Privacy Policy

A. Account Data

When you register or use an account, we may collect:

• Email address
• Username
• Authentication/session identifiers
• Password (stored in hashed form; we do not store plaintext passwords)

B. Community Content

When you post, comment, or submit content, we collect and store:

• Posts, comments, titles, text, and metadata you provide
• Associated identifiers (e.g., your username, timestamps)
• Moderation-related records (e.g., reports, admin actions) when applicable

C. Basic Usage Data

We may collect basic technical/usage data such as:

• IP address (typically via server logs)
• Browser/device information (user agent)
• Pages or actions within the Service (e.g., requests, timestamps)
• Approximate location inferred from IP (coarse, not precise GPS)

We aim to keep usage data minimal and used mainly for security, reliability, and analytics.

We use information to:

• Create and manage user accounts
• Authenticate users and maintain sessions
• Provide community features (posting, commenting, profiles)
• Moderate content and enforce our Terms
• Prevent abuse, spam, and security incidents
• Communicate about account actions (e.g., password reset, important notices)
• Maintain, troubleshoot, and improve the Service

We use reasonable technical and organizational measures to protect data.

• Database: MongoDB
• Hosting/Compute: Vercel

Sensitive values (like passwords) are stored using secure hashing. Despite efforts, no system is 100% secure.

We use cookies and similar technologies primarily for authentication and session management.

Disabling cookies may break login and other features.

• CoinGecko (public data): used to display public market data and coin metadata.
• Email (Brevo SMTP): used for transactional emails (e.g., password reset).
• Hosting (Vercel): used to host the app and run server-side functions.

Third parties may process limited data necessary to deliver their services. We may add or change vendors over time and will update this policy if changes are material.

We do not sell your personal data.

We may share data only with:

• Service providers (e.g., hosting, email delivery) to operate the Service
• Authorities where required for legal compliance
• Security partners where necessary to prevent abuse or fraud
• Successors in a business transaction (e.g., merger/acquisition), subject to this policy

Depending on your jurisdiction, you may have rights to access, correct, or delete your personal data.

You can request account deletion by contacting: [add your official support email].

Note: Some data may remain in backups for a limited time or be retained for legal/security reasons.

We retain data as long as necessary to provide the Service, ensure security, and comply with law.

• Account data: retained while the account is active, and for a limited period after deletion request.
• Community content: may remain visible unless deleted/removed via moderation or deletion request.
• Logs/security events: retained for a limited period for reliability and abuse prevention.

We may update this Privacy Policy from time to time.

When we do, we’ll update the effective date and make reasonable efforts to notify you of material changes.

For privacy questions or requests: [add your official support email]