices, billing notices, registry notifications, maintenance announcements, legal notices, support responses, security alerts, and updates regarding the Services.
Compliance. To comply with applicable law; respond to lawful governmental requests; comply with court orders; investigate suspected unlawful activity; protect the rights of Namebase and its users; and enforce our agreements.
Research and Development. To improve decentralized naming technologies, develop future products, improve system performance, perform statistical analysis, and understand platform usage. Where reasonably practicable, such information will not identify individual users.
Where the GDPR, UK GDPR, or similar laws apply, Namebase processes personal information on one or more of the following legal bases.
Performance of a Contract. We process information when necessary to provide the Services requested by you, including account management, authentication, registry services, customer support, and communications regarding your account.
Compliance with Legal Obligations. We process information where necessary to comply with applicable law, including obligations relating to taxation, legal process, sanctions, export controls, fraud prevention, and law enforcement requests.
Legitimate Interests. We process information where reasonably necessary for our legitimate interests, including securing the Services, preventing abuse, detecting fraud, improving reliability, developing new features, responding to support requests, protecting users, and enforcing agreements. When relying upon legitimate interests, we consider the rights and freedoms of affected individuals.
Consent. Where required by law, we process information based upon your consent. You may withdraw consent at any time where processing depends solely upon consent, although doing so may affect your ability to use certain Services.
Namebase may use cookies and similar technologies to improve the functionality and security of the Services.
These technologies may include browser cookies, local storage, session identifiers, authentication tokens, and similar technologies.
Cookies may be used for:
You may configure your browser to reject cookies. However, disabling cookies may cause certain features of the Services to function improperly.
Where Namebase adopts a separate Cookie Policy, additional information about the cookies we use will be provided there.
We may use privacy-conscious analytics tools to better understand how the Services are used.
Analytics information may include pages viewed, feature usage, navigation paths, browser type, operating system, approximate geographic region, referring websites, session duration, and error events.
Analytics data helps us improve usability, identify software bugs, understand platform performance, and prioritize product development.
Where reasonably practicable, analytics information is aggregated or de-identified before analysis.
Namebase may communicate with you regarding your account, registry operations, security issues, billing, support requests, protocol updates, maintenance, legal notices, and changes to our agreements.
Operational communications are considered part of the Services.
You may not opt out of communications necessary for account security, legal compliance, operation of your account, billing, or protection of the Services.
Where marketing communications are offered, you may opt out using the unsubscribe instructions included in those communications.
Namebase does not sell your personal information. We disclose information only in the limited circumstances described below.
Service Providers. We may disclose information to carefully selected vendors that assist us in providing the Services, including providers of cloud hosting, email delivery, customer support, security monitoring, analytics, payment processing, and infrastructure management. These providers receive only the information reasonably necessary to perform their services and are contractually required to protect the information they receive.
Legal Compliance. We may disclose information where reasonably necessary to comply with applicable law, respond to court orders, comply with lawful governmental requests, investigate fraud, protect the rights or safety of users, enforce our agreements, and protect the security or integrity of the Services. Whenever reasonably practicable and legally permitted, we may object to requests that we believe are overly broad or inconsistent with applicable law.
Corporate Transactions. If Namebase undergoes a merger, acquisition, corporate restructuring, financing transaction, bankruptcy proceeding, sale of assets, or transfer of substantially all business operations, personal information may be transferred as part of that transaction, subject to applicable law. Any successor entity receiving personal information will remain subject to the commitments described in this Privacy Policy unless users are otherwise notified.
With Your Direction. We may disclose information where you direct or authorize us to do so, for example when connecting third-party applications, exporting registry information, responding to your support instructions, or integrating with external services.
Aggregated and De-Identified Information. We may publish or disclose aggregated, anonymized, or de-identified information that cannot reasonably be used to identify an individual, such as platform statistics, usage trends, registry adoption metrics, protocol analytics, and research regarding decentralized naming systems.
Because Namebase operates globally, personal information may be processed in countries other than your own.
Where required by applicable law, we implement appropriate safeguards for international transfers, which may include:
Regardless of where information is processed, Namebase applies the privacy and security commitments described in this Privacy Policy.
Namebase retains personal information only for as long as reasonably necessary to:
Retention periods vary depending upon the nature of the information involved and the legal or operational reasons for retaining it. Examples include:
When personal information is no longer reasonably necessary, we will make commercially reasonable efforts to securely delete it, anonymize it, or aggregate it so that it no longer identifies an individual, subject to applicable law, backup retention schedules, dispute preservation requirements, and technical limitations.
Public Blockchain Records. Information permanently recorded on public blockchain networks generally cannot be deleted by Namebase. Even if your Namebase account is deleted, blockchain transactions and naming records may remain publicly visible indefinitely.
Protecting user information is a fundamental objective of the Services.
