Privacy
Privacy notes for API and agent-driven checkout interactions.
Data Minimization
The gateway expects only checkout-essential fields (for example recipient nickname or wallet address). Agents should avoid sending unrelated personal data.
Payment Data
Payment payloads, signatures, transaction references, and delivery status are processed to verify settlement, persist ledger state, reconcile purchases, and prevent duplicate fulfillment.
Responsible Disclosure
Security reports about payment verification, replay, duplicate delivery, ledger persistence, or agent auth metadata should be sent to security@clashofcoins.com with request IDs and transaction references when available.
Operational Logs
Request and flow IDs may be logged for reliability, fraud prevention, and purchase reconciliation. Treat payment payloads and signatures as sensitive data.