RecordBTCRecordBTC
Sign inStart for free

Privacy Policy

Last Updated: November 01, 2025 Effective Date: November 01, 2025

At a Glance

This summary provides the highlights of our Privacy Policy. Please read the full policy for complete details.

  • Who We Are: We are the RecordBTC Team ("we", "us"), the providers of the RecordBTC service.
  • What We Collect:
    • Account Data: Your email, Google ID (if used), nickname/avatar.
    • Your Product Data: Your created DCA plans, transaction records, and notes.
    • Technical Data: IP address, browser/device info, and usage logs for security and analytics.
  • Why We Collect It: To provide the service, secure your account, improve our product, and communicate with you.
  • Who We Share It With: We only share data with trusted service providers who help us run the service (like our hosting, database, and email providers). We do not sell your personal data.
  • Your Rights: You have the right to access, correct, and delete your data.
  • How to Contact Us: For any privacy questions, please email us at [email protected].

Introduction

This Privacy Policy explains how the RecordBTC Team ("we," "us," or "our") collects, uses, and protects your personal information when you use our website, applications, and services (collectively, the "Service").

This policy should be read alongside our Terms of Service. By using our Service, you agree to the collection and use of information in accordance with this policy.

What Information We Collect

We collect several types of information for various purposes to provide and improve our Service to you.

  • Account Data: When you create an account, we collect information necessary for authentication and contact. This includes:
    • Your email address.
    • Your Google ID, email, nickname, and avatar (if you sign up using Google OAuth).
    • Your email verification status.
  • Product Data: This is the data you generate while using the Service. You control this data. This includes:
    • Your saved DCA (Dollar-Cost Averaging) plans.
    • Your manually recorded transactions and personal notes.
    • Your account settings and preferences (e.g., currency, theme).
    • Your alert preferences (e.g., if you opt-in for Email or SMS alerts).
  • Technical Data: When you access the Service, we automatically collect certain technical information for security, stability, and analysis. This includes:
    • Your IP address.
    • Device and browser information (e.g., browser type, operating system).
    • Service logs (e.g., access times, pages viewed).
    • Security metadata (e.g., for rate limiting and login attempt tracking).
  • Communications Data: When you contact us for support or when we contact you, we collect:
    • Support emails you send to us.
    • Records of operational or security notices we send to you.
    • Your preferences for receiving optional marketing communications (which you can opt-out of at any time).
  • Sensitive Data: We do not intentionally collect sensitive personal data (such as health information, racial or ethnic origin, or political opinions). The "notes" feature is free-form; please do not store sensitive personal data there.

How and Why We Use Your Information (Purpose and Legal Basis)

We use your data only for specific, legitimate purposes. For users in regions like the European Economic Area (EEA), we rely on specific legal bases for processing.

How We Share Your Information

We do not sell your personal data. We only share it in the following limited circumstances:

  • With Service Providers: We use third-party vendors to help us operate the Service. They are contractually bound to protect your data and only use it for the services we request.
  • For Legal Compliance: We may disclose your information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
  • During Business Transfers: If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.

Data Retention and Deletion

We retain your personal data for as long as your account is active.

  • Active Account: Your Account and Product Data are retained as long as your account exists. Technical logs are typically retained for shorter, rolling periods as needed for security and operations.
  • Account Deletion: If you choose to delete your account, your data is first moved to an "archival snapshot" for a period of days. This snapshot is used only for recovery purposes (e.g., if you deleted your account by mistake).
  • Permanent Deletion: After this 30-day period, your personal data is permanently and irreversibly deleted from our live and archival systems.
  • Exceptions: We may retain certain information for longer periods if required by law (e.g., for tax or accounting purposes) or for legitimate business needs (e.g., security and fraud prevention).

Security Measures

We take the security of your data seriously and implement technical and organizational measures to protect it. These include:

  • Encryption: We use TLS (SSL) to encrypt all data in transit. Sensitive credentials (like passwords, though we primarily use OAuth) are cryptographically hashed.
  • Access Control: We limit internal access to your personal data to only those employees or contractors who need it to perform their jobs.
  • Security Practices: We use security measures like rate limiting and account lockouts to protect against automated attacks.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee its absolute security.

International Data Transfers

Our Service is hosted on global infrastructure (e.g., Vercel). This means your information may be transferred to, and processed in, countries other than your own.

If you are a resident of the EEA, UK, or Switzerland, your data may be transferred outside of these regions. In such cases, we rely on approved data transfer mechanisms, such as the European Commission's Standard Contractual Clauses (SCCs), to ensure your data is afforded a level of protection consistent with European data protection laws.

Your Data Protection Rights

You have specific rights regarding your personal information. How you exercise them may depend on your location.

How to Exercise Your Rights: You can access and update some of your information (like your nickname) directly in your account settings. For any other requests, please contact us at [email protected]. We will respond to your request within the time frame required by law (e.g., within 30 days for GDPR).

Rights for Users in the EEA, UK, and Switzerland (GDPR) If you are located in these regions, you have the following rights:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request that we correct any inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): Request that we delete your personal data.
  • Right to Restrict Processing: Request that we limit how we use your data.
  • Right to Data Portability: Request a copy of your data in a machine-readable format.
  • Right to Object: Object to our processing of your data (e.g., for marketing).
  • Right to Withdraw Consent: You can withdraw your consent at any time where we rely on it.

Rights for Users in California (CCPA/CPRA) If you are a California resident, you have the following rights:

  • Right to Know: Request to know what personal information we collect, use, disclose, and "sell" or "share" (Note: We do not "sell" or "share" your data as defined by CPRA).
  • Right to Delete: Request the deletion of your personal information.
  • Right to Correct: Request the correction of inaccurate personal information.
  • Right to Opt-Out of Sale/Sharing: You have the right to opt-out. As stated, we do not sell or share your personal information.
  • Right to Limit Use of Sensitive Personal Information: You have this right, but we do not intentionally collect this type of information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

Cookies and Tracking Technologies

We use cookies and similar technologies to operate and analyze our Service.

  • What are Cookies: Small text files stored on your device.
  • Our Use:
    • Necessary Cookies: Essential for the Service to function (e.g., keeping you logged in). These cannot be disabled.
    • Analytics Cookies (e.g., Google Analytics): Help us understand how you use the Service so we can improve it.
    • Marketing Cookies: (We may use these in the future) To show you relevant ads.
  • Your Consent: When you first visit our site, we will show you a cookie banner asking for your consent to use non-essential cookies.
  • Managing Preferences: You can manage your cookie preferences at any time through our cookie banner or in your browser settings.

Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18.

If you are a parent or guardian and become aware that your child has provided us with personal information, please contact us at [email protected]. We will take steps to delete that information from our servers.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last Updated" date. We may also notify you via email or through an in-app notification.

Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us at:

RecordBTC Team Email: [email protected]