Legal

Privacy Policy

Effective date: March 1, 2026 · Last updated: March 31, 2026

1. Who we are

block.λ ("we", "us", "our") operates the website at https://blocklambda.com and the associated trading automation platform (collectively, the "Service"). The Service offers automated copy-trading and rug-sniping tools designed to operate on the Solana blockchain. Our infrastructure is built for speed: we leverage shred-stream signal detection, multi-continent transaction broadcasting, and validator-collocated execution gateways to give users a competitive edge in on-chain trading.

This Privacy Policy explains what personal data we collect when you visit our website or use the Service, how we use and protect that data, and what rights you have in relation to it. By using the Service you acknowledge this policy.

Questions or requests can be submitted through our support page.

2. Data we collect and why

2.1 Account registration data

When you create an account we collect your email address and a hashed version of your password (we never store plaintext passwords). This data is necessary to create and authenticate your account, send you important service notifications, and allow you to recover access if you lose your credentials.

2.2 Solana wallet addresses

To execute copy-trading or rug-sniping strategies, you connect one or more Solana wallet public keys to your account. We store these public keys in order to construct, sign, and broadcast transactions on your behalf. We never ask for, store, or have access to your private keys or seed phrases. All transaction signing occurs client-side or through encrypted key-management systems where the plaintext key material is never accessible to our application layer.

2.3 Copy-trading and strategy configuration

When you configure a copy-trading strategy — including the wallet(s) you wish to copy, position sizing, take-profit and stop-loss thresholds, and any custom strategy parameters — we store those settings in order to execute trades according to your instructions. Strategy history, trade logs, and performance metrics are retained so you can review your activity dashboard and export data.

2.4 Rug-sniping configuration

When you set up rug-sniping parameters — target token criteria, scoring thresholds, execution speed tier (block-0 or block-1), allowed slippage, maximum position size, and Jito tip amounts — we store those settings to automate your sniping activity. Execution logs are retained so you can review which transactions were attempted and whether they were included on-chain.

2.5 API access credentials

If you generate API keys through the platform to integrate with our REST API, those keys are hashed before storage. We record API key usage metadata (timestamp, endpoint called, response code) for rate-limiting, security auditing, and billing purposes.

2.6 Subscription and payment metadata

When you purchase a subscription plan (Simple, Pro, or Expert) we record the plan code, on-chain SOL transaction reference, payment timestamp, and renewal status. We do not store raw payment credentials or custody any funds. All SOL payments are made directly on-chain and are therefore publicly visible on the Solana blockchain.

2.7 Server-side usage logs

Our servers automatically record standard HTTP log data: IP address, browser user-agent, referring URL, request path, HTTP status code, and timestamp. These logs are retained for up to 30 days and are used solely for security monitoring, abuse prevention, and debugging. They are not linked to your account profile unless an active investigation requires it.

2.8 Support communications

If you contact us through our support channels (the website support form, Telegram, or Discord), we retain the content of those communications to resolve your request and improve the Service.

What we do not collect

Private keys, seed phrases, or mnemonic phrases — ever, under any circumstance.
Biometric data or device sensor data.
Credit card numbers or banking information.
Data from third-party social networks unless you explicitly share it with us in a support request.
Advertising identifiers or cross-site tracking identifiers.

3. How we use your data

We use the data we collect exclusively for the following purposes:

Service delivery: to authenticate you, execute copy-trading and rug-sniping strategies, broadcast transactions to the Solana network, and provide you with a real-time dashboard of your activity.
Execution infrastructure: your wallet addresses and configuration data are transmitted to our execution gateways located in Amsterdam, Frankfurt, London, Ashburn (US East), and Singapore so that transactions can be broadcast from the geographically optimal point relative to the current Solana slot leader.
Jito MEV integration: when you enable Jito tips, your transaction data is passed to Jito's block-engine infrastructure to improve block inclusion probability. Only the data required to construct the transaction bundle is shared.
Billing: to verify subscription status and allow access to plan-gated features (enhanced execution speed, advanced filtering, CSV export, backtracker bot, priority support).
Transactional communications: to send password reset emails, subscription confirmation, renewal reminders, and security alerts (e.g. new login from unrecognised IP).
Support: to respond to your enquiries and resolve technical issues.
Platform stability and security: to monitor for anomalous behaviour, prevent abuse of the API, and debug failures in our execution pipeline.
Legal compliance: to comply with applicable laws and respond to lawful requests from authorities.

We do not sell, rent, or share your personal data with third parties for advertising or marketing purposes. We do not build profiles about you for resale.

4. Third-party systems the Service interacts with

4.1 Solana blockchain

Transactions submitted to the Solana network are permanently and publicly recorded on-chain. Your wallet addresses and all on-chain activity associated with them are publicly visible to anyone. We have no ability to delete or modify blockchain records. By using the Service you acknowledge that all executed trades are permanently public.

4.2 Jito Labs (MEV infrastructure)

Our execution pipeline optionally submits transaction bundles to Jito's block-engine to increase the probability of block inclusion and to access MEV-aware routing. Transaction data (instructions, signers, tip amount) is transmitted to Jito's servers. Jito's own privacy and data-handling policies govern how they process this data. We recommend reviewing Jito's documentation if you have questions about their data practices.

4.3 Binance public market data API

We use the Binance public price API to display live SOL/USD conversion rates on the pricing and plan pages. This is a read-only, unauthenticated request to a public endpoint. No personal data is transmitted to Binance in this process.

4.4 pump.fun

Our rug-sniping module monitors the pump.fun smart contract and token creation events in real time. We do not share your data with pump.fun; we only observe public on-chain state.

4.5 Community platforms (Telegram, Discord)

We maintain community channels on Telegram and Discord. If you join these communities or contact us through them, those platforms' own privacy policies govern the collection and use of your data on their infrastructure. We do not link your Telegram or Discord identity to your block.λ account unless you explicitly provide both in a support context.

5. Data retention

We retain your account data, strategy configurations, and trade logs for as long as your account is active and for a period of 90 days after account deletion, to allow for dispute resolution and to comply with legal obligations. After this period, personal data is purged from our production systems. Anonymised, aggregated data (e.g. platform-wide execution latency metrics) may be retained indefinitely.

Server-side HTTP access logs are retained for 30 days and then deleted automatically.

Support correspondence is retained for 24 months from the date of the last message in the thread.

On-chain transaction data is permanent and outside our control to delete.

6. Security measures

We take data security seriously and apply the following safeguards:

Encryption in transit: all communication between your browser and our servers is encrypted using TLS 1.2 or higher.
Encryption at rest: sensitive fields including API keys and wallet configuration are encrypted at rest using AES-256.
No private key storage: we do not, under any circumstances, store private keys or seed phrases on our servers. If a feature requires transaction signing, signing occurs in an isolated, ephemeral environment with no persistent access to key material.
Access control: access to production databases and execution infrastructure is restricted to a minimal set of personnel and enforced via multi-factor authentication.
Rate limiting and abuse prevention: API endpoints are rate-limited to prevent brute-force and denial-of-service attacks.
Security monitoring: we monitor our infrastructure for anomalous patterns and maintain incident response procedures.

Despite these measures, no system is fully immune to breach. We cannot guarantee absolute security. You use the Service at your own risk and should take your own precautions, including using strong unique passwords and enabling two-factor authentication where available.

7. Cookies and local storage

We use only strictly necessary technical cookies: a session token to keep you authenticated between page loads. We do not use analytics cookies, tracking pixels, advertising cookies, or any third-party cookie-based tracking technology.

We may use browser local storage to persist UI preferences (e.g. dashboard column layout). This data never leaves your device and is not transmitted to our servers.

8. Your rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Right of access: you may request a copy of the personal data we hold about you.
Right of rectification: you may ask us to correct inaccurate data.
Right of erasure ("right to be forgotten"): you may request deletion of your account and associated personal data, subject to retention obligations described in Section 5.
Right to data portability: you may request an export of your trade history and configuration data in a machine-readable format (CSV or JSON).
Right to object: you may object to any processing carried out on the basis of our legitimate interests.
Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, submit a request via our support page. We will respond within 30 days. We may ask you to verify your identity before fulfilling a request.

If you are located in the European Economic Area, you have the right to lodge a complaint with your national data protection supervisory authority.

9. Children

The Service is not directed at persons under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us immediately and we will delete it.

10. International data transfers

Our execution gateways are located in multiple countries (Netherlands, Germany, United Kingdom, United States, Singapore). By using the Service you acknowledge that your data — specifically the configuration required to construct and broadcast transactions — may be processed in any of these locations. We apply appropriate safeguards to protect your data regardless of where it is processed.

11. Changes to this policy

We may update this Privacy Policy at any time. When we make material changes, we will notify you by email (to the address on your account) and by displaying a prominent notice on the platform at least 14 days before the change takes effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy. The date at the top of this document reflects the most recent update.