Last updated: March 31, 2026
We collect your email address for account authentication. We store your encrypted wallet mnemonic (encrypted client-side with your password using AES-256-GCM) and your public wallet address. We do not collect or store your password, private key, or unencrypted seed phrase.
Your email is used for account authentication via Supabase Auth. Your encrypted mnemonic is stored to allow you to access your wallet across devices. Your public key is used to display your balances and transaction history from the Solana blockchain.
All wallet encryption happens client-side in your browser using AES-256-GCM with PBKDF2 key derivation (250,000 iterations). Your password never leaves your device. We use Supabase with Row Level Security (RLS) to ensure data isolation between users.
Solana is a public blockchain. Your wallet address, token balances, and transaction history are publicly visible on the blockchain. Envestir simply reads this data to display it in the interface.
We use the following third-party services: Supabase (authentication and data storage), Jupiter (swap aggregation and lending), Helius (Solana RPC provider), and Swapped (fiat on-ramp for USDC purchases). Each service has its own privacy policy.
We use browser sessionStorage to maintain your wallet session within a tab. We use localStorage to save your language preference. We do not use tracking cookies or analytics.
Your account data is retained as long as your account exists. Trade history is stored in our database to display your portfolio performance. You can request account deletion by contacting us.
You can export your encrypted seed phrase at any time from the Settings page. You can request deletion of your account and associated data. You have full control over your wallet and funds at all times.
Envestir is not intended for use by anyone under the age of 18. We do not knowingly collect information from minors.
We may update this Privacy Policy from time to time. We will notify users of material changes via the Platform.
For privacy-related questions, contact us at privacy@envestir.com.