Privacy Policy

1. Scope

TDM is a developer platform for machine payments, payable APIs, payable files and content, Session Gas Tank flows, seller payouts, and related runtime tooling. Different parts of the stack handle different categories of data, and not every integration sends the same information.

2. Data We May Process

Depending on the product surface you use, TDM may process:

• account, wallet, and session identifiers needed for payment authorization,
• resource identifiers, route or operation names, and payment amounts,
• delivery metadata such as delivery mode, short-lived access tokens, and download counters,
• seller payout request data such as chain and destination address,
• service logs, timestamps, request metadata, and operational diagnostics,
• anonymous usage and reliability metrics for aggregate reporting, and
• support communications if you contact us directly.

TDM is not designed around collecting broad personal profile data. Where possible, the analytics and operational layers are structured around service identifiers and aggregate usage rather than personal identity.

3. Local-First SDK and CLI Behavior

Parts of the TDM SDK and CLI are intentionally local-first. Local vaults, keys, and session-related state may remain on the device or environment where the tooling runs, subject to the operating system keyring and your own infrastructure setup.

TDM does not automatically receive every piece of local state. Hosted services only see the requests, telemetry, and payout or authorization data that an integration actually sends to them.

4. Telemetry and Analytics

Hosted TDM flows may emit anonymous usage and operational metrics for aggregate statistics, reliability, security monitoring, and reporting. This can include product or SDK version data, latency, success or failure signals, command usage, network labels, and feature metadata.

This analytics layer is designed to avoid personal identity data. For SDK users, telemetry is enabled by default but can be disabled through the SDK controls or environment configuration published in the TDM documentation.

5. Public Blockchain Data

If you use wallets, sweeps, cashout flows, or any onchain settlement rail connected to TDM, the resulting blockchain data may be public and immutable. Wallet addresses, transaction hashes, token movements, and related records may remain visible on the relevant public network even if you stop using TDM later.

TDM cannot alter or delete records that are permanently written to a public blockchain.

6. Third-Party Infrastructure

TDM integrations may rely on third-party infrastructure such as cloud hosting providers, blockchain RPC providers, wallet connectivity layers, analytics infrastructure, and swap or routing providers. Those services may process data under their own policies and terms.

If a seller uses external storage or document hosting for paid delivery, those providers may also receive access-related requests, IP information, or download traffic under their own privacy policies. TDM does not control third-party storage provider practices.

7. Security and Retention

TDM uses reasonable technical and organizational measures intended to protect service integrity and sensitive operational data. No system can guarantee absolute security, and beta services may change over time as the platform evolves.

We retain service and operational data for as long as reasonably necessary for product operation, security, debugging, reporting, legal compliance, or dispute resolution.

8. Your Choices

You may be able to reduce or control the data shared with TDM by:

• using local-first SDK flows where appropriate,
• disabling SDK telemetry where supported,
• choosing what identifiers or metadata your own integrations transmit, and
• avoiding onchain actions when you do not want public blockchain visibility.

9. Changes

TDM may update this Privacy Policy as the public beta stack evolves. When this page is updated, the date at the top of the policy will be revised accordingly.