Privacy Policy

Effective: 2026-05-12 · Operator: FalsifyLab · Contact: ops@falsifylab.com

1. Data we collect

• Public website (falsifylab.com): no personal data collected. No analytics cookies. Cloudflare logs IP + user-agent at the edge for DDoS protection (Cloudflare retains per their policy).
• API + MCP server: when you use a paid API key, we log the key ID, endpoint hit, timestamp, response size. No request bodies stored.
• Newsletter (Substack): Substack processes subscriber emails per their own privacy policy.
• Telegram bot: we store your TG user ID + chat ID to deliver messages. Nothing else.

2. What we do NOT collect

• Wallet addresses, private keys, transaction history (unless you publicly post about them)
• Email addresses outside Substack opt-in
• Identity, KYC, geolocation

3. Third parties

• Cloudflare (hosting, edge logs)
• Substack (newsletter)
• OpenAI / DeepSeek (content generation backends)
• Coinbase Commerce / Creem (when payment ships)
• X, Bluesky, Nostr relays, Stacker News (we post; they have their own policies)

4. Data retention

API logs: 90 days. Cookie sessions: per third-party policy. Newsletter: as long as you remain subscribed.

5. Your rights

Email ops@falsifylab.com to request deletion of any data we hold. We respond within 14 days.

6. Updates

This policy may change. Material changes will be announced via Substack + X.