What Waldrop collects, what it doesn't, and what happens with everything in between.
Who we are
Waldrop is a decentralized storage interface that lets you move files from your cloud accounts (Google Drive, Dropbox, Amazon S3, Google Cloud Storage, Azure Blob Storage, SFTP) into Walrus — a permissionless storage network on the Sui blockchain.
The dapp is a web frontend at app.waldrop.xyz. We do not custody your files, your keys, or your wallet. You connect a Sui wallet, authorize the upload, and bytes flow from your source directly to Walrus — Waldrop is a routing layer, not a storage layer.
What we collect
Information you provide directly
- Sui wallet address. Required to identify you on-chain. We never see or store your private keys — those stay in your wallet extension.
- Off-chain signature. When you click "Sign in to Verify," your wallet signs a short challenge message. We use this signature to issue a 1-hour session token so you don't have to re-sign on every page load.
- Cloud-source credentials (for S3, GCS, Azure, SFTP). When you paste an access key + secret to import files, those credentials stay in your browser's
sessionStorageand are sent to our server only per-upload to fetch the file. They are not persisted on our servers and clear when you close the tab. - OAuth tokens (for Google Drive, Dropbox). When you OAuth in, the dapp receives access + refresh tokens scoped to the permissions you approved. These are stored as
httpOnlycookies in your browser, encrypted in transit, and are revocable any time from your Google or Dropbox account settings. - Files you choose to upload. Read once, in the moment, to push them to Walrus. We never write them to a Waldrop database or long-term server storage. Once the upload completes, the file leaves our infrastructure entirely — it lives on Walrus storage nodes.
Information collected automatically
- Standard server logs. IP address, user-agent, request paths, response codes — retained for up to 30 days for debugging and abuse prevention.
- On-chain activity is public by design. Your wallet address, the blobs you register, your subscription tier, and the viewers you grant decrypt access to are all visible on the Sui blockchain to anyone who looks.
Information we do NOT collect
- We don't request your email, name, or phone number.
- We don't use analytics SDKs (Google Analytics, Mixpanel, etc.).
- We don't set advertising or tracking cookies.
- We don't sell or rent any data, ever.
- We don't train AI models on your files, your filenames, your metadata, or your usage patterns.
Google Drive data — specific disclosures
This section addresses Google's API Services User Data Policy in full. When you connect Google Drive:
- What we request. The
drive.readonly scope — read-only access to your Drive files. We do not request write, delete, or share scopes. - What we read. Only the files you explicitly select from the dapp's file picker. We do not crawl your Drive, index it, or read files in the background.
- What we do with the data. Each selected file is streamed to Walrus storage as part of the upload you initiate. The file's bytes pass through our server, are forwarded to Walrus immediately, and are discarded from our memory once the upload completes.
- What we don't do. We do not store Drive file contents on our servers, share them with third parties (other than the Walrus storage you explicitly chose as the destination), use them for advertising, or use them to train, develop, or improve generalized AI / ML models.
- Revoking access. You can disconnect Drive at any time from Google Account → Security → Third-party access, or from Waldrop's own Settings page.
Waldrop's use of information received from Google APIs adheres to Google's API Services User Data Policy, including the Limited Use requirements.
How we use what we collect
- To operate the service. Issue sessions, fetch files from your connected sources, push them to Walrus, register them on Sui.
- To enforce subscription limits. Plan tier and storage quota are derived from on-chain state — we read it, we don't duplicate it.
- To debug and prevent abuse. Server logs are reviewed when something breaks, never sold.
Who we share with
Waldrop is a thin layer between your sources and the destination. The third parties involved in any upload are:
- Walrus storage nodes (~100 nodes globally on testnet, run by independent operators). Receive erasure-coded slivers of your file. Slivers are public-by-default; for SEAL-encrypted blobs they hold ciphertext that no single node can decrypt.
- Sui blockchain. Your wallet, blob metadata, subscription state, and viewer allowlists are recorded as Sui transactions and shared objects. Anyone can read them.
- SEAL key servers (two independent servers operated by Mysten Labs and Waldrop). Each holds half of the encryption key for your private blobs. Neither alone can decrypt; both must respond to your wallet's signed request.
- Vercel (hosting), Sui RPC nodes (read queries), Google and Dropbox (OAuth — only if you connect those sources). Each operates under their own privacy policy.
We do not share data with advertisers, data brokers, or any party not listed above.
Data retention
- Session tokens — 1 hour after issuance, then deleted.
- OAuth refresh tokens (Drive / Dropbox) — until you revoke from your provider or 60 days of inactivity, whichever first.
- Cloud credentials (S3 / GCS / Azure / SFTP) — cleared when you close the tab; never persisted server-side.
- Server logs — up to 30 days.
- On-chain data — permanent, by design. Walrus blobs stay until their epoch expiry. Sui state stays as long as the chain. We cannot delete what's on-chain on your behalf — you can call delete and unregister functions yourself via your wallet.
Your rights
- Access. All your data inside the dapp is already visible to you — the Files, History, Sharing, and Plans pages are comprehensive views of what we know about your account.
- Deletion. Disconnect cloud sources from Settings, delete blobs from the Files page, cancel your subscription from Plans. Walrus blobs marked deletable can be deleted from your wallet; permanent blobs run until epoch expiry.
- Portability. Your blobs are content-addressed and owned by your wallet — they're portable by definition. Anyone with the blob id can fetch them from Walrus directly.
- Revoke OAuth. Google Drive: revoke at myaccount.google.com/permissions. Dropbox: revoke at dropbox.com/account/connected_apps.
Cookies + local storage
The dapp uses these client-side stores:
localStorage — your Waldrop session token (1-hour TTL), UI preferences (selected upload strategy, etc.).sessionStorage — cloud-source credentials you typed, cleared on tab close.httpOnly cookies — OAuth state during sign-in flows, and OAuth tokens (Drive / Dropbox) for connected sources.
No analytics or advertising cookies. Period.
Security
All traffic to the dapp is HTTPS. OAuth tokens are stored ashttpOnly + secure cookies, never exposed to client-side JavaScript. SEAL encryption is performed in your browser before any bytes leave your device; key shares are fetched from two independent servers and combined locally.
That said: a blockchain dapp's security is only as strong as your wallet. Lose access to your wallet's seed phrase, and we cannot recover anything on your behalf. Treat the seed phrase like cash.
Children
Waldrop is not directed at children under 13 (or 16 in the EU), and we don't knowingly collect data from anyone in those age groups. If you believe a child has used the service, contact us and we'll investigate.
Changes to this policy
We may update this policy when we add features, change vendors, or respond to legal requirements. Material changes will be flagged with an updated "Last updated" date at the top, and (for changes that materially expand data collection) a notice in the dapp the next time you sign in.
Contact
Email support@waldrop.xyz for any privacy-related question, deletion request, or to report a concern. We respond within ~7 days.