Privacy
Snapsus is built so the question "what do you do with my data?" has the shortest possible answer: nothing.
What we collect
No accounts. No tracking pixels. No analytics scripts. No cookies. No fingerprinting. We do not embed Google Analytics, Mixpanel, Segment, or any equivalent.
What we store
Snapshot results are computed in your browser and never persisted on our servers — unless you explicitly click "Get a shareable link". The CSV and JSON archives you download exist only on your machine. We do not retain a copy.
The Cloudflare edge caches some upstream API responses (collection metadata, holder lists) for 1–60 minutes to reduce load. These caches store only the API response bodies — never linked to you, never inspected by us, automatically expired.
Shared snapshots
If you click "Get a shareable link" we publish the snapshot to Cloudflare KV under a random 8-character ID and return a URL like snapsus.com/s/ABC12345. Anyone with that URL can view the snapshot and check addresses against it.
The published payload is the same data anyone could derive themselves from public on-chain history: holder addresses, allocation counts, the source wallets/contracts you snapshotted, and the block heights used. No personal data is added.
Shared snapshots auto-expire after 1 year. We have no UI for deletion before that — if you need a snapshot taken down sooner, email [email protected] with the ID.
What hits third parties
To do its job, Snapsus queries:
- Alchemy — for on-chain reads (contract metadata, transfers, owners). Snapsus uses a server-side API key; Alchemy sees our edge IP, not yours.
- OpenSea — for creator → collections discovery. Same setup as Alchemy: the request comes from our edge.
- ENS Ideas (
api.ensideas.com) — for ENS name resolution. These calls go directly from your browser. They may log your IP per their privacy policy. - DefiLlama (
coins.llama.fi) — to map a timestamp to a block number. Same: direct from your browser.
If any of these are a concern, you can use the site without ENS resolution (it's optional, address-only mode works) and avoid historical snapshots (which need DefiLlama).
What Cloudflare sees
The site is hosted on Cloudflare Pages. Cloudflare logs the IP address of every request for security and abuse prevention; we do not have access to this data beyond aggregate counters and never link it to any other identity.
Rate limiting
To prevent the proxy from being abused as a free Alchemy/OpenSea relay, we count requests per IP per minute via Cloudflare KV. The counter holds an IP and a count for at most 90 seconds, then auto-deletes. We do not retain or analyze this data.
Contact form
If you submit a message via the contact form, we receive your email address, the subject and body of your message, the topic you selected, and the IP address that submitted it. The message is delivered to [email protected] via Resend (transactional email service) and a copy is retained for 90 days under a random ID in Cloudflare KV for audit and abuse-prevention purposes, then auto-deletes.
We use the email address solely to reply. We don't add it to any newsletter or sell it.
Children
Snapsus is not directed at children under 13 and we do not knowingly collect data from anyone of any age.
Changes
If we ever start collecting data — we won't, but if we did — the change would land here with the date above updated. There's no email list to notify.
Contact
Questions? Email us at [email protected].
This document is a plain-language summary. It is not legal advice. Where stricter local privacy law applies (GDPR, CCPA, etc.), that law takes precedence.