Privacy Policy

We collect only what we need to operate, secure, and improve the Service:

• Account data — your email address and authentication identifiers.
• Usage data — research queries, generated reports, credit consumption, and feature interactions.
• Technical data — IP address, browser type, device information, and timestamps.
• Billing data — handled by our payment processor; we do not store full card details.

When you sign up, we create an account tied to your email address. You may optionally sign in with a supported social provider, in which case we receive your email and a unique provider identifier. You can update or delete your account at any time from the Account page.

Authentication is handled through our backend infrastructure provider. Sessions are stored in encrypted, browser-managed storage and are required to access paid features and your research history. We never see or store your password in plain text.

We use a minimal set of cookies and local storage entries required to keep you signed in, remember preferences, and measure aggregate usage. See our Cookie Policy for the full list.

We collect privacy-respecting analytics about how the Service is used (page views, feature usage, performance). Analytics data is aggregated and not used to build advertising profiles. We do not sell your data.

Payments are processed by Stripe. When you purchase credits or a subscription, Stripe collects and processes your payment details under its own privacy policy. We receive only a tokenized customer reference, the product purchased, and the transaction status. We do not store your card number, CVC, or full billing address on our servers.

The reports you generate are stored against your account so you can revisit them from the History page. Cached community reports may be served to other users in anonymized form (the asset researched, the resulting analysis), but never the identity of the user who originally requested them.

Your data is stored on managed cloud infrastructure inside the European Union and the United States, depending on the service. All data is encrypted in transit (TLS) and at rest. Backups are retained for operational continuity and are deleted on a rolling schedule.

We apply industry-standard safeguards including row-level access controls, encrypted credentials, principle-of-least-privilege server functions, and continuous security scanning. No system is ever 100% secure — please use a strong, unique password and notify us immediately of any suspected compromise.

If you are located in the EU/EEA or the UK, you have the right to:

• Access the personal data we hold about you.
• Request rectification of inaccurate data.
• Request erasure of your account and associated data.
• Restrict or object to certain processing.
• Receive a copy of your data in a portable format.
• Withdraw consent at any time where processing is consent-based.
• Lodge a complaint with your local data protection authority.

To exercise any of these rights, email hello@cryptoverdicts.com.

We retain account and research data for as long as your account is active. If you delete your account, personal data is removed within 30 days, except where retention is legally required (for example, tax records for completed transactions).

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us data, please contact us and we will delete it.

We may update this Privacy Policy from time to time. Material changes will be announced via the Service or by email. The "Last updated" date at the top reflects the most recent revision.

Questions about this policy? Email hello@cryptoverdicts.com.