JaredETH
Get JaredETH MEV bot

Privacy Policy

Last updated: 2026-05-25

Summary

JaredETH collects the minimum information required to operate your account, deliver your license, process your order, provide support, and run our own first-party analytics on jaredeth.com. We do not sell your data. We do not run third-party analytics, ad networks, or tracking pixels. Passwords are hashed; the bot signing wallet address you submit is encrypted at rest.

What we collect (account)

  • Email address — for account login and support communication
  • Password — stored as a PBKDF2-SHA256 hash with random salt; never plaintext
  • IP address and approximate location of sign-in events — for account security
  • Login history, including timestamp and device, visible to you in the account dashboard
  • Order and payment activity — tier purchased, amount, receiver address, transaction hash
  • The on-chain bot signing wallet address you submit from the desktop app — encrypted at rest
  • Support ticket content and message history
  • Optional two-factor authentication secret (TOTP) and recovery codes — hashed

Analytics & cookies (jaredeth.com)

JaredETH runs first-party analytics on the marketing site to understand traffic. No third-party vendor (Google Analytics, Meta, Mixpanel, etc.) receives any of this data — everything stays on JaredETH-controlled infrastructure.

  • First-party visitor cookie (_jv): a random 32-character ID stored for up to one year. Used to count returning vs. new visitors and to deduplicate page views from the same browser. The ID is not linked to any third-party identity graph.
  • Page-view log: per public page view we record the page URL, the referring URL (stripped of query strings), your IP address, your browser user-agent, and the timestamp. Used for aggregate traffic, referrer attribution, and abuse detection.
  • Session cookie (after sign-in): an HMAC-signed token that keeps you logged in. Required for the service to function.

Analytics records are retained for up to 24 months and then automatically purged. To opt out of visit tracking, block the /api/track endpoint in your browser, or use Do Not Track / a tracker-blocking extension — JaredETH respects client-side blocking without complaint.

What we don't collect

  • No third-party analytics, ad-network tags, or marketing pixels
  • No telemetry from the desktop app beyond explicit features (wallet submission, license verification, support tickets)
  • No private keys, seed phrases, or wallet-signing material — these never leave your device
  • No browsing history outside of JaredETH-owned domains
  • No selling or sharing of any of the above with data brokers, advertisers, or anyone else

How we use it

To run your account, deliver your license, process and confirm your payment, contact you about your purchase, and provide technical support. Login events and IP records are retained to surface suspicious activity to you (and to ourselves) and to support account recovery. We do not sell or share your data with third parties for marketing purposes.

Data sharing

JaredETH shares data only where strictly required to deliver the service: with payment processors and on-chain settlement infrastructure for orders, and where required by law in response to a valid legal process. We do not transfer your data to advertising networks, data brokers, or affiliated marketers.

Retention & deletion

You can delete your account from the account dashboard at any time. Account deletion removes your profile, login history, ticket history, and stored wallet address. We may retain a minimum set of records for tax, accounting, or regulatory-compliance reasons where required by law, and we retain anonymized order metadata for fraud prevention.

Your rights

Depending on your jurisdiction, you may have the right to access, correct, port, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, open a support ticket from your account dashboard. We respond within 30 days.

Security

All traffic is served over HTTPS with HSTS preload. Passwords use PBKDF2-SHA256 with random per-user salts. Session tokens are HMAC-signed and can be invalidated from any device via Sign Out Everywhere. Optional TOTP-based two-factor authentication is available with one-time recovery codes. The bot signing wallet address is encrypted at rest.

Changes

JaredETH may revise this Privacy Policy. The "Last updated" date above reflects the effective date of the current version. Material changes are surfaced in the account dashboard.

Contact

Privacy questions: open a ticket from your account dashboard. See the Terms of Service for the broader agreement governing your use of JaredETH.