privacy
Privacy.
We collect the minimum needed to make the site useful. No ads, no cross-site tracking, no dark patterns.
What we collect
- Cloudflare Web Analytics — cookieless pageview beacon that records URL, referrer, and country only. No personal data, no cross-site tracking, no cookies. Runs on every page; no opt-out because there's nothing to opt out of.
- Try-It emails. When you start a live demo we
store your email in a Cloudflare KV entry to rate-limit
exchanges (5/day) and to follow up with opchain release notes
if you opt in. Entries expire after 365 days (configurable via
LEAD_TTL_DAYSfor self-hosted deployments). Email privacy@opchain.dev to delete yours sooner. - Rate-limit counters. IP-addressed counters
keyed by
CF-Connecting-IP, expiring after 1 hour. Used only to prevent abuse. - Anonymous usage events (optional — consent banner). PostHog collects funnel events: which skills get tried, where people stop, whether they grab the zip. The identifier is a SHA-256 of your lowercased email; we never send the raw email. Decline the banner → no SDK load, no cookies, no events.
- Feedback submissions go to Linear for triage. Including your email is optional; if you leave it blank we have no way to reply.
What we don't do
- Share your email with third parties.
- Profile you across other sites.
- Record your screen or keystrokes.
- Sell usage data.
Opting out
Click Manage privacy in the footer to reset your consent choice. Declining stops PostHog from loading altogether. If you'd like your Try-It email removed ahead of its TTL, email privacy@opchain.dev.
Self-hosting
opchain is open source. If you run a fork, your data stays in
your Cloudflare account. Analytics are env-gated — without
POSTHOG_PROJECT_API_KEY, nothing is captured.