Legal

Privacy Policy

Effective: April 4, 2026 Last updated: April 4, 2026 Pukapasoft · seekertapper.pukapasoft.xyz

Section 01

Overview

This Privacy Policy describes how Pukapasoft ("we", "us", "our") collects, uses, and protects information when you use SeekerTapper — a precision auto-tap Android application distributed through the Solana dApp Store for Seeker devices.

We built SeekerTapper to be lean on permissions and transparent about data. The sections below describe exactly what we collect, why, and what we do not collect.

Plain summary

We collect your public wallet address, tap counts, and tier status for leaderboard functionality. We use the Accessibility Service only to dispatch tap gestures — never to read screen content. We do not sell data. We do not serve ads. We have no third-party analytics SDK.

Section 02

Data We Collect

The following table describes every category of data the app and backend collect.

Data Purpose Stored where
Public wallet address
Public on-chain 		Identity for leaderboard ranking and tier unlock verification. Never linked to real-world identity by us. Our backend server (leaderboard)
Cumulative tap count
Per-session 		Leaderboard ranking. Aggregated — individual session records are not retained. Our backend server
Tier status (Free / Premium / Gold / Platinum / Diamond)
On-chain verified 		Controlling app speed limits. Verified by backend against on-chain transaction record. Our backend server (cache only)
On-chain transaction signature
Blockchain-public 		Proof of tier purchase or SKR payment. Submitted to us for verification. Solana mainnet (inherently public) + our backend as reference ID
Tap session metadata (duration, speed tier active)
Session-only 		Updating cumulative tap count on the leaderboard at session end. Transmitted to backend, not persisted individually
App crash / error logs
Technical 		Diagnosing crashes. Contains device model, Android version, and stack trace — no personal data. Our backend server; purged after 30 days

What we do NOT collect

We do not collect: your name, email address, phone number, device location, contact list, camera or microphone data, photos, biometric data, screen content, keystrokes, or any information about other apps on your device. The Accessibility Service does not read your screen — it only writes (dispatches) tap gestures.

Section 03

Accessibility Service

SeekerTapper uses the Android Accessibility Service API to dispatch automated tap gestures on your screen. This is the only mechanism available on Android for injecting touch events without root access.

Exact scope of use

The Accessibility Service is used only to call dispatchGesture() — it sends tap coordinates to the Android input system. It does not read window content, does not observe other apps, does not intercept text input, and does not capture any screen data. No data accessed via this API is transmitted anywhere.

When you enable the Accessibility Service in Android Settings, you will be shown Android's system warning that the service "can observe all content on your screen." In the case of SeekerTapper this system warning is overstated — our implementation reads nothing. Our AccessibilityService subclass overrides only onAccessibilityEvent() with an empty body and uses dispatchGesture() exclusively.

You can revoke the Accessibility Service permission at any time in Settings → Accessibility → Installed Services. The app will stop tapping immediately upon revocation.

Section 04

Blockchain & Wallet Data

SeekerTapper uses Mobile Wallet Adapter (MWA) to authenticate your Solana wallet. We request a sign-in signature to verify wallet ownership — we never request permission to send transactions on your behalf without explicit confirmation.

Tier purchases and SKR token payments are on-chain transactions on Solana mainnet. By nature of blockchain technology, these transactions — including the sending address, amounts, and timestamps — are permanently and publicly visible on the Solana ledger. We do not control and cannot modify this public record.

We store your public wallet address on our backend to power the leaderboard. A public wallet address is not personal data in the traditional sense — it is a pseudonymous identifier you created and published to the blockchain. We make no attempt to link it to your real-world identity.

Section 05

Backend Server

Our backend is a private VPS operated by Pukapasoft, hosted in the European Union. It stores the leaderboard database (wallet address → tap count → tier badge), tier verification cache, and short-lived crash logs.

The server is not a third-party service. All data transmitted between the app and our backend travels over HTTPS with TLS 1.2+. No third-party cloud provider (AWS, Google Cloud, Firebase, etc.) holds your data.

Data location

Backend servers are located in the European Union. If you are located outside the EU, your wallet address and tap count are transferred to and stored in the EU solely to power the leaderboard.

Section 06

Third Parties & Data Sharing

We do not sell, rent, or share your data with advertisers, data brokers, or marketing platforms. We have no advertising SDK in the app. There is no tracking pixel, no analytics service, no crash reporting SDK with remote transmission (crashes are reported to our own backend only).

The only third-party interaction is with the Solana blockchain (public ledger) and your wallet provider (Phantom, Solflare, Backpack, etc.) — both of which have their own independent privacy policies covering their respective services.

We may disclose data if required by law, court order, or to protect against fraud or abuse — in which case we will disclose only the minimum necessary.

Section 07

Data Retention & Deletion

Leaderboard data (wallet address and tap count) is retained for as long as the app is active. If you wish to have your leaderboard entry removed, email us at the address in Section 12 with your wallet address and we will delete the record within 14 days.

Crash logs are automatically purged after 30 days. Tier verification cache entries expire automatically when no session has been seen from a wallet for 90 days.

On-chain transaction records on the Solana blockchain cannot be deleted by us or by anyone — they are an immutable public ledger by design.

Section 08

Security

We apply the following measures to protect data stored on our backend:

  • HTTPS / TLS 1.2+ on all client–server communication
  • Database access restricted to the application process; no public-facing database port
  • No plaintext secrets stored; API keys and signing credentials are environment-scoped
  • Server hardened with firewall rules, SSH key-only access, and routine security updates

No internet transmission is 100% secure. If you believe your data has been compromised, contact us immediately at the address in Section 12.

Section 09

Children & Minors

SeekerTapper is not directed at children under the age of 13, or under the age of 16 where applicable by local law (e.g. GDPR jurisdictions). The app requires Solana wallet ownership and involves cryptocurrency transactions, which are not appropriate for minors.

We do not knowingly collect data from anyone under the applicable minimum age. If we become aware that a minor has submitted data, we will delete it promptly upon request.

Section 10

Your Rights

Depending on your jurisdiction, you may have the following rights over data we hold about you:

  • Access — request a copy of the data we hold linked to your wallet address
  • Correction — request correction of inaccurate data
  • Deletion (Right to be Forgotten) — request removal of your leaderboard entry and associated data
  • Restriction — request that we stop processing your data while a dispute is resolved
  • Portability — request your data in a machine-readable format
  • Objection — object to processing based on legitimate interest
  • CCPA opt-out — California residents: we do not sell data, so there is nothing to opt out of; you may still contact us to confirm this

To exercise any of these rights, contact us at the address in Section 12. We will respond within 30 days. Requests are free of charge.

GDPR — EU/EEA users

Our legal basis for processing leaderboard data is legitimate interest (providing the leaderboard feature you opted into by using the app). You may withdraw at any time by requesting deletion. For complaints, you have the right to lodge a complaint with your national data protection authority.

Section 11

Policy Changes

We may update this policy to reflect changes in the app, applicable law, or our practices. When we do, we will update the "Last updated" date at the top of this page and, for material changes, post a notice in the app.

Continued use of SeekerTapper after a policy update constitutes acceptance of the revised policy. If you do not agree with a change, you may stop using the app and request deletion of your data.

Section 12

Contact

For any privacy-related questions, data requests, or concerns:

📧

Email

contact@pukapasoft.xyz

Response within 30 days · English and Czech accepted

🌐

Publisher

Pukapasoft

seekertapper.pukapasoft.xyz · nacodex.pukapasoft.xyz