Introduction
CryptoGPT ("we," "us," or "our") operates the AI-powered cryptocurrency assistant service available at cryptogpt.site. We are committed to protecting your privacy and being transparent about how we collect, use, disclose, and safeguard your information.
This Privacy Policy applies to all users of our Service, including visitors, free users, and premium subscribers. By accessing or using CryptoGPT, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
Key Commitment: We never sell your personal data to third parties. Your information is used exclusively to provide, improve, and secure our AI cryptocurrency assistant service.
Privacy Policy Highlights
Data Security First
Enterprise-grade encryption, secure authentication, and regular security audits protect your information.
Minimal Data Collection
We collect only essential data needed to provide our AI cryptocurrency analysis service.
No Data Selling
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
Information We Collect
We collect several types of information to provide and improve our AI-powered cryptocurrency service:
2.1 Information You Provide Directly
- Authentication Data: When you sign in via Google OAuth, we receive your name, email address, and profile picture for account creation and personalization
- Payment Information: For premium subscriptions, payment processing is handled securely by NowPayments; we do not store your full payment details
- Communication Data: Cryptocurrency queries and messages you send through our AI chat interface
- Preference Settings: Your configured preferences for cryptocurrency tracking and alert settings
2.2 Automatically Collected Information
- Usage Analytics: How you interact with our service, including chat queries, features used, and session duration
- Device Information: Browser type, operating system, IP address (anonymized), and device identifiers for security and optimization
- Performance Data: Service performance metrics, error reports, and system logs to ensure reliability
- Session Cookies: To maintain your login state and enhance user experience
2.3 Cryptocurrency Market Data
We integrate with Binance API to provide real-time cryptocurrency data:
- Live cryptocurrency prices and market data
- Historical price trends and analysis
- Market cap and volume information
- Trading pairs and liquidity data
This market data is processed for AI analysis but is not linked to individual user identities.
Personal Data
- Email address
- Display name
- Profile picture
- Authentication tokens
