How we handle data
We built NavoSwap so a normal swap doesn't feel like signing up for a marketing database: no KYC for the public flow, no wallet connect required to use the swap UI, and a lot less tracking than typical Web3 landing pages. The binding version of this is still our Privacy Policy and Terms & Conditions, which match what you see in the app.
Anonymous swappers
You don't create a user profile to trade. We tie work to order IDs and one-time deposit addresses. Internally we try to keep logs lean and avoid hoarding data we don't need to settle a swap. (Whitepaper goes deeper on how we think about correlation.)
You (swap user)
No account required; destination address only where needed.
Order & deposit layer
Single-use deposit addresses; work tracked by order ID, not a long-lived profile.
Routing (optional)
With is_anonym, paths aim to reduce trivial on-chain linkability between in and out.
Settlement
Liquidity aggregation and payout; minimal retention of correlation data per policy.
Privacy features reduce unnecessary exposure but are not a guarantee against all analysis. See Architecture for the full lifecycle.
Partner accounts
If you register as a partner we obviously store what lets you log in—email, password hash, 2FA settings if you turn it on, API key metadata, payout details for affiliate settlements, and audit trails for support. That's a separate bucket from anonymous end-user swaps.
Cookies & local storage
We use browser storage for sessions, recent orders you looked up, and UI preferences. We're not running a third-party ad stack off your swap history.
Private routing
Toggle Private in the app or send is_anonym on the API when we support it for that route. That steers execution through privacy-oriented paths so input and output aren't trivially linkable on-chain. It's a real feature, not a promise against every possible analyst—see Architecture & lifecycle for how we think about trust boundaries.