Namebase employs commercially reasonable administrative, technical, and organizational safeguards designed to protect personal information and maintain the integrity of the Services. These safeguards may include:
Despite these efforts, no system can guarantee absolute security. Accordingly, you are responsible for safeguarding your password, private keys, wallet software, recovery phrases, authentication devices, API credentials, email account, hardware wallets, and computing devices.
If you believe your account or credentials have been compromised, you should notify Namebase immediately using the contact information provided below.
Depending upon your jurisdiction, you may have certain rights regarding your personal information. Subject to applicable law, those rights may include the ability to:
To exercise these rights, please contact us using the contact information provided at the end of this Privacy Policy.
Before responding to a request, Namebase may require reasonable verification of your identity to protect the security of user information.
Certain requests may be denied where permitted or required by applicable law, including where compliance would interfere with legal obligations, compromise the rights of others, impair security, prevent fraud detection, or conflict with public blockchain records that Namebase cannot alter or delete.
If you are a California resident, you may have rights under the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), including the right to:
No Sale or Sharing. Namebase does not sell personal information. Namebase does not share personal information for cross-context behavioral advertising as those terms are defined under California law.
Authorized Agents. You may designate an authorized agent to submit requests on your behalf, subject to reasonable identity verification requirements.
Individuals located in the European Economic Area ("EEA"), the United Kingdom, or other jurisdictions with similar privacy laws may have additional rights under applicable law. These rights may include access, rectification, erasure, restriction of processing, portability, objection to processing, and withdrawal of consent where applicable.
You also have the right to lodge a complaint with the supervisory authority responsible for your jurisdiction if you believe your rights have been violated.
Nothing in this Privacy Policy limits any rights granted under applicable law.
The Services are intended for individuals who are at least eighteen (18) years of age or the applicable age of majority in their jurisdiction.
The Services are not directed to children under thirteen (13) years of age, and Namebase does not knowingly collect personal information from children in violation of applicable law.
If we become aware that personal information has been collected from a child in circumstances where such collection is prohibited by law, we will make commercially reasonable efforts to delete that information promptly.
Parents or legal guardians who believe a child has submitted personal information may contact us using the information provided below.
The Services may contain links to, integrate with, or otherwise interact with third-party services, including blockchain wallet software, cloud infrastructure providers, payment processors, blockchain explorers, analytics providers, email providers, hosting providers, decentralized naming protocols, developer tools, and browser extensions.
These third-party services operate independently of Namebase. Their collection and use of information are governed by their own privacy policies and terms.
Namebase is not responsible for the privacy practices, security practices, or content of third-party services. We encourage users to review the privacy policies of any third-party services they choose to use.
Technology, legal requirements, and the Services continue to evolve. Accordingly, Namebase may update this Privacy Policy from time to time.
Material changes will generally be communicated through one or more of the following methods:
Unless otherwise required by law, changes become effective upon the Effective Date identified at the beginning of the revised Privacy Policy.
Your continued use of the Services after a revised Privacy Policy becomes effective constitutes your acknowledgment of the updated Privacy Policy.
Questions regarding this Privacy Policy or requests relating to your personal information may be directed to:
Namebase
Privacy: sos@namebase.io
Support: sos@namebase.io
Legal: sos@namebase.io
Website: https://namebase.io
Where applicable, requests submitted under GDPR, UK GDPR, CCPA, CPRA, or similar privacy laws should include sufficient information to allow us to verify your identity and understand the nature of your request.
For purposes of this Privacy Policy:
Nothing in this Privacy Policy modifies or limits rights granted under applicable law. In the event of a conflict between this Privacy Policy and mandatory privacy legislation, applicable law controls to the extent of the conflict.
For purposes of this Privacy Policy:
"Blockchain" means a decentralized distributed ledger maintained through cryptographic consensus.
"Digital Asset" means any cryptocurrency, blockchain-native token, naming asset, or other cryptographic asset.
"GDPR" means the European Union General Data Protection Regulation (Regulation (EU) 2016/679), together with the UK GDPR where applicable.
"Personal Information" or "Personal Data" means information relating to an identified or identifiable individual as defined under applicable privacy laws.
"Services" means the Namebase website, registry platform, APIs, software, customer support, and related services.
"SLD" means a second-level domain registered beneath a top-level domain.
"Supported Protocol" means any decentralized naming protocol supported by Namebase from time to time.
"TLD" means a top-level domain administered through the Services.
Where a term is also defined in the Terms of Service or Registry Services Agreement, that definition governs those agreements.
This Privacy Policy is effective as of the Effective Date stated at the beginning of this document.
By accessing or using the Services after that date, you acknowledge that you have read and understood this Privacy Policy.
Privacy is central to the design and operation of Namebase. We believe users should retain meaningful control over their identities, names, wallets, and digital assets while understanding what information is necessary to provide secure and reliable Services. Our commitment to decentralization, transparency, user autonomy, and data minimization guides how we build the platform and how we handle personal information.