Privacy Policy
Last updated: {{ now_date }}. We collect the minimum information required to deliver your purchase and process payments. We do not sell your data, and we never share it with advertisers or data brokers.
1. Information we collect
When you create an account or place an order, we collect:
- Account identifiers — your Telegram user ID (if you sign in with Telegram) or the email address you registered with.
- Authentication data — a salted hash of your password (never the password itself). We use industry-standard hashing (Werkzeug PBKDF2).
- Order data — the products you purchase, the prices paid, and the delivery credentials we issued you. Required to support warranty claims.
- Payment references — Binance Pay order IDs and blockchain transaction hashes you submit for verification. We do not store card numbers, bank details, or wallet seeds.
- Wallet balance & deposit history — internal ledger of credits, debits, and the source transaction for each entry.
- Session cookies — a signed session cookie that keeps you logged in.
- Support tickets — the messages you send us when opening a ticket.
We do not collect: location data, advertising identifiers, contacts, microphone, or camera access.
2. How we use information
- Process orders and deliver subscriptions.
- Verify Binance Pay and on-chain crypto payments against the official Binance API.
- Honour warranty claims and replace failing accounts within the coverage window.
- Detect and prevent fraud, duplicate-reference abuse, and chargeback attempts.
- Respond to support inquiries.
3. Payments & crypto
All payments are processed through the user's own Binance account or wallet. We never see your private keys, seed phrases, or Binance login credentials. We see only the public on-chain transaction hash or Binance Pay order ID you provide, which we query against Binance's public verification APIs.
4. Cookies
We use a single first-party cookie — your session cookie — to keep you signed in. It expires after a period of inactivity. We do not use third-party advertising or analytics cookies. No Google Analytics, no Facebook Pixel, no tracking SDKs.
5. Data retention
- Order & deposit records — kept indefinitely for warranty, anti-fraud, and accounting purposes.
- Account profile — kept while your account is active.
- Session cookies — expire after inactivity.
- Support tickets — kept for 2 years after closure.
You may request deletion of your account profile by opening a support ticket. Order and deposit records are retained as required by anti-fraud regulations.
6. Sharing with third parties
We share data only with:
- Binance public verification APIs — to confirm your crypto payment exists on-chain or in Binance Pay history. We send the transaction hash / order ID and receiver address only.
- Telegram — when you sign in with Telegram OAuth, we receive your Telegram user ID and (optionally) public username from Telegram. We do not message you outside of explicit support context.
- Hosting provider — server logs may be retained by our infrastructure provider for up to 30 days for diagnostic purposes.
We do not sell, rent, or otherwise commercialise customer data.
7. Your rights
You may at any time:
- Request a copy of the data we hold on you.
- Correct inaccurate data.
- Request account deletion (order records may be retained as noted above).
- Withdraw consent and stop using the service.
8. Contact
For any privacy-related question, please open a ticket at our contact page or message our Telegram bot.
