Legal
Privacy Policy
Last updated: June 8, 2026 · GDPR & CCPA aligned
We take your privacy seriously. We collect only what we need to operate the Service and never sell your personal data to third parties.
1. What We Collect
Account Data
- Name, email address, encrypted password
- Profile settings, risk preferences, notification preferences
- IP address and browser information at login (for security audit logs)
Exchange Data
- Encrypted API keys you choose to connect
- Portfolio balances and trade history fetched from your exchange
- We only request read-only API permissions
Usage Data
- Pages visited, features used, AI signals viewed or dismissed
- Game participation, XP activity
- Error logs and performance metrics
Communication Data
- Email address for transactional emails (verification, password reset, notifications)
- Telegram Chat ID if you optionally configure Telegram notifications
2. How We Use Your Data
- To operate the platform and deliver AI signals personalized to your portfolio
- To send transactional emails (verification, password resets, AI alerts you subscribed to)
- To detect fraud, abuse, and security incidents
- To improve AI models using aggregated, anonymized market behavior data
- To process payments and manage subscriptions
We do not use your data for advertising, sell it to data brokers, or share it with third parties except as described below.
3. Data Sharing
We share data only with:
- Payment processors (Stripe): billing data necessary to process your subscription
- Email providers: your email address to deliver transactional messages
- Law enforcement: when required by valid legal process
4. Data Retention
- Account data is retained while your account is active
- After account deletion, data is permanently deleted within 30 days
- Security and audit logs are retained for 12 months
- Aggregated, anonymized analytics data may be retained indefinitely
5. Security
- API keys are encrypted at rest using AES-256
- Passwords are hashed with bcrypt
- All connections are secured via TLS/HTTPS
- Two-factor authentication is available and encouraged
- We conduct regular security reviews
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access — request a copy of your personal data
- Rectification — correct inaccurate data
- Erasure — request deletion of your data ("right to be forgotten")
- Portability — receive your data in a machine-readable format
- Objection — opt out of certain processing activities
To exercise any of these rights, contact us at privacy@becrypto.club. We will respond within 30 days.
7. Cookies
We use only strictly necessary cookies for session management and CSRF protection. We do not use third-party tracking cookies or advertising cookies.
8. Children's Privacy
The Service is not directed to individuals under 18. We do not knowingly collect data from minors. If you believe a minor has registered, contact us immediately.
9. Changes to This Policy
We may update this Privacy Policy. We will notify registered users by email of material changes at least 14 days before they take effect.
10. Contact
Privacy inquiries: privacy@becrypto.club