1. Data we collect

Account data

• Email address
• Hashed password (we never store passwords in plain text)
• Account locale, plan, access expiry
• Email-verification status

Payment metadata

• Invoice ID, plan purchased, payment method, payment status
• No card numbers, no CVV, no wallet private keys are ever stored by us

Push subscription data

• If you enable push notifications, we store the push endpoint and public keys provided by your browser/OS

Technical logs

• IP address, user agent string, request timestamps
• Retained for short periods solely for security, abuse prevention and debugging

2. How we use your data

• To provide the Service, deliver notifications and process payments
• To verify email addresses and manage account access
• To detect abuse, prevent fraud and ensure security
• To improve the Service through aggregated, non-identifying analytics
• To comply with legal obligations

3. We do not sell your data

• Email delivery: Resend (transactional email — verification, billing notifications)
• Payments: Crypto Pay, CryptoCloud (invoice processing only — they receive only the metadata required to issue and confirm an invoice)
• Hosting: our infrastructure provider (encrypted data at rest)

4. Cookies

We use a single session cookie (cs_session) to keep you signed in. This cookie is HTTP-only, Secure and SameSite-Lax. We do not use third-party advertising or tracking cookies.

5. Data retention

Account data is retained while your account is active. Inactive accounts (no access for 12 consecutive months) may be deleted automatically or upon request. Technical logs are retained for up to 90 days.

6. Your rights

Subject to applicable law, you have the right to:

• Access the personal data we hold about you
• Rectify inaccurate or incomplete data
• Erase your data ("right to be forgotten")
• Restrict or object to certain processing
• Data portability — receive your data in a structured, machine-readable format
• Withdraw consent at any time, where processing is based on consent
• Lodge a complaint with your local data-protection authority

To exercise any of these rights, contact support@coinscanner.pro. We will respond within 30 days.

7. International transfers

Your data may be processed on servers located outside your country of residence. We ensure adequate safeguards are in place (including, where applicable, EU Standard Contractual Clauses) for any international transfers.

8. Security

• Passwords are stored using industry-standard bcrypt hashing
• Sessions are protected by HTTP-only Secure cookies with SameSite protection
• All communication with the Service is encrypted via TLS 1.2+
• Production databases are encrypted at rest
• Access to production systems is restricted to authorised personnel only

9. Children

The Service is not intended for, and we do not knowingly collect data from, individuals under 18 years of age. If you believe a minor has provided us with data, contact us and we will delete it.

10. Third-party links

The Service may contain links to third-party websites (e.g. Binance). We are not responsible for the privacy practices of those websites. Please review their privacy policies.

11. Changes

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notice.

12. Contact

Home Terms of Service Risk Disclaimer Open terminal