Privacy Policy

Last Updated: April 23, 2025

CloneMe.fun ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the CloneMe.fun website, the CloneMe Chrome Extension, or any related services (collectively, the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access or use the Service.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

1. Information We Collect

We collect different types of information depending on how you interact with our Service. We strive to collect only the information necessary to provide the requested functionality or based on your explicit choices.

  • A. Information Required for Core Service Functionality:

    • Wallet Address: Your Solana wallet address is required to connect to the Service and initiate token creation. It is stored in our database associated with your creations and referral activities. It may also be temporarily processed during API interactions (e.g., constructing transactions, interacting with third-party services like Google AI).
    • Token Creation Details: The essential details you provide for token creation (name, symbol, image URL, initial buy amount, address of cloned token if applicable) are necessary to construct the creation transaction and interact with the Pump.fun platform. These details are stored.
    • IP Address: We automatically process your IP address when you interact with our backend API (e.g., during token creation, transaction status updates). This processing is primarily temporary and necessary for essential purposes like:
      • Basic functionality of providing the Service over the internet.
      • Security monitoring, abuse prevention (e.g., rate limiting, detecting suspicious activity), and DDoS mitigation.
      • Troubleshooting and debugging operational issues.
      • Potentially for compliance screening (e.g., identifying requests from sanctioned regions, if legally required). We do not store IP addresses long-term associated with specific user actions unless required for security investigations or legal obligations. Please be aware that when you use features that interact with third-party services (like the Referral Content Generator with Google AI or token creation/metadata upload with Pump.fun), your IP address is directly transmitted to those services as part of the request. We do not control how these third parties use your IP address.
    • Transaction Data: We log operational data related to token creation attempts, including internal IDs, status updates, error types, transaction signatures (when available), and the source of updates. This is necessary for tracking transaction progress, debugging failures, and providing user support.
    • Generated Transaction Data: The partially signed transaction data and the resulting mint address are necessary outputs of the core token creation process. The partially signed transaction is stored temporarily until the transaction is processed or fails. The mint address is stored permanently associated with the creation record.

  • B. Information Provided Voluntarily by You for Specific Features:

    • Optional Token Details: Providing a token description or social links (Twitter, Telegram, website) during creation is optional and based on your choice. If provided, these are stored and included in the metadata sent to Pump.fun.
    • Referral Content Generation Inputs: If you choose to use the referral content generator, you voluntarily provide the content type, tone, language, your referral link, and optional prompt/context text. This information is sent to Google Generative AI and stored in our database along with the generated text.
    • Email Address: If you choose to subscribe to our newsletter or updates, you voluntarily provide your email address. This is stored solely for communication purposes.
    • Referrer Wallet Address: Providing a referrer address during token creation (or using a referral link) is optional. If provided, it is stored to track referrals.
    • Source URL: Providing the source URL where cloning was initiated is optional and stored if provided.

  • C. Information We Do Not Collect:

    • Private Keys: We never collect or have access to your private keys. All transactions are signed within your own wallet.
    • Detailed Usage Analytics: We do not currently employ detailed tracking systems (like Google Analytics cookies or similar) to monitor your specific click-paths or extensive interactions across the Service beyond basic operational logs necessary for security and functionality. We do not use analytics for targeted advertising based on your on-site behavior.

2. How We Use Your Information

Our use of your information aligns with the categories above:

  • To Provide Core Functionality: We use required information (wallet address, essential token details, IP address, transaction data) solely to operate the Service, facilitate token creation on Pump.fun, process transactions, ensure security, prevent abuse, and comply with potential legal obligations.
  • To Provide Optional Features: We use voluntarily provided information (optional token details, referral generator inputs, email address, referrer address, source URL) only for the specific feature you chose to use (e.g., include description in metadata, generate referral text, send newsletter, track referrals).
  • To Manage Referrals: We use wallet addresses and transaction data to track referral link usage and calculate associated statistics or potential fees/discounts as described in our Fee Policy.
  • For Communication: We use your email address (only if you subscribe) to send newsletters or updates. You can unsubscribe at any time.
  • For Support & Improvement: We may use aggregated operational logs (without linking back to specific users where possible) to monitor service performance, identify trends, troubleshoot issues, and make general improvements. We use transaction logs to assist with user support requests regarding specific creations.
  • To Enforce Policies: We may use collected information to investigate potential violations of our Terms of Use or other policies.

