Privacy Policy
Privacy Policy
This policy explains the information handled by NFT Player, why it is used, external services, retention, and user request options.
Last updated: July 7, 2026
1. Scope and Operator
This policy applies to the iOS app "NFT Player", related server features, support communication, and public web pages.
- Developer: Yasuyuki Arata
- Contact: nadegatadev@gmail.com
2. Basic Policy
- NFT Player displays publicly available NFT information for wallet addresses as a personal gallery.
- NFT Player does not collect private keys, seed phrases, wallet passwords, or signature data needed to transfer assets.
- NFT Player does not use third-party advertising tracking.
- NFT Player does not sell collected information to data brokers.
3. Information Handled
Information stored on device or in iCloud
NFT Player may store the following information on the device or in the user's iCloud area to provide gallery display and settings.
- Wallet addresses added by the user, wallet names, and display order
- NFT chains, contract addresses, token IDs, names, image URLs, video URLs, and display metadata
- Favorites, albums, shelf collections, hidden items, display permissions, display exclusions, and other gallery state
- Images selected by the user as alternate display images
- Purchase state, free/Pro feature state, display theme, and other app settings
Information sent to servers
The following information may be sent to related servers for wallet refresh, NFT display, media resolution, purchase verification, limit management, and abuse prevention.
- Wallet address, target chain, contract address, and token ID
- NFT metadata, media candidate URLs, and collection information needed for fetching
- App Attest information needed to verify app integrity
- StoreKit purchase and subscription verification information. Apple handles payment card details.
- Support ID, anonymous tokens, sync counts, limits, credits, and error or operation state
- Log information commonly generated during network communication, such as IP address, User-Agent, request time, and status
Information received through support
If you contact support by email, NFT Player may review your email address, message, support ID, attached screenshots or screen recordings, and information needed to investigate the issue.
Information not normally collected
Unless you voluntarily send it in a support message, NFT Player does not collect contacts, precise location, your full photo library, health information, private keys, seed phrases, or wallet passwords.
4. Purposes
- To fetch NFTs related to wallet addresses and display them in a gallery
- To choose displayable images, videos, or other NFT media
- To provide display permissions, exclusions, shelves, albums, favorites, and related features
- To process, restore, and verify subscriptions
- To prevent abuse, excessive access, and service failures
- To investigate bugs, improve quality, and respond to support requests
- To comply with laws, App Store requirements, and the Terms of Use
5. App Store Privacy Disclosures
App Store privacy answers are prepared based on the implementation at the time of release. NFT Player may handle identifiers, purchases, user content, usage data, diagnostics, and support contact information for app functionality, purchase verification, abuse prevention, diagnostics, and support.
This information is not used for third-party advertising tracking. Information processed by external services is also subject to those services' privacy policies.
6. External Services
NFT Player may use or refer to the following external services to provide features.
- Apple: App Store, StoreKit, TestFlight, App Attest, CloudKit, and iCloud
- Cloudflare: API delivery, D1 databases, logs/analytics, and Cloudflare Pages
- Alchemy or similar NFT data providers: fetching NFT information related to wallet addresses
- OpenSea or other NFT services: external links opened by the user
- Email services: replying to support requests
Information processed by external services is subject to the terms and privacy policies of those providers.
7. International Processing
Information handled by NFT Player may be processed outside your country or region of residence. Depending on the locations and processing infrastructure of Apple, Cloudflare, NFT data providers, email services, and similar providers, information may be processed in Japan, the United States, the EU/EEA, and other countries or regions.
When personal information is transferred from the EU/EEA, the United Kingdom, or other regions to Japan or another third country, NFT Player relies on applicable mechanisms such as adequacy decisions, standard contractual clauses, or transfer safeguards provided by service providers, as required by applicable law.
8. Retention, Access, and Deletion Requests
- Device data may remain until you delete it in the app or remove the app.
- If iCloud sync is enabled, gallery state may remain in your iCloud area and is also controlled by your Apple ID and iCloud settings.
- Server-side media resolution results, limit-management data, purchase-verification state, and abuse-prevention records are retained as needed for app functionality, troubleshooting, and abuse prevention.
- Display media resolution records are currently eligible for deletion after their expiry plus a 30-day grace period.
- Operational data such as sync usage, credit records, block history, restore usage, deleted wallet records, wallet state, and App Attest keys are currently eligible for deletion on schedules that generally range from 90 to 730 days, depending on the data type.
- Inactive or expired purchase entitlement records are currently eligible for deletion after 730 days. StoreKit purchase tokens are currently eligible for deletion after expiry plus a 1-day grace period. App Store Server Notification audit records, if enabled in the future, are currently eligible for deletion after 180 days.
- Support messages are normally retained for up to 24 months after the final response to respond, investigate issues, and keep support history. They may be retained longer when needed for legal compliance, abuse prevention, or dispute handling.
- To request access to or deletion of server-side support or operation data, contact support with the support ID and information needed to identify the relevant account. Do not send private keys, seed phrases, or wallet passwords.
Deletion is applied to active databases first. Data included in Cloudflare D1 Time Travel or backups may remain until the provider retention period expires. Blockchain data, Apple purchase/refund/billing records, and information controlled by external NFT services cannot be deleted by NFT Player.
9. Regional Privacy Rights
Depending on applicable law, you may have rights to access, confirm, correct, delete, restrict processing of, object to processing of, port, or withdraw consent for your personal information. Available rights vary by region, data type, and processing purpose.
Users in California and some other regions may have rights to know what personal information is collected, used, or disclosed, to request correction or deletion, to opt out of sale or sharing, and not to be discriminated against for exercising privacy rights. NFT Player does not sell personal information and does not share personal information for cross-context behavioral advertising.
To make a privacy request, contact support with the subject line "Privacy Request" and include the support ID or information needed to identify the relevant account. Do not send private keys, seed phrases, wallet passwords, or Apple ID passwords. NFT Player may ask for additional information when needed to verify your identity or request scope.
10. Third-Party Sharing, Sale, and Disclosure
NFT Player does not sell collected information and does not share it for cross-context behavioral advertising. Information may be sent to Apple, Cloudflare, NFT data providers, email services, and similar external services when needed for app functionality, purchase verification, abuse prevention, support, legal compliance, or with your consent. If you open an external link, the destination service handles information under its own terms and privacy policy.
11. Security
NFT Player uses reasonable safeguards such as access controls, authentication, data minimization, cleanup of unnecessary data, and log review. However, no internet communication or external service can be guaranteed to be completely secure.
12. Children
NFT Player is not directed to children under 13 or under the digital consent age that applies in their region. If a parent or guardian believes that a child provided personal information without parental consent, contact support with the subject line "Privacy Request". After review, reasonable steps will be taken to delete or disable use of that information.
13. Changes
This policy may be updated due to feature changes, legal changes, or external service changes. Important changes will be announced in the app or on this page.
14. Contact
For privacy questions, contact:
Yasuyuki Arata / nadegatadev@gmail.com