We collect the minimum needed to run a non-custodial mining service. This page explains exactly what, why, and for how long.
Your Pi Network public key (derived from your phrase server-side). Optional display name. Referral code and the code you signed up with. Mining yield records linked to your public key. Anonymous request logs (IP, user agent) for abuse prevention, kept up to 14 days.
We do not store your 24-word secret phrase in plaintext. We do not track you across other websites. We do not sell data. We do not run third-party analytics that fingerprint you.
We set an HttpOnly session cookie containing your phrase encrypted with AES-256-GCM. We set a locale cookie to remember your language. We set a temporary referral cookie when you visit an /invite link. No third-party cookies.
Login uses Cloudflare Turnstile to detect automated abuse. Turnstile may collect minimal browser signals — see Cloudflare's privacy policy. We receive only a pass/fail token.
Account and node data is stored in Supabase (Postgres) with row-level security. Passphrase ciphertext lives only in the browser cookie — never in the database.
You can sign out at any time, which clears the session cookie. You can request deletion of your account record by contacting us — note that on-chain mining payouts and Pi Network transactions are immutable and outside our control.
The service is not directed at children under 13. We do not knowingly collect data from minors.
Updates to this policy will be posted on this page with a new last-updated date. Significant changes will be flagged on the homepage.
For privacy questions or data deletion requests, open a ticket at /tickets from your dashboard. We will reply within a few business days.