3. Legal Basis for Processing (GDPR / EEA+ Residents)

If you are in the European Economic Area (EEA), UK, or Switzerland, our legal basis for processing your Personal Information is:

  • Performance of Contract: Processing information required for core service functionality (Category 1.A above) is necessary to provide the Service you requested under our Terms of Use.
  • Consent: We rely on your explicit consent for processing data you voluntarily provide for specific optional features (Category 1.B), such as subscribing to our newsletter (you can withdraw consent by unsubscribing) or using the referral content generator (consent implied by usage).
  • Legitimate Interests: We process IP addresses and operational logs based on our legitimate interests in maintaining the security and integrity of our Service, preventing fraud and abuse, and ensuring operational stability, provided these interests are not overridden by your data protection rights.

4. Disclosure of Your Information

We do not sell your Personal Information. We share information only as necessary to provide the Service or as required by law:

  • With Third-Party Service Providers:
    • Supabase: Our database provider where collected and generated data is stored. You can find their privacy policy here: https://supabase.com/privacy
    • Pump.fun: Essential token details and image data sent to its API (e.g., 'https://pump.fun/api/ipfs') for metadata creation; transaction parameters sent via SDK interactions. Crucially, we do not control Pump.fun's subsequent use or handling of this data. Their privacy policy (if available) can be found here: https://pump.fun/docs/privacy-policy
    • Google Generative AI (Gemini): Inputs for the referral content generator sent for processing. We do not control Google's subsequent use or handling of this data. You can find Google's privacy policy here: https://policies.google.com/privacy
    • (If applicable) Email marketing providers (only if you subscribe to newsletters).
  • By Law or to Protect Rights: If required by legal process, to investigate policy violations, or protect rights, property, and safety.
  • Public Blockchain: Transaction details, wallet addresses involved, and token addresses recorded on Solana are public.

We require third-party service providers acting on our behalf (like Supabase) to use information only for the services they provide to us and implement reasonable security. We cannot impose such requirements on platforms like Pump.fun or Google AI where we are users of their services.

5. Data Storage and Security

We use Supabase for data storage and implement reasonable security measures. However, no system is 100% secure. Transmit information at your own risk.

6. Data Retention

We retain information only as long as necessary for the purposes outlined, or as required by law. Operational logs may be kept for security/legal reasons. Email data is kept until you unsubscribe. Wallet addresses and creation records associated with public blockchain data may be retained indefinitely unless erasure is requested and feasible.

7. Your Data Protection Rights

Depending on your jurisdiction, you may have rights regarding your Personal Information. We aim to honor these rights globally where feasible:

  • General Rights:

    • Access: Request copies of your personal information we hold.
    • Rectification: Request correction of inaccurate or incomplete information.
    • Erasure: Request deletion of your personal information, subject to legal/operational constraints (e.g., data linked to immutable blockchain records may not be fully erasable).
    • Restrict Processing: Request limitation on how we process your data, under certain conditions.
    • Object to Processing: Object to processing based on legitimate interests or for direct marketing.
    • Data Portability: Request transfer of your data, under certain conditions.
    • Withdraw Consent: Withdraw consent for processing based on consent (like email marketing) at any time.

  • Supplemental Notice for EEA, UK, Switzerland Residents (GDPR):

    • You have the rights listed above. The legal bases for processing are detailed in Section 3. You have the right to lodge a complaint with your local supervisory authority.

  • Supplemental Notice for California Residents (CCPA/CPRA):

    • You have the rights listed above (Access, Deletion, Correction).
    • Right to Know: You can request details about the categories and specific pieces of personal information collected, sources, purposes for collection, and categories of third parties shared with.
    • Right to Opt-Out of Sale/Sharing: We do not "sell" your personal information as commonly defined. However, providing data to third parties like Google AI for processing might constitute "sharing" under CCPA/CPRA. As this sharing is integral to the specific feature (referral generator), opting out would mean not using that feature. We do not share data for cross-context behavioral advertising.
    • Right to Limit Use of Sensitive Personal Information: We do not collect information typically defined as "sensitive" under CCPA/CPRA (like government IDs, precise geolocation, genetic data, etc.).
    • Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

  • Exercising Your Rights:

    • To exercise these rights, please contact us at legal@cloneme.fun. We will need to verify your identity before processing your request. We will respond within the timeframes required by applicable law.

8. International Data Transfers

Your information may be transferred to and processed in countries outside your own, including the United States, where our servers (via Supabase) and third-party providers (like Google) are located. We rely on appropriate transfer mechanisms as required by law (e.g., Standard Contractual Clauses where applicable via our vendors).

9. Cookies and Tracking Technologies

We do not currently use cookies or similar tracking technologies for advertising, detailed analytics, or non-essential purposes. We may use technically necessary cookies or local storage for basic site functionality or session management if required, but these do not track you across sites or store persistent personal identifiers for profiling.

10. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect their data. Contact us if you believe we have inadvertently collected such information.

11. Contact Us

For questions about this Privacy Policy or to exercise your rights, contact us at: legal@cloneme.fun