Privacy Policy
Last updated: 27 April 2026
1. Overview
Antares (“the Extension”) is a browser extension that scans Solana token contract addresses on supported trading platforms and returns a risk verdict. This page explains what we process, the third parties involved, and the rights you can exercise. The canonical source is the in-extension policy at antares-extension.vercel.app/privacy.html — this page mirrors it for visitors who haven’t installed the Extension yet.
2. Who we are
The Extension is operated by the COMEALAMAISONGROUPE project. Bug reports and feature requests go through the support page. For privacy questions, see section 12.
3. Data we process
When the Extension detects a Solana contract address (base58, 32–44 characters) on a supported page, that address is sent to our API at antares-extension.vercel.app/api/scan. The address is public blockchain data. Our legal basis for processing it is legitimate interest — it is the minimum data required to deliver the verdict you explicitly requested.
Any HTTPS request to our API is received by Vercel’s edge network. Vercel sees and may briefly log:
- your IP address (used for rate limiting; not stored beyond a 60-second sliding window in Upstash Redis)
- your user-agent string (browser identifier)
- the contract address sent in the query string
We do not correlate this metadata with an identity. We do not use it for analytics, profiling, or advertising.
If the Extension sends an X-Antares-Install header (a random opaque identifier generated by your browser on first install), we use it alongside your IP as a rate-limit key so multiple users sharing a corporate NAT each get a fair quota. The identifier is opaque — we cannot derive any personal information from it — and you may clear it at any time by uninstalling and reinstalling the Extension.
4. Where the Extension activates
The Extension’s content script runs only on the trading platforms declared in the manifest’s host_permissions. On any other site the Extension is dormant. As of this version:
- dexscreener.com
- pump.fun
- axiom.trade
- photon-sol.tinyastro.io
- birdeye.so
- www.geckoterminal.com
- gmgn.ai
- app.telemetry.io
On these sites the Extension reads the URL and the visible page DOM to find a Solana contract address. It does not read form fields, credentials, cookies, or other page content.
5. Third-party processors
To deliver the verdict, our API forwards the contract address (not your IP) to a small set of external services, each with its own privacy policy:
| Processor | Purpose | Policy |
|---|---|---|
| Vercel | API hosting, edge network | vercel.com/legal/privacy-policy |
| Upstash | Redis cache + rate limiting | upstash.com/trust/privacy.pdf |
| Sentry | Error telemetry (no PII) | sentry.io/privacy |
| Google (Gemini) | AI verdict synthesis | policies.google.com/privacy |
| DexScreener | Price, volume, liquidity | dexscreener.com/privacy-policy |
| RugCheck | Token security report | rugcheck.xyz |
| GoPlus | Honeypot / authority checks | gopluslabs.io/privacy-policy |
| Helius | Solana RPC (holders, supply, signatures) | helius.dev/privacy |
| Solscan | Holder count, transfers, market pool | solscan.io/privacy |
We do not sell, rent, or share your data for advertising. We do not use processors beyond this list.
6. International transfers
Our infrastructure (Vercel, Upstash, Sentry) operates primarily from data centres in the United States. If you access the Extension from the European Economic Area, the United Kingdom, or Switzerland, technical request metadata is transferred outside your region. We rely on the processors’ Standard Contractual Clauses where available. Each processor’s transfer mechanism is documented in their privacy policy linked above.
7. Data retention
- Scan cache: 30 seconds to 30 minutes (asymmetric per verdict; risky tokens cache longer for safety, safe-looking young tokens cache shorter to avoid stale-clean errors). Keyed on contract address only, never on your IP or install-id.
- Rate-limit window: 60-second sliding window keyed on
(IP, install-id). Keys auto-expire. - Error telemetry (Sentry): 90 days. Captures stack traces and request IDs only — never the contract address or your IP.
- Vercel access logs: Vercel’s default retention applies (typically 30 days). We do not download or process these logs.
8. Chrome permissions
The Extension requests the following permissions, declared in package.json:
storage— persists your settings (theme, alert thresholds) locally in your browser. Never synced to a server.notifications— lets the Extension fire a Chrome notification when a previously-scanned token’s verdict escalates to DANGER or RUG.activeTab+tabs— lets the Extension read the URL and the visible page DOM on supported sites only.alarms— periodic background re-scan of tokens you’ve flagged for monitoring.
9. Your rights
Under GDPR (EEA / UK / Switzerland), CCPA (California), and similar laws, you have the right to:
- access the personal data we hold about you
- request correction or deletion
- object to or restrict processing
- data portability
- lodge a complaint with your local data-protection authority
In practice, because we do not store an identifier tied to you beyond transient rate-limit windows, there is typically no data to access or delete. If you want to be certain no request metadata persists, the fastest action is to uninstall the Extension and (optionally) clear your Chrome extension data.
To make a formal request, email the address in section 12 with a description of the right you are exercising. We will respond within 30 days.
10. Children’s privacy
The Extension is not directed at children under 13 (US) or 16 (EEA). We do not knowingly collect data from children.
11. Security and disclosure
Security issues should be reported privately by emailing antaresantiscam@gmail.com with subject [SECURITY]. Do not include exploit details in any public channel. If a data breach affects you, we will notify you without undue delay and no later than 72 hours after becoming aware of it, in line with GDPR Article 33.
12. Contact
For privacy requests or questions, email antaresantiscam@gmail.com — see the support page for bug reports, feature requests, or verdict feedback. For security reports, email the same address with subject [SECURITY]. Do not include exploitable details in any public channel.
13. Changes to this policy
If we materially change how the Extension processes data, we will update the date at the top of this page and publish a note in the repository’s CHANGELOG.md. Continuing to use the Extension after a change means you accept the updated policy.