// privacy

Privacy
Policy.

we collect as little as possible. always.last updated: april 2026
01Our philosophy

lolipop is built on Monero — a protocol designed for privacy. Our privacy policy reflects the same values: collect the minimum necessary, retain it for the minimum time, share it with nobody.

02What we collect from merchants

When you create an account:

  • Your email address (required for magic link login)
  • Your XMR wallet address (required for payment detection)
  • Your view key (required for subaddress generation)
  • Your webhook URL and webhook secret (optional)

When you use the API:

  • API request logs (IP address, timestamp, endpoint) — retained for 30 days for security purposes
  • Order data: reference ID, product name, amount, subaddress, confirmation status — retained for 90 days then permanently deleted

We do not collect your real name, physical address, any government ID, or payment card information.

03What we collect from buyers

Almost nothing. When a buyer visits a checkout page:

  • We do not log their IP address
  • We do not set cookies
  • We do not load any third-party scripts
  • We do not use analytics of any kind

The checkout page is a static server-rendered HTML page. There is no tracking of any kind. The only data we store related to a buyer's payment is the transaction ID and confirmation count — public information already on the Monero blockchain.

04View key handling

Your view key is:

  • Encrypted at rest using AES-256
  • Never logged in plaintext
  • Never transmitted to third parties
  • Used only to generate subaddresses and detect incoming payments via monero-wallet-rpc

We cannot spend or move funds using a view key. If our server were compromised, an attacker could read your incoming transaction history but could not steal your funds.

05Cookies and tracking

Merchant dashboard:

  • One session cookie for authentication
  • No analytics cookies
  • No third-party cookies

Buyer checkout page:

  • Zero cookies
  • Zero tracking
  • Zero external requests

We do not use Google Analytics, Cloudflare, any CDN that logs user requests, Facebook Pixel, or any ad tracking of any kind.

06Third parties

We share your data with nobody.

Our infrastructure:

  • VPS hosting: FlokiNET VPS (servers in Romania; privacy-first provider, no-KYC, XMR payment)
  • Domain: registered via Njalla
  • No third-party SaaS tools that process your data
07Tor and onion services

lolipop operates a Tor hidden service (.onion address). Buyers and merchants who connect via Tor receive additional privacy protections — their IP address is never visible to us. We encourage Tor usage and do not treat Tor connections differently from clearnet connections.

08Data retention
data typeretention
Email addressUntil account deletion
View keyUntil account deletion
Order records90 days
API request logs30 days
Webhook logs30 days
Magic link tokens1 hour

After retention periods expire, data is permanently deleted and cannot be recovered.

09Your rights (GDPR)

If you are in the EU, you have the right to:

  • Access the data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to processing of your data
  • Data portability

To exercise these rights, contact us via the support channel at lolipop.cash. We will respond within 30 days.

10Data breaches

In the event of a data breach affecting merchant data, we will notify affected merchants within 72 hours of discovery and report to relevant authorities as required by GDPR.

11Changes to this policy

We may update this policy at any time. The latest version is always at lolipop.cash/privacy. We will notify merchants of material changes via email.

12Contact

Privacy questions or data requests: contact us via the support channel at lolipop.cash. We aim to respond to all privacy requests within 30 days.