LEGAL

Privacy Policy

Effective Date: March 23, 2026

The Undesirables LLC · Wyoming, USA

1. Overview

The Undesirables LLC ("we," "us," "our") respects your privacy. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights regarding that data when you interact with our website (the-undesirables.com), mint or hold our NFTs, or use our soul.md files.

2. Data We Collect

We collect minimal data necessary to verify NFT ownership and deliver the soul.md experience:

  • Wallet Addresses: When you connect your wallet to our site, we temporarily process your Ethereum wallet address to verify on-chain ownership of Undesirable NFTs. We do not store wallet addresses in a database.
  • Server Logs: Our hosting provider (Vercel) may automatically collect standard server log data including IP addresses, browser type, referring URLs, and access timestamps. This data is retained by Vercel per their own privacy policy and is not actively used by The Undesirables LLC for profiling or tracking.
  • Raffle/Collab Submissions: When you submit a wallet address for a raffle or collaboration event, we temporarily store the address for the duration of the event to verify eligibility and select winners. This data is deleted after the event concludes.

We do not collect:

  • Names, email addresses, or phone numbers
  • Biometric data (Illinois BIPA does not apply)
  • Private keys or seed phrases — ever
  • Transaction history beyond what is publicly available on the Ethereum blockchain
  • Cookies for tracking or advertising purposes

3. How We Use Your Data

  • Ownership Verification: Wallet addresses are used solely to verify that you hold an Undesirable NFT before granting access to soul.md files.
  • Raffle Management: Submitted wallet addresses are used to verify NFT holdings for raffle eligibility and winner selection.
  • Security & Fraud Prevention: Server logs may be reviewed to detect and prevent bot abuse, Sybil attacks, or denial-of-service attempts on our raffle and minting infrastructure.

We do not sell, rent, or share your data with third parties for marketing or advertising purposes.

4. Data Retention

  • Wallet Addresses (Verification): Processed in real-time during your session and not stored persistently.
  • Wallet Addresses (Raffles): Stored temporarily for the duration of the raffle event and deleted within 30 days of event conclusion.
  • Server Logs: Retained per Vercel's data retention policy (typically 30 days).

5. Third-Party Services

We use the following third-party services that may process data:

  • Vercel: Website hosting and serverless functions. See Vercel's Privacy Policy.
  • Cloudflare Turnstile: Bot detection on raffle forms. See Cloudflare's Privacy Policy.
  • Ethereum Blockchain: All NFT transactions are recorded on the public Ethereum blockchain. Blockchain data is permanent and immutable by design.

We do not use Google Analytics, Facebook Pixel, or any third-party tracking or advertising scripts.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Deletion: Request deletion of your personal data. Note that we cannot delete data recorded on the public Ethereum blockchain, as it is immutable by design.
  • Right to Opt Out: You may decline to connect your wallet or participate in raffles. Access to the website content (excluding soul.md downloads) does not require any data sharing.

To exercise any of these rights, contact us at @sailorpepe_eth on 𝕏.

7. International & Regional Compliance

GDPR (EU/EEA): Wallet addresses, when combined with IP addresses or browser data, may constitute pseudonymous personal data under GDPR. Our legal basis for processing this data is legitimate interest — specifically, verifying cryptographic ownership of digital assets to deliver the purchased service. We process only the minimum data necessary and do not retain it beyond the session.

CCPA/CPRA (California): We do not sell personal information. California residents may request disclosure of the categories of personal information collected by contacting us.

8. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will take steps to delete that information.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Effective Date" at the top of this page. Your continued use of our services after the updated Effective Date constitutes your acceptance of the revised Privacy Policy.

10. Contact

For privacy-related questions or to exercise your data rights, contact us at @sailorpepe_eth on 𝕏.

The Undesirables LLC — Decentralized from birth. Sovereign by design.

the-undesirables.com — EST. 2026