← Back to home

Privacy Policy

Last updated: June 17, 2026

1. Data Controller

Erik Temesvári, 1088 Budapest, József krt. 2., Hungary. Contact: support@cryptotrade.money.

2. Data We Collect

  • Account data: email address, password hash, 2FA secret, recovery codes.
  • Profile data: display name, language preference, notification settings.
  • Wallet data: public wallet addresses you connect. We never access your private keys or seed phrase.
  • Usage data: trades placed via the platform, alerts, bot configurations, paper-trading history.
  • Billing data: handled by Stripe (we receive subscription status, customer ID, last 4 of card; we do not store full card data).
  • Technical data: IP address, browser/device info, session logs, error logs.

3. Legal Basis & Purposes (GDPR Art. 6)

  • Contract performance: providing the Service, processing subscriptions.
  • Legal obligation: tax records, accounting, responding to authorities.
  • Legitimate interest: fraud prevention, security, service improvement.
  • Consent: marketing emails (you can opt-out anytime).

4. Sharing With Third Parties

We share data only with processors necessary to operate the Service:

  • Stripe (payments) — Ireland/USA
  • Supabase (database, auth hosting) — EU
  • Cloudflare (CDN, edge compute)
  • Resend (transactional email)
  • Solana RPC providers and Jupiter (public on-chain data only)

We do not sell your personal data.

5. International Transfers

Some processors are located outside the EEA. Transfers are governed by Standard Contractual Clauses or equivalent safeguards.

6. Retention

Account data is kept while your account is active and for up to 12 months after deletion. Billing records are kept for 8 years (Hungarian Accounting Act). Logs are kept up to 12 months.

7. Your Rights (GDPR)

You have the right to access, rectify, erase, restrict, port, and object to processing of your data, and to withdraw consent at any time. To exercise these rights, email support@cryptotrade.money. You may also lodge a complaint with the Hungarian DPA (NAIH, naih.hu).

8. Cookies

We use strictly necessary cookies for authentication and session management. We do not use advertising or cross-site tracking cookies.

9. Security

We apply industry-standard measures: TLS in transit, encryption at rest, hashed passwords, optional 2FA, RLS on the database, and least-privilege access. No system is 100% secure; you are responsible for your account credentials.

10. Children

The Service is not directed to anyone under 18.

11. Changes

We may update this Policy. Material changes will be notified by email or in-app.