OwnYou — privacy

What this is

The OwnYou wallet is a Manifest V3 browser extension implementing the OwnYou attribution protocol. It runs entirely in your browser. The wallet lets you consent — at install time — to sharing a small set of audience claims with publishers, DSPs, and advertisers running the OwnYou SDKs, and receive USDC at per-(campaign, rotation) HD-derived payout addresses when advertisers settle on-chain.

What data leaves your device

• Disclosed audience claims — a BBS+ selective-disclosure proof carrying your consented IAB Audience Taxonomy 1.1 interests + purchase intent + coarse demographics (age range, gender, household profile). The exact set is what you saw in the install-time Onboarding screen and what is mirrored read-only in Settings → Disclosure.
• Per-campaign tracking ID — encrypted (ElGamal) to the advertiser's public key. Only the specific advertiser can decrypt; OwnYou cannot.
• Per-(campaign, rotation) payout address — HD-derived from your wallet seed. Each campaign sees a fresh per-epoch address; the advertiser cannot link your activity across campaigns from the payout-address surface.

Cross-reference: the Onboarding screen disclosure summary at app.ownyou.app/onboarding.

What is stripped before anything leaves your device

• Your name.
• Your email address.
• Your wallet seed and any address derived from it that the advertiser does not need (the protocol exposes only the per-(campaign, rotation) HD payout address).
• URL paths beyond the current publisher's origin.
• Cross-campaign linkage. The selective-disclosure proof's pseudonym is bound to the publisher's origin only.

What stays on your device

Local-only, in chrome.storage.local: your install-consent record, full disclosure preferences, the classifier history that feeds the audience-segment derivation, the full delivery log, the full earnings ledger, your local credentials. Uninstalling the extension wipes all of it (standard Chrome uninstall behaviour). No cloud sync in Slice 1. Cross-device active-device coordination is deferred to a later release.

The IP-address caveat

Your network IP address is visible to the advertiser at the HTTP layer when the wallet POSTs your ad delivery. The OwnYou protocol cannot strip this — it is a property of how the internet works. If IP-level anonymity matters to you, use Tor, a VPN, or Apple Private Relay. The wallet emits no IP-related signal beyond what your browser would emit when loading any web page. Consistent with the explainer at ownyou.app/how-it-works.

Privy authentication

OwnYou uses Privy for wallet provisioning and OAuth-backed account access (Google, Microsoft OIDC). Privy's own privacy policy is authoritative for the data Privy stores on its managed surface; consult the linked policy for that scope.

Third parties on the Slice 1 protocol path

• Base Sepolia RPC endpoints — your wallet polls public RPC endpoints (sepolia.base.org, base-sepolia.public.blastapi.io, base-sepolia-rpc.publicnode.com, base-sepolia.gateway.tenderly.co) to observe escrow settlement events. You can override the endpoint list in PWA Settings → Advanced.
• Placeholder advertisers (Acme, Globex) and the placeholder DSP are OwnYou-team-operated stand-ins for the Slice 1 pilot. As real publishers, DSPs, and advertisers integrate, you encounter the third parties running OwnYou SDKs on the sites you visit.

Data retention

Local-only. No cloud sync in Slice 1. Uninstalling the wallet extension wipes chrome.storage.local; from that point no record of your audience claims, delivery log, or earnings exists in the OwnYou surface. The on-chain settlement record on Base Sepolia remains public (this is a property of the chain, not a property of the wallet) but cannot be linked back to your seed without your cooperation.

Contact

• Privacy inquiries: privacy@ownyou.app
• Rights-holder takedowns + legal: nick@ownyou.io

Last updated

Last updated: 2026-05-12. Consistent with disclosure-policy-v3.json + trust-registry-v1.json (the artefact versions snapshot-recorded in your install-consent record). This policy is re-published on each disclosure-policy or trust-registry bump.