Privacy Policy

This privacy policy describes how Tessera Foundation (in formation, Cayman Islands) collects, uses, and discloses information when you visit this site.

1. The short version

This site is a static informational page. We do not collect personal information beyond what your browser sends to our hosting provider in standard server logs. We do not use cookies. We do not run analytics. We do not have a newsletter, account system, or any feature that requires you to identify yourself.

When the Tessera protocol launches, additional data collection will apply to specific interactions (e.g., wallet connection, KYC for SAFT participants). That data collection will be governed by an expanded version of this policy, with the changes disclosed clearly before they take effect.

2. Information collected on this site today

Server logs

Our hosting provider receives standard HTTP request information when you visit any page: IP address, timestamp, requested URL, referrer URL, user agent string. This information is retained by the hosting provider per their standard retention policies (typically 7-30 days for analytics; longer for security logs). We do not access these logs except in case of a security incident.

No cookies, no tracking

This site does not set cookies. We do not use Google Analytics, Plausible, Fathom, or any other analytics provider. We do not embed third-party tracking pixels. The only third-party resources loaded by this site are:

• Google Fonts (typography only; Google may receive your IP address as part of normal HTTP requests)
• KaTeX from jsDelivr CDN on the whitepaper page (math rendering only)

Geographic IP screening

When the foundation begins a token sale, the site will use IP-based geolocation to screen out U.S. persons and persons in OFAC-sanctioned jurisdictions. That screening will not store your IP address persistently — only the eligibility decision. Until then, no such screening is active.

3. Information that will be collected at token launch

For transparency, here is what will change when the protocol moves from Phase 0 to a public token sale:

• Wallet addresses you connect will be screened against OFAC, UN, EU, and UK sanctions lists via a third-party sanctions screening provider (e.g., Chainalysis or TRM Labs).
• KYC for SAFT participants (private sale, accredited investors only): identity verification through a third-party KYC provider (e.g., Persona, Sumsub). The data collected by the KYC provider will be governed by their privacy policy, which will be disclosed at the point of collection.
• Country-of-residence attestation: when you connect a wallet, you will be asked to attest to your jurisdictional eligibility. The attestation is signed by your wallet (no personal data) and logged for compliance purposes.

None of this is active today. This policy will be updated and prominently flagged before any such collection begins.

4. How we share information

We do not sell, rent, or trade personal information. We may disclose information:

• To comply with legal obligations or valid law enforcement requests
• To enforce these terms, including against fraud, sanctions evasion, or attempts to circumvent jurisdictional restrictions
• To trusted service providers acting on our behalf, bound by confidentiality (e.g., KYC providers, sanctions screening providers, hosting)

5. Your rights

Depending on your jurisdiction, you may have rights under GDPR, the Cayman Data Protection Act, or other privacy laws. These typically include the right to access, correct, delete, or restrict processing of your personal data.

Because this site does not currently collect personal data, there is little to access, correct, or delete. If you have used a service that collects KYC information (e.g., a future SAFT sale), contact the relevant KYC provider directly to exercise your rights with respect to that data.

6. Children

This site and any future Tessera services are intended for adults (18+). We do not knowingly collect information from minors. If you believe a minor has provided information to us, please contact us so we can investigate and delete it.

7. International transfers

Tessera Foundation is (will be) based in the Cayman Islands. Service providers may be located in the United States, the European Union, or elsewhere. By using this site you consent to your information being transferred to and processed in any of these jurisdictions.

8. Changes to this policy

We will update this policy as the project evolves. Material changes — particularly those expanding data collection at token launch — will be communicated clearly before they take effect.

9. Contact

Privacy questions: privacy@tessera.xyz (placeholder — to be set up at foundation formation).

This document is a draft prepared by the founder for counsel review. It does not yet constitute the binding privacy policy of Tessera Foundation or any affiliated entity. The binding version will be published following counsel review and foundation formation.