Shieldz

Privacy Policy

Last updated: V1 launch.

What we collect from merchants

• Your Telegram user ID (the dashboard's auth identifier).
• Display name and logo URL you choose for your hosted checkout.
• Settlement address you provide.
• Webhook endpoint URL and the metadata you attach to invoices.

What we do NOT collect from buyers

• No PII. We do not know the buyer's name, email, IP geolocation, or anything else about them beyond what's strictly required for payment routing.
• No payment graph. The buyer's wallet, balance, and prior transactions are private to them — that's the whole point of using shielded Zcash.
• The buyer's Zcash refund t-address IS stored, but only to satisfy the MAYAChain refund mechanism in case the swap fails.
• The buyer's submitted tx_hash IS stored, for attribution.

Who we share with

• LeoKit aggregator — for generating quotes and binding deposit addresses.
• MAYAChain — public protocol that executes swaps. The on-chain data is permissionless.
• Your merchant webhook endpoint — for delivering payment events you've subscribed to.
• Nobody else.

Retention

Invoices, payments, and webhook delivery logs are retained indefinitely while you have an active merchant account. We may purge older records for inactive accounts. Email contact@shieldz.cash for data deletion requests.