Privacy Policy

Last updated: April 24, 2026 · Effective from install

1. Overview

Antares (“the Extension”) is a browser extension that scans Solana token addresses on supported trading platforms and returns a risk assessment. This policy explains exactly what we process, which third parties are involved, where data goes, and the rights you can exercise.

The short version: we process Solana contract addresses you look at, plus the technical metadata any HTTPS service inherently sees (your IP, your browser user-agent). We do not collect names, emails, wallet addresses, or browsing history beyond the single page where an address is detected.

2. Who we are

The Extension is operated by the COMEALAMAISONGROUPE project. Bug reports and feature requests go through antaresscan.com/support. For privacy questions, see the Contact section.

3. Data we process

3.1 Solana contract addresses

When the Extension detects a Solana contract address (base58, 32–44 characters) on a supported page, that address is sent to our API (antares-extension.vercel.app/api/scan) together with the request. The address is public blockchain data. Our legal basis for processing it is legitimate interest: it is the minimum data needed to deliver the risk assessment the user explicitly requested.

3.2 Technical request metadata

Any HTTPS request to our API is received via Vercel's edge network. Vercel sees and may log:

Your IP address (used transiently for rate limiting in Upstash Redis and for platform abuse protection).
A user-agent string (standard browser header).
Timestamp and URL of the request.

We do not correlate this metadata with an identity. We do not use it for analytics, profiling, or advertising.

3.3 Optional install identifier

If the Extension sends an X-Antares-Install header (a random opaque identifier generated by your browser on first install), we use it alongside your IP as a rate-limit key so multiple users sharing a corporate NAT each get a fair quota. The identifier is opaque — we cannot derive any personal information from it — and you may clear it at any time by uninstalling and reinstalling the Extension.

3.4 What we do NOT collect

Names, email addresses, phone numbers.
Wallet addresses or private keys.
Full browsing history — only pages on the supported platforms listed below.
Cookies or tracking pixels. The Extension sets no cookies.
Persistent analytics identifiers.

4. Where the Extension injects

The Extension's content script runs only on the following trading platforms, each declared in the manifest's host_permissions. On any other site the Extension is dormant.

dexscreener.com
birdeye.so
pump.fun
photon-sol.tinyastro.io
axiom.trade
gmgn.ai
app.telemetry.io
www.geckoterminal.com

On these sites the Extension reads the URL and the visible page DOM to find a Solana contract address. It does not read form fields, credentials, cookies, or other page content.

5. Third-party processors

To deliver the scan, the API forwards the contract address (not your IP) to a small set of external services, each with its own privacy policy linked below.

Processor	Purpose	Data shared	Policy
Vercel	API hosting and edge network	Request metadata (IP, UA)	policy
Upstash (Redis)	Cache and rate limiting	Hashed IP + optional install ID, cached scan results	policy
DexScreener	Price / liquidity / OHLCV data	Contract address	policy
RugCheck	LP burn status, risk flags	Contract address	site
GoPlus Security	Honeypot and contract permissions	Contract address	policy
Helius	On-chain holder and supply data	Contract address	policy
Solscan	Token metadata, age, transfers	Contract address	policy
GeckoTerminal	OHLCV candles for chart layer	Pair address	policy
Google (Gemini API)	Natural-language summary of scan results	Anonymised scan flags and scoring outputs. No contract address or user identifier is sent.	policy
Sentry	Error and performance monitoring	Error stack traces, occasional IP (Sentry default)	policy

We do not sell, rent, or share your data for advertising. We do not use processors beyond this list.

6. International transfers

Our infrastructure (Vercel, Upstash, Sentry) operates primarily from data centres in the United States. If you access the Extension from the European Economic Area, the United Kingdom, or Switzerland, technical request metadata is transferred outside your region. We rely on the processors' Standard Contractual Clauses where available. You can find each processor's transfer mechanism in their privacy policy linked above.

7. Data retention

Cache (Upstash Redis): adaptive TTL between 20 seconds (fast-moving new tokens) and 10 minutes (established tokens). Never indefinite.
Rate-limit counters (Upstash Redis): 60-second sliding window plus a 10-second burst window. Counters expire automatically.
Rug database (Upstash Redis): contract addresses of tokens we have already flagged as RUG or DANGER, kept as a lookup index. No user data is stored in this dataset.
API access logs (Vercel): per Vercel's retention (typically hours to days).
Error reports (Sentry): per Sentry's default retention (90 days) unless the maintainer deletes them sooner.
On-device (Chrome storage): user preferences (theme, stealth toggle, recent scan list). Stays on your machine until you uninstall or clear extension data.

8. Chrome permissions

The Extension requests the following permissions, declared in package.json:

activeTab — run the content script on the current tab when a supported site is active.
storage — save your preferences and recent scan history locally.
notifications — optionally surface a DANGER verdict as a native OS notification.
alarms — schedule the service worker periodically so Manifest V3 does not tear it down mid-scan.
tabs — open the full-analysis page in a new tab when the user clicks through.
host_permissions — only the 8 trading platforms enumerated in section 4.

9. Your rights

Under GDPR (EEA / UK / Switzerland), CCPA (California), and similar laws, you have the right to:

Access — request a copy of any data tied to you.
Rectification — ask us to correct inaccurate data.
Erasure — ask us to delete your data.
Restriction — ask us to stop using your data while a dispute is resolved.
Portability — ask for your data in a common, machine-readable format.
Objection — object to processing based on legitimate interest.
Complaint — file a complaint with your local data-protection authority (e.g. the CNIL in France, the ICO in the UK).

In practice, because we do not store an identifier tied to you beyond transient rate-limit windows, there is typically no data to access or delete. If you want to be certain no request metadata persists, the fastest action is to uninstall the Extension and (optionally) clear your Chrome extension data.

To make a formal request, email the address in section 12 with a description of the right you are exercising. We will respond within 30 days.

10. Children's privacy

The Extension is not directed at children under 13 (US) or 16 (EEA). We do not knowingly collect data from children.

11. Security and disclosure

Security issues should be reported privately by emailing antaresantiscam@gmail.com with subject [SECURITY]. Do not include exploit details in any public channel. If a data breach affects you, we will notify you without undue delay and no later than 72 hours after becoming aware of it, in line with GDPR Article 33.

12. Contact

For privacy requests or questions, email antaresantiscam@gmail.com — see our support page for bug reports, feature requests, or verdict feedback. For security reports, email the same address with subject [SECURITY]. Do not include exploit details in any public channel.

13. Changes to this policy

If we materially change how the Extension processes data, we will update the date at the top of this page and publish a note in the repository's CHANGELOG.md. Continuing to use the Extension after a change means you accept the updated policy.

← Back to Antares