Privacy Policy
Last updated: June 2, 2026
1. Introduction
Pieces ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or engage with our platform. Please read this Privacy Policy carefully. By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
1.1 Scope
This Privacy Policy applies to all users of Pieces and covers information collected through our website, applications, smart contract operations, and communications.
2. Information We Collect
We may collect the following categories of information from and about you:
2.1 Personal Identification Information
Information that you provide directly to us when creating an account or using our Services:
- Email address
- Account credentials and authentication data
- Profile information, including username and display preferences
- Communications and correspondence with us
2.2 Financial and Transaction Information
Information related to your financial activities on our platform:
- Blockchain wallet addresses connected to your account
- On-chain transaction data related to our platform, including Piece creations, backings, refunds, and claims (publicly visible on-chain)
- Piece funding goals and amounts
- Smart contract interactions and events specific to our Services
Note: We do not have access to your external wallet transaction history or transactions unrelated to our platform. We only process cryptocurrency transactions and do not collect traditional payment method information (e.g., credit cards, bank accounts).
2.3 Technical and Usage Information
Information automatically collected when you access or use our Services:
- Device information, including device type, operating system, browser type, and unique device identifiers
- IP address and approximate geographic location
- Usage data, including pages visited, features used, time spent, and navigation patterns
- Referral sources and clickstream data
- Performance data, error logs, and diagnostic information
2.4 Content and Piece Information
Information you provide when creating or engaging with content:
- Piece titles, descriptions, and metadata
- Source content files (encrypted at rest and released publicly if the Piece's funding goal is met) and optional preview files (publicly visible from the moment the Piece is published)
- Content identifiers stored on public blockchains and decentralized storage
- Comments, messages, and other user-generated content
2.5 Information from Third Parties
We may receive information about you from third-party sources, including:
- Authentication providers: When you sign in using Google, we receive your email address from Google. We use this information solely to create and authenticate your Pieces account.
- Payment processors: When you use fiat-to-crypto purchase services through our platform, your information may be shared with our payment processor (Coinbase) to facilitate the transaction. Coinbase's handling of your data is governed by their own Privacy Policy.
- Blockchain network data and public ledgers
- Analytics and service providers
- Fraud prevention and security services
2.6 Google API Services User Data Policy
Pieces's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
3. How We Use Your Information
We use your information for the following purposes:
3.1 Service Provision and Operations
- Provide, maintain, and improve our Services
- Process and execute transactions, including smart contract operations
- Create and manage your account
- Authenticate your identity and prevent unauthorized access
- Enable Piece creation, backing, and content distribution
- Process refunds and fund claims
3.2 Communications and Support
- Respond to your inquiries and provide customer support
- Send transactional notifications, such as Piece status updates and confirmations
- Provide important service announcements and security alerts
- Send marketing communications and promotional materials (with your consent, where required)
3.3 Platform Improvement and Development
- Analyze usage patterns to improve our Services and user experience
- Develop new features, products, and services
- Conduct research, testing, and analysis
- Monitor and analyze trends, usage, and activities
3.4 Security, Fraud Prevention, and Compliance
- Detect, prevent, and address fraud, security breaches, and prohibited activities
- Verify identity and maintain security of accounts and transactions
- Comply with legal obligations, including anti-money laundering (AML) requirements
- Enforce our Terms of Service and other policies
- Protect our rights, property, and safety, and that of our users and others
- Respond to legal requests and prevent harm
3.5 Analytics
We use analytics services, including product analytics and session recording, to understand how our Services are used and to improve the platform. This includes pages visited, features used, clicks, and navigation patterns. Sensitive information like wallet addresses, private keys, and transaction amounts is always excluded, and input fields are masked in session recordings.
You can opt out of analytics anytime in Settings → Privacy Settings.
4. Data Security and Retention
4.1 Security Measures
We implement commercially reasonable technical and organizational measures to protect your personal information, including encryption in transit and at rest, secure authentication, and access controls. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.
4.2 Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law. When no longer necessary, we securely delete or anonymize it.
5. How We Share Your Information
We may share your personal information in the following circumstances:
5.1 Service Providers
We engage third-party service providers for cloud hosting, analytics, authentication, email delivery, and security. These providers access your information only to perform services on our behalf and are obligated not to use it for other purposes.
5.2 Legal and Regulatory Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities, including to:
- Comply with legal obligations, court orders, or legal process
- Respond to lawful requests from government authorities
- Enforce our Terms of Service or other agreements
- Protect our rights, property, or safety, or that of others
- Investigate or prevent fraud, security breaches, or illegal activities
5.3 Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website of any change in ownership or use of your personal information, as well as any choices you may have regarding your personal information.
