← Back to MiniBlocks

Privacy Policy

Last updated: November 2025

Our Privacy Commitment: We collect the absolute minimum data necessary to operate this service securely. We do not use cookies, we do not track individual users, and we do not sell or share any data with third parties for marketing purposes.

1. Introduction

This Privacy Policy explains how miniblocks ("we", "our", or "us") collects, uses, and protects information when you use our blockchain explorer service. We are committed to transparency and compliance with privacy regulations including the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other international privacy standards.

2. Information We Collect

2.1 Technical Data for Security and Rate Limiting

When you connect to our WebSocket service, we temporarily process your IP address for security and rate limiting purposes. This prevents abuse and ensures service availability for all users.

  • What we collect: IP addresses from WebSocket connections
  • How we use it: Connection rate limiting and abuse prevention
  • How long we keep it: Stored in memory only; automatically deleted when your connection closes
  • Legal basis (GDPR): Legitimate interest in protecting our service from abuse and ensuring availability

2.2 Cloudflare CDN and Security Services

Our website is served through Cloudflare, a content delivery network (CDN) and security service. When you visit our site, Cloudflare may process certain data to provide security, performance optimization, and service delivery.

  • What Cloudflare may collect: IP addresses, system configuration information, and traffic data
  • How it's used: DDoS protection, security filtering, content delivery optimization, and abuse prevention
  • How long: Cloudflare retains logs for a limited period as described in their privacy policy
  • Legal basis (GDPR): Legitimate interest in protecting our service and ensuring availability
  • Data location: Cloudflare operates globally with data centers worldwide

Note: We do not use Cloudflare Analytics or any other Cloudflare tracking features beyond basic CDN and security services.

Learn more about Cloudflare's privacy practices: https://www.cloudflare.com/privacypolicy/

2.3 Analytics Data

We use Simple Analytics, a privacy-first analytics service based in the Netherlands (EU). Simple Analytics is fully GDPR compliant and does not use cookies or collect personal information.

  • What is collected: Page views, referrer information, browser type, and general location (country-level only)
  • How it's collected: Through Simple Analytics' privacy-first tracking script
  • Personal data: No personal or identifiable information is collected
  • Cookies: Simple Analytics does not use cookies
  • Data storage: All data remains within the EU
  • Legal basis (GDPR): Legitimate interest in understanding aggregated website usage patterns

Learn more about Simple Analytics' privacy practices: https://simpleanalytics.com/privacy-policy

2.4 User Preferences (Theme Selection)

To remember your visual theme preference (light or dark mode), we store a single value in your browser's localStorage. This is stored locally on your device and never transmitted to our servers. The site defaults to dark mode if no preference is saved.

  • What we store: Your theme preference ("light" or "dark")
  • Default theme: Dark mode (if no preference is saved)
  • Where it's stored: Locally in your browser only (never sent to our servers)
  • Personal data: This is not personal data and cannot be used to identify you
  • How to clear it: Clear your browser's site data or switch themes using the toggle button
  • Legal basis (GDPR): Legitimate interest in providing a better user experience by remembering your preference

2.5 Data We Do NOT Collect

We want to be clear about what we don't do:

  • We do not use cookies
  • We do not collect personal information (names, emails, phone numbers, etc.)
  • We do not require user accounts or authentication
  • We do not track individual users across sessions
  • We do not create user profiles or use fingerprinting techniques
  • We do not sell, rent, or share any data with advertisers or third parties
  • We do not use localStorage for tracking purposes (only for your theme preference)

3. How We Use Information

The minimal data we collect is used exclusively for:

  • Security: Preventing abuse through rate limiting of WebSocket connections
  • Service Improvement: Understanding aggregate usage patterns through privacy-first analytics
  • Performance: Ensuring service availability and optimal performance for all users

We do not use the collected information for marketing, advertising, profiling, or any other purpose.

4. Data Sharing and Third Parties

We use the following third-party services:

4.1 Cloudflare

Our website infrastructure uses Cloudflare for CDN, DDoS protection, and security services. Cloudflare may process IP addresses and technical information as described in section 2.2 above. We do not use Cloudflare Analytics or any tracking features.

  • Service: Content delivery and security
  • Data processed: IP addresses, system configuration, traffic data
  • Purpose: DDoS protection, performance optimization, security
  • Privacy policy: cloudflare.com/privacypolicy/

4.2 Simple Analytics

For website analytics, we use Simple Analytics, a privacy-first service based in the Netherlands (EU). Simple Analytics:

  • Does not collect personal or identifiable data
  • Does not use cookies or local storage
  • Is fully GDPR compliant
  • Does not sell or share data with third parties
  • Stores all data within the EU
  • Provides only aggregated, non-personal analytics

According to Simple Analytics' privacy policy, they collect limited non-personally identifiable data (country, pages visited, device/browser type, referrer) solely for the purpose of providing us with aggregated website statistics. They do not and will never sell this data to third parties.

We do not share any data with any other third parties. We do not use advertising networks, social media tracking, or any other third-party services that collect personal information for marketing purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect the minimal data we process:

  • IP addresses are stored in memory only (not persisted to disk)
  • WebSocket connections use secure protocols (WSS)
  • Content Security Policy (CSP) headers protect against injection attacks
  • Rate limiting prevents denial-of-service attacks
  • Regular security updates and monitoring

6. Your Rights

Under GDPR and other privacy regulations, you have the following rights. However, please note that due to our minimal data collection practices, most of these rights are not applicable as we do not store personal data:

  • Right to Access: You can request information about any data we hold about you (though we do not persistently store personal data)
  • Right to Rectification: Not applicable as we do not store personal profiles
  • Right to Erasure: IP addresses are automatically deleted when you disconnect; no persistent data exists
  • Right to Data Portability: Not applicable as we do not store personal data
  • Right to Object: You can disconnect from our WebSocket service at any time, which immediately removes your IP from our rate limiting system
  • Right to Withdraw Consent: Not applicable as we rely on legitimate interest, not consent

7. International Data Transfers

Simple Analytics: Based in the EU (Netherlands) and processes all data within the EU, ensuring full compliance with GDPR standards. No data is transferred outside the European Economic Area.

Cloudflare: Operates globally with data centers worldwide. When you access our site, your data may be processed through Cloudflare's network, which includes locations outside the EU. Cloudflare is certified under the EU-U.S. Data Privacy Framework and uses Standard Contractual Clauses (SCCs) for international data transfers, ensuring GDPR-compliant protection for data transferred outside the EU.

Our servers: IP addresses for rate limiting are processed in memory only and are not persistently stored or transferred internationally.

8. Children's Privacy

Our service is not directed at children under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will indicate the "Last updated" date at the top of this policy. Continued use of our service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: hello [at] miniblocks [dot] io

11. Legal Basis for Processing (GDPR)

For users in the EU, our legal basis for processing the minimal data we collect is:

  • Legitimate Interest (Article 6(1)(f) GDPR): We have a legitimate interest in protecting our service from abuse through rate limiting and understanding aggregate usage patterns to improve the service. This minimal processing does not override your rights and freedoms.

12. California Privacy Rights (CCPA)

For California residents, you have the right to:

  • Know what personal information we collect (minimal: temporary IP addresses for rate limiting)
  • Request deletion of personal information (automatically deleted when you disconnect)
  • Opt-out of the sale of personal information (we do not sell any information)

We do not discriminate against users who exercise their privacy rights.

Summary: We take your privacy seriously by collecting almost nothing. No cookies, no tracking, no personal data storage. Just a secure, privacy-first blockchain analytics tool.