Legal
Privacy Policy
Effective date: 1 May 2025 · Last updated: 1 May 2025
Summary: MOI Wallet is a self-custodial wallet. Your seed phrase, private keys, and password never leave your device. We have no servers that store your wallet data. We do not collect personal information, we do not use any analytics tools, and we do not sell your data to anyone — ever.
1. Who We Are
MOI Wallet is developed and operated by Sarva Labs, Inc., a company incorporated in the State of Delaware, United States of America, with its registered office at 8 The Green, Suite A, Dover, Delaware 19901, USA ("Sarva Labs", "we", "us", or "our").
This Privacy Policy explains how we handle information when you use the MOI Wallet mobile application ("the App") on iOS or Android. If you have any questions, contact us at privacy@moi.technology.
2. Who This Policy Applies To
This Policy applies to all users of the MOI Wallet App, regardless of where you are located. MOI Wallet requires users to be at least 18 years old. We do not knowingly collect any information from individuals under 18.
3. What We Never Collect
MOI Wallet is a non-custodial wallet. The following data is generated, encrypted, and stored exclusively on your device. It never travels to our servers. We have no technical ability to access it.
We never collect, receive, see, or store:
- Your seed phrase or mnemonic recovery phrase
- Your private keys or any derived cryptographic keys
- Your wallet password
- Your biometric data (Face ID, Touch ID, fingerprint — processed entirely by your device's OS)
- Your wallet balances or asset holdings
- Your full transaction history (exists on the public MOI blockchain, not our servers)
- Your name, email address, phone number
- Your government-issued ID or identity documents
- Your location data
- Advertising identifiers (IDFA on iOS or GAID on Android)
We do not use any third-party analytics tools, crash reporting services, or tracking SDKs in the App. There is no Firebase, no Sentry, no Mixpanel, no Amplitude, no Crashlytics, or any equivalent service embedded in MOI Wallet.
4. What We Do Collect
4.1 Public Wallet Address (via Blockchain Operations)
When you perform blockchain operations — checking your balance, sending assets, registering your account, viewing transaction history — the App communicates directly from your device to MOI network RPC nodes. These requests include your public wallet address, which is public by design. The RPC nodes may log your IP address as a standard part of serving network requests. Sarva Labs does not operate the public RPC infrastructure and does not control, access, or receive these logs.
4.2 WalletConnect Session Data
When you use WalletConnect to connect your wallet to a dApp, your public wallet address is shared with the dApp you choose to connect to. An encrypted communication session is established through WalletConnect's relay servers (Reown). Sarva Labs does not intercept, log, or receive the contents of WalletConnect sessions.
4.3 Support Correspondence
If you contact us at info@moi.technology, we will receive your email address and the information you include. We use this solely to respond to your enquiry. We retain support correspondence for up to 24 months from your last contact, after which it is deleted.
5. What We Do Not Do With Your Information
- We do not sell your data to any third party, for any price or purpose.
- We do not use your data for advertising or build advertising profiles.
- We do not share your data with data brokers.
- We do not aggregate or analyse your wallet activity.
6. How We Use Information
| Information | Why We Use It |
|---|---|
| Public wallet address (via RPC) | To retrieve blockchain data your device requests (balances, transactions). Technically necessary for the App to function. |
| WalletConnect session data | To facilitate encrypted communication between your wallet and the dApp you have chosen to connect to. |
| Support correspondence | To respond to your support request. |
7. Third-Party Services
7.1 WalletConnect / Reown
Purpose: Encrypted relay infrastructure for connecting your wallet to dApps. What they receive: session metadata, encrypted relay messages, connection timestamps. Your public wallet address is transmitted to the dApp through this relay when you approve the connection. Their privacy policy: reown.com/privacy-policy
7.2 MOI Network RPC Nodes
Purpose: Blockchain infrastructure that the App queries to read blockchain state and broadcast signed transactions. What they receive: your public wallet address and your device's IP address (standard network communication). Sarva Labs does not operate these nodes.
7.3 Expo / EAS
Purpose: App build, delivery, and over-the-air update infrastructure. What they may receive: device identifiers used to deliver app updates. Governed by Expo's privacy policy: expo.dev/privacy
7.4 Apple / Google (Platform Providers)
When you download the App through the App Store or Google Play, Apple or Google may collect data per their own policies. The App uses standard iOS and Android APIs for biometric authentication. Biometric data is processed entirely by your device and never transmitted to Sarva Labs.
8. How We Store and Protect Your Data
8.1 On-Device Storage of Sensitive Wallet Data
All sensitive wallet data is stored exclusively on your device using platform hardware-backed storage: iOS uses Apple Keychain with kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly — data cannot be extracted via iCloud backups or transferred to another device. Android uses EncryptedSharedPreferences, backed by the Android Keystore.
8.2 Encryption of Wallet Data
| Parameter | Value |
|---|---|
| Encryption algorithm | AES-256-GCM |
| Key derivation function | Scrypt (N=4096, r=8, p=1) |
| Salt | 16 bytes, cryptographically random, unique per wallet |
| Initialisation vector | 12 bytes, cryptographically random, unique per encryption operation |
8.5 No Servers Storing Wallet Data
Sarva Labs does not operate any servers that store your seed phrase, private keys, passwords, wallet balances, or transaction history. There is no central database of user wallet data to be hacked, subpoenaed, or compromised.
9. Data Retention
| Data | Retention Period |
|---|---|
| Seed phrase / private keys | Stored on your device only. Deleted when you uninstall the App. Sarva Labs never holds this data. |
| Wallet balances / transaction history | Never held by Sarva Labs. Exists on the public blockchain. |
| WalletConnect session data | Governed by WalletConnect/Reown's retention policy. |
| Support correspondence | Up to 24 months from your last contact, then deleted. |
| Public wallet address via RPC | Not retained by Sarva Labs. May be logged by RPC node operators per their policies. |
10. Children's Privacy
MOI Wallet is intended solely for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If you believe a minor has used the App or contacted us, please email privacy@moi.technology immediately.
11. Your Privacy Rights
You have the right to access, correct, or delete any personal data we hold about you. Because we collect very little personal data, most of these rights will only be relevant if you have contacted our support team. To exercise any right, email privacy@moi.technology.
12. International Data Transfers
Sarva Labs is incorporated in the United States. If you access the App from outside the US, your support correspondence may be transferred to and processed in the United States. We rely on appropriate legal mechanisms for any such transfers.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes through the App. The "Last Updated" date at the top of this Policy indicates when it was last revised. Continued use of the App after changes take effect constitutes your acceptance of the revised Policy.
14. Contact Us
Privacy questions: privacy@moi.technology
General support: info@moi.technology
Sarva Labs, Inc., 8 The Green, Suite A, Dover, Delaware 19901, USA