Satsquatch does not use Google Analytics, Segment, Hotjar, Vercel Analytics, or any third-party scripts for ads, funnels, or behavioral profiling. Next.js telemetry is disabled. We do not run product-analytics or retargeting pixels in the app.
We use Sentry (sentry.io) to capture server and client errors so we can fix bugs quickly. Sentry may collect stack traces, URL paths, browser type, and a user ID associated with the error. Sentry does not receive wallet addresses, transaction history, or any financial data.
We use Resend (resend.com) to deliver account-related emails including signup confirmation, password reset, and security notifications. Resend processes email metadata (recipient address, subject, delivery status).
When you sign in, we record a device fingerprint (derived from your browser type, operating system, and approximate geographic region from your IP address) to detect new sign-ins to your account. We do not store precise IP addresses long-term except for the most recent login per device. This information is used only to send you security notifications.
All fonts are self-hosted via next/font. No requests are made to Google Fonts, Adobe, or any external font service. Your IP address is never leaked through stylesheet loads.
Your email address (for authentication), wallet labels you create, and transaction data from sources you connect — cold storage addresses, Coinbase, and brokerage accounts via Plaid. We store only what is needed to display your portfolio.
Wallet addresses are encrypted at rest using AES-256-GCM. If our database were ever compromised, an attacker could not link your email to your Bitcoin addresses. The encryption key is stored separately from the database and is never committed to the codebase.
You sign in with email and password. Passwords are handled by Supabase Auth; we do not store plain-text passwords in our application database.
Your data is never sold, shared with advertisers, or provided to third parties. Your portfolio data exists to serve you and no one else.
You can permanently delete your account and all associated data at any time from Settings. This is a hard delete — every row is wiped, not soft-deleted.
See also Security.
Last updated April 2026