TAO--
Block--

Privacy Policy

Last updated: March 15, 2026

1. Who We Are

Bittensor.ai (“we,” “us,” or “our”) is a blockchain explorer and ecosystem platform for the Bittensor decentralized AI network. We are operated by Bittensor.ai LLC. This policy describes how we handle your information when you use our website and services.

2. Information We Collect

2.1 Information You Provide

  • Account information: When you create an account, we collect your email address, username, and password (hashed — we never store plaintext passwords).
  • Third-party sign-in: If you sign in with Google, we receive your name and email address from Google. We do not receive or store your Google password.
  • Wallet addresses: If you link a Bittensor wallet, we store the public address (SS58) and a verification signature. We never have access to your private keys.
  • API keys: If you generate API keys, we store a hashed version. The plaintext key is shown to you once at creation and is not stored.
  • Preferences: Dashboard layout, favorite subnets, and display settings you configure.
  • Search queries: Queries you enter in the search bar are sent to our backend to return results. We do not persistently log individual search queries.

2.2 Information Collected Automatically

  • Security tokens: We set a short-lived, HttpOnly cookie (“__bff_token”) to verify that API requests originate from a genuine page visit. This cookie contains a signed timestamp — no personal data — and expires after one hour.
  • Theme preference: A local-storage value records your light/dark/system theme choice. This stays on your device and is not sent to our servers.
  • Web Vitals: We collect anonymous performance metrics (page load time, interactivity, layout shifts) to improve site performance. These metrics are not linked to individual users.
  • Error reports: When something goes wrong on the Site, our error tracking service automatically captures the error message, browser type, operating system, and the page URL where the error occurred. These reports may include your IP address. Error reports are used solely to diagnose and fix bugs.
  • Server logs: Our servers record IP addresses, request timestamps, HTTP methods, and response status codes for security monitoring and rate limiting. Logs are retained for 30 days and then deleted.

3. How We Use Your Information

  • Provide, maintain, and improve the explorer and platform features.
  • Authenticate your identity and secure your account.
  • Enforce rate limits and prevent abuse of our API and website.
  • Send transactional emails (password resets, security alerts). We do not send marketing emails without your opt-in consent.
  • Monitor site performance and reliability.

4. Information We Do Not Collect

  • We do not use third-party analytics services (no Google Analytics, no tracking pixels).
  • We do not sell, rent, or trade your personal information to third parties.
  • We do not collect or store private keys, seed phrases, or wallet passwords.
  • We do not use advertising cookies or cross-site tracking.

5. Cookies

We use the following cookies:

CookiePurposeDurationType
__bff_tokenAPI request verification1 hourStrictly necessary
sessionAuthentication session (when logged in)Session / 30 daysStrictly necessary

We do not use any optional or marketing cookies. Because all cookies are strictly necessary for site functionality, no cookie consent banner is required under most privacy regulations.

6. Data Security

  • All traffic is encrypted in transit via TLS (HTTPS).
  • Passwords are hashed using industry-standard algorithms before storage.
  • API keys are stored as SHA-256 hashes — the plaintext is never persisted.
  • Security cookies are HttpOnly, Secure, and SameSite=Strict.
  • We enforce Content-Security-Policy headers to mitigate XSS attacks.
  • Rate limiting protects against brute-force and denial-of-service attacks.

7. Data Retention

  • Account data: Retained while your account is active. You may request deletion at any time.
  • Server logs: Retained for 30 days, then automatically deleted.
  • Blockchain data: Blockchain data displayed on the site is publicly available on the Bittensor network and is not subject to deletion.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your account and associated data.
  • Export your data in a portable format.
  • Object to or restrict certain processing of your data.

To exercise any of these rights, contact us at the address below.

9. Third-Party Services

  • Bittensor network: The site reads publicly available blockchain data from the Bittensor Finney network via RPC.
  • Error tracking: We use an error tracking service to collect crash and error reports. This service may receive your IP address, browser type, and details about the error. Data is used solely for bug fixes and is not shared with third parties.
  • Cloudflare: We may use Cloudflare Turnstile for bot protection on certain forms. Cloudflare's privacy policy applies to their processing.
  • Google OAuth: If you choose to sign in with Google, Google's privacy policy governs their handling of your data during the sign-in flow.

10. Children's Privacy

Our services are not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

11. Changes to This Policy

We may update this policy from time to time. We will post the revised policy on this page with an updated “Last updated” date. Continued use of the site after changes constitutes acceptance of the revised policy.

12. Contact

For privacy-related questions or requests, contact us at [email protected].

Privacy Policy | Bittensor.ai