Privacy Policy

What Cedar is

Cedar Wallet is a self-custody smart wallet product with web, native, and browser extension surfaces. The browser extension lets users connect Cedar Pocket or Vault wallets to dapps, review dapp access, approve Pocket messages and transactions, and hand Vault approvals to the Cedar mobile app when phone approval is required.

This policy covers Cedar Wallet web, native, and extension surfaces.

Data we handle

Cedar may handle account and wallet data such as wallet addresses, wallet labels, selected wallet scope, selected chain, wallet readiness, balances, activity, pending operations, operation identifiers, operation status, and connected dapp records.

Cedar may handle authentication and session data such as passkey registration or login challenge responses, access tokens, refresh tokens, trusted-device state, and local extension session state.

Cedar may handle dapp request data such as requesting origin, connection status, message-signing metadata, transaction metadata, operation-review metadata, and user approval or rejection state.

Cedar may handle local preferences such as theme, selected chain, selected wallet scope, and cached user-interface state.

How we collect data

You provide data when you create or sign in to a Cedar account, connect a dapp, approve or reject a request, initiate a transaction, configure wallet settings, or use recovery and security flows.

The extension receives dapp request metadata from websites that call the Cedar provider. Cedar review screens ask for user approval before connection, signing, or transaction actions proceed.

Cedar clients read current wallet and operation state from the Cedar API so that web, native, and extension surfaces can show coherent status.

How we use data

Cedar uses data to authenticate users, show wallet state, connect to dapps, prepare wallet operations, submit approved Pocket operations, hand Vault approvals to native, show operation status, maintain connected-app access records, and provide support.

Cedar does not use extension data for advertising. Cedar does not sell user data.

Who we share data with

Cedar sends the data needed for wallet operation and status tracking to the Cedar API for the active Cedar environment.

Approved onchain operations are submitted to blockchain networks and related infrastructure providers. Onchain transaction data, wallet addresses, and transaction status may become public on supported blockchains.

When a dapp is connected, the dapp may receive the wallet information and responses needed for the request the user approved, such as connected wallet address, chain information, signatures, or transaction responses.

Cedar does not share user data with advertising networks or data brokers.

Local storage

The browser extension uses local extension storage to keep session state, selected wallet scope, selected chain, connected dapp records, cached wallet rows, pending operation context, and user-interface preferences.

This storage lets the extension restore the user's session and show the correct Pocket or Vault state without asking the user to sign in for every dapp request.

User control

Users can reject dapp connection, signing, and transaction requests. Users can remove connected-app access from Cedar surfaces. Users can sign out from the extension and clear the extension's local Cedar session state.

Do not send private recovery material to Cedar in chat, email, support tickets, screenshots, or any other support channel. Cedar support should never ask for private recovery material.

Security and retention

Cedar keeps product state needed to operate wallets, show history, resume pending work, and support account security flows. Retention depends on the type of product state and whether it is needed for wallet operation, auditability, support, security, or legal obligations.

Cedar's backend does not hold user private keys. Passkey, device-key, and recovery material stay under user control or trusted-device control according to the product flow.

Changes and contact

Cedar may update this policy when product behavior, data handling, or distribution changes. The latest version will be posted on this page.

Questions about this policy can be sent to contact@cedarwallet.io.