5.4 Blockchain and On-Chain Data
When you interact with blockchain networks through our Services, certain information becomes publicly available on distributed ledgers. This includes:
- Wallet addresses associated with your account
- Transaction hashes, amounts, and timestamps
- Smart contract events (Piece creation, backings, refunds, claims)
- Content identifiers
This information is recorded on public blockchains and is not under our control. It may be accessed, copied, and stored by third parties indefinitely. We do not control blockchain nodes, validators, or infrastructure outside of our own systems.
Important: We never have access to, collect, or store your private keys, seed phrases, or wallet passwords. You are solely responsible for the security of your wallet credentials.
5.5 Public Content Release
When a Piece's funding goal is met, the source content is released publicly. Released content and any preview files are stored on decentralized storage networks (such as IPFS) and are accessible to anyone. Once released, content may be copied, mirrored, or stored by third parties indefinitely, and may be difficult or impossible to fully remove. Do not include sensitive personal information, the personal information of others without consent, or anything you are not comfortable making permanently public.
5.6 Aggregated and Anonymized Data
We may share aggregated or anonymized information that cannot reasonably be used to identify you. This includes statistics, research findings, and usage trends shared with partners, researchers, or the public.
6. Your Privacy Rights
Depending on your jurisdiction, you may have certain rights regarding your personal information. These rights may include:
6.1 Access and Portability
- Right to Access: Request confirmation of whether we process your personal information and obtain a copy of that information
- Right to Data Portability: Receive your personal information in a structured, commonly used, and machine-readable format, and transmit it to another controller
6.2 Correction and Deletion
- Right to Rectification: Request correction of inaccurate or incomplete personal information
- Right to Erasure: Request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, establishment of legal claims)
6.3 Processing Restrictions
- Right to Restrict Processing: Request limitation of how we process your personal information in certain circumstances
- Right to Object: Object to processing of your personal information based on legitimate interests or for direct marketing purposes
- Right to Withdraw Consent: Where processing is based on consent, withdraw that consent at any time (without affecting the lawfulness of processing before withdrawal)
6.4 Exercising Your Rights
To exercise any of these rights, you may:
- Access your account settings at Settings → Privacy Settings
- Contact us at [email protected]
- Submit a request through our support channels
We will respond to your request within 30 days (or as otherwise required by applicable law). We may require verification of your identity before processing certain requests to protect your privacy and security.
6.5 Limitations
Please note that certain rights may be subject to limitations based on applicable law, including:
- Legal obligations that require us to retain certain information
- Information recorded on public blockchains, which we cannot modify or delete after recording
- Information necessary to establish, exercise, or defend legal claims
- Anonymized or aggregated data that cannot reasonably be linked back to you individually
7. Cookies and Tracking Technologies
7.1 Types of Technologies Used
We use cookies, web beacons, local storage, and similar technologies to collect information about your use of our Services. These technologies serve various purposes:
- Essential Cookies: Required for core functionality, including authentication, security, and session management
- Analytics Cookies: Help us understand how users interact with our Services (subject to your consent preferences)
- Preference Cookies: Remember your settings and preferences
7.2 Managing Cookies
You can control cookie preferences through:
- Your account settings at Settings → Privacy Settings
- Your browser settings (note that disabling cookies may affect functionality)
7.3 Do Not Track
We honor Do Not Track (DNT) signals when transmitted by your browser. When a DNT signal is detected, we do not track, plant non-essential cookies, or use advertising technologies.
8. International Data Transfers
Your information may be transferred to, stored, and processed in countries other than your country of residence, including the United States, where our servers and service providers are located. These countries may have data protection laws that differ from those in your jurisdiction.
When we transfer personal information internationally, we implement appropriate safeguards, including:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions recognizing equivalent data protection
- Other legally recognized transfer mechanisms
9. Age Requirement
9.1 Age Restrictions
Our Services are intended for adults. We do not direct the Services to, and do not knowingly collect personal information from, anyone under 18 (or the age of majority in your jurisdiction, whichever is greater). If you are under 18, do not use our Services or provide any information to us. In addition, consistent with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under 13 under any circumstances.
9.2 Parental Notice
If we learn that we have collected personal information from a minor without the required consent, we will take steps to delete that information as quickly as possible. If you believe we may have collected information from a minor, please contact us at [email protected].
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or prominent notice on the Service and update the "Last Updated" date above.
11. Contact Information
For questions or requests regarding this Privacy Policy, contact us at [email protected].
If you are in the EEA, UK, or Switzerland, you may lodge a complaint with your local data protection authority if we have not adequately addressed your concerns.