Privacy notes
EONAPP is local-first where practical. No paid access, reward campaign, offerwall, referral payout, or provider callback is active in this release.
Last updated: 23 June 2026
Public trust policy
This page follows the public trust policy: verified payment activation, public-proof-only support, local-first privacy, explicit wallet approval, refund exceptions, no investment advice, and no profit or result promises.
- Safe evidence: invoice ID, public transaction hash, quote ID, plan, amount, timestamp, URL, and device context only.
- Never share secrets: seed phrase, private key, full API key, wallet backup file, password, or full card data.
- Manual review: refunds, unsupported crypto transfers, abuse reports, and policy exceptions require human review and may need third-party processor evidence.
Local-first storage
EONAPP stores many preferences, badges, plan status, renewal reminders, result history, generated assets, optional vault profile data, and feature state in your browser. Clearing browser storage may erase local state unless you exported a vault backup or kept independent receipt proof.
Optional Google Login and account metadata
Guest use remains available. When optional Google Login is enabled, EONAPP requests only identity scopes: openid, email, and profile. It does not request Gmail, Drive, Calendar, Contacts, YouTube, or other Google-service access.
Cloudflare may hold only a random EON account ID, a protected reference to the Google identity, a verified-email flag, consent/login timestamps, and protected session metadata. EONAPP does not keep raw Chat, prompts, AI outputs, Vault data, provider keys, files, projects, Realm layouts, City progress, browser storage exports, Google access/refresh tokens, or card data in this identity account service.
Important: Google Login is not a backup and does not create automatic cloud sync. Create and keep your own encrypted backup for local work you cannot lose. You can delete the minimal cloud account/session metadata from Profile; local data remains on your device because it was never uploaded.
Payments and processors
No checkout, subscription, payment processor, or payment callback is active in this release. Do not send funds or payment details in expectation of access. A future payment product would publish its own activation, processor, retention, refund, and support terms before launch.
Wallet and public transaction data
No direct wallet-payment rail is active in this release. Never send a wallet payment because of a message, link, or assumed future feature. Public transaction data should be shared with support only when a separately published payment flow explicitly requests it.
Vault and backups
Your exported vault file is controlled by you. If you encrypt it with a passphrase, remember the passphrase. EONAPP does not keep a server-side recovery copy unless a future account product explicitly says so in its own terms.
AI provider keys
If you enter your own AI API keys, keep them secret. BYOK flows should keep keys in your device vault and send them only to the relevant provider when you initiate a request. Support should only receive masked provider names or test results, not full key values.
Aggregate measurement and local diagnostics
EONAPP can use Google Analytics for aggregate traffic and approved product-route measurement only after you enable it in Profile. The setting is off until you choose it and applies only to the production EONAPP site.
When enabled, EONAPP sends approved logical route IDs only. It does not send chat messages, files, Vault contents, credentials, account identifiers, Google OAuth information, signed Realm shares, referral codes, local model names, raw URLs, URL queries, fragments, or user-entered values to Analytics. Advertising audiences, Google Signals, remarketing, cross-domain linking, and ad personalization are disabled in the bridge.
Redacted local diagnostics are separate, off by default, and stay only in this browser profile. When you explicitly enable them in Profile, limited local route and event summaries exclude chat content, credentials, URL queries, and fragments. You can switch them off or clear them at any time.
This page does not make a legal determination for your jurisdiction. The product default is no aggregate measurement until you actively enable it.
Campaigns, analytics, and partners
No ad, offerwall, rewarded unlock, sponsor, referral-reward, or revenue-share campaign is active. The Telegram and signed-link routes do not load campaign providers or create rewards. AI providers or optional local runtimes may still be contacted only when you explicitly choose them.
Signed referral and Realm links
Public eon2 referral and eon3 Realm links carry signed public metadata and a fresh cryptographic share ID. They contain no wallet secrets, password, payment request, click ledger, payout claim, or active reward value. Do not put real names, private notes, secrets, or sensitive details into a public label or handle.