Last Updated: February 20, 2026
This Privacy Policy describes how DJD Agent Score (“Company,” “we,” “our”) collects, uses, stores, and discloses information in connection with the DJD Agent Score API and related services (the “Service”). By using the Service, you acknowledge and agree to this Privacy Policy.
The Service operates in the blockchain and autonomous agent ecosystem. The primary identifiers used by the Service are public blockchain wallet addresses. Wallet addresses are cryptographic public keys published on the Base blockchain and are not, by themselves, personally identifiable information (“PII”). However, we recognize that wallet addresses may become linked to identifiable individuals through external means. We treat all data with appropriate care regardless of classification.
We continuously index publicly available data from the Base blockchain, including USDC transfer events (sender, receiver, amount, block number, timestamp), wallet balances, smart contract state related to agent identity registrations (ERC-8004), and transaction patterns. This data is publicly accessible to anyone operating a blockchain node. Our collection adds no new exposure; we structure and analyze what is already public.
When you interact with the Service, we collect:
| Data Point | Source | Purpose |
|---|---|---|
| Requester wallet address | x402 payment signature or request header | Query logging, rate limiting, free tier tracking |
| Target wallet address | Query parameter | Score delivery, demand analytics |
| Endpoint and tier requested | HTTP request path | Service delivery, usage analytics |
| Timestamp | Server clock | Rate limiting, analytics, audit |
| Response time | Server measurement | Performance monitoring |
| User-Agent string | HTTP header | Client identification, middleware telemetry |
| IP address (hashed) | Network connection | Free tier identification for non-wallet requests |
| Payment amount | x402 transaction | Revenue tracking, free tier flag |
When you submit fraud reports, ratings, or other content through the Service, we collect the content of your submission, the submitting wallet address, the target wallet address, supporting evidence (transaction hashes), and timestamps. All user-submitted data is voluntary.
We do not collect names, email addresses, phone numbers, physical addresses, government identification numbers, biometric data, or any traditional PII. We do not use cookies, tracking pixels, or browser fingerprinting. We do not integrate with advertising networks. The Service does not have user accounts, logins, or passwords.
Service delivery: Calculating reputation scores, processing fraud reports, generating leaderboards, and serving API responses.
Model improvement: Analyzing query patterns, score outcomes, and transaction data to validate and improve the scoring model.
Integrity systems: Detecting Sybil attacks, gaming attempts, and fraudulent behavior through pattern analysis.
Analytics and reporting: Generating aggregated, anonymized reports on agent economy activity, transaction volumes, and ecosystem health.
Data products: Creating commercial data products including economy reports, fraud intelligence feeds, intent signal reports, and relationship graph analyses. Individual wallet behavior may be included in aggregate datasets but is not sold as individually targeted profiles.
Research: Contributing to understanding of autonomous agent ecosystems, on-chain reputation systems, and trust infrastructure.
Blockchain data (transaction history, wallet balances, relationship graphs) is retained indefinitely. This data is publicly available on the blockchain regardless of our retention practices.
API query logs are retained indefinitely for model validation, analytics, and intent signal analysis. Query logs are the basis for outcome tracking, which requires historical comparison over periods of 30 days or more.
Score history and decay curves are retained indefinitely. Historical score data is a core data product and a key component of the Service’s value proposition.
Fraud reports are retained indefinitely. Reports are training data for fraud detection models and form a permanent part of the fraud intelligence corpus.
We do not offer deletion of blockchain-derived data, as it is publicly available and independently verifiable. For user-submitted data (fraud reports, ratings), contact us to discuss specific removal requests.
Aggregated and anonymized data: We may sell or license aggregated, anonymized datasets, analytics reports, and economy metrics to third parties including researchers, investors, platforms, and enterprise customers. These datasets describe ecosystem-level trends, not individual wallet-level targeting.
Per-query data products: Certain paid API endpoints return data about specific wallets, including scores, fraud report status, relationship data, and decay curves. This data is derived from public blockchain activity and user-submitted reports.
Legal compliance: We may disclose data if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
Business transfers: In the event of a merger, acquisition, or sale of assets, data collected by the Service may be transferred to the acquiring entity.
We do not sell individual-level data to advertisers. We do not share data with advertising networks. We do not use data for targeted advertising.
We implement commercially reasonable security measures to protect data stored by the Service, including encrypted connections (HTTPS/TLS) for all API communications, access controls on our infrastructure, and secure key management for blockchain interactions. However, no system is perfectly secure, and we cannot guarantee the absolute security of your data. The Service runs on third-party cloud infrastructure (Conway Cloud), and we are subject to that provider’s security practices.
The Service may be accessed from anywhere in the world. Data is processed and stored on servers located in the United States. By using the Service, you consent to the transfer and processing of data in the United States. If you are located in the European Economic Area, United Kingdom, or other jurisdiction with data protection laws, you acknowledge that blockchain wallet addresses may or may not constitute personal data under your local law, and that publicly available blockchain data presents unique challenges for traditional data protection frameworks.
If you are located in the European Economic Area or United Kingdom and believe that data processed by the Service constitutes your personal data under GDPR or UK GDPR, you may have rights including access, rectification, erasure, restriction of processing, data portability, and objection. Please note:
(a) Blockchain data is publicly available and cannot be erased by any single party. A request to delete blockchain-derived data from our database does not delete it from the blockchain.
(b) Score calculations are algorithmic outputs derived from public data, not personal data collected from you.
(c) We will make reasonable efforts to accommodate valid data subject requests where technically feasible and where the data in question constitutes personal data under applicable law.
To submit a data subject request, contact us at the address listed in Section 12.
If you are a California resident, the California Consumer Privacy Act may provide you with additional rights regarding data collected about you. Given that the Service primarily processes blockchain wallet addresses (which are not traditionally classified as personal information under CCPA) and does not collect names, email addresses, or other conventional identifiers, the applicability of CCPA to the Service is uncertain. We do not sell personal information as defined by CCPA. If you believe CCPA applies to your use of the Service, contact us to discuss your rights.
The Service is not directed at individuals under the age of 18. We do not knowingly collect information from minors. The Service does not collect age-related information of any kind.
We may update this Privacy Policy at any time. Changes will be posted at the Service’s domain with an updated “Last Updated” date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy. Material changes will be noted prominently.
For questions, concerns, or data subject requests regarding this Privacy Policy, contact:
DJD Agent Score
feedback@djdagentscore.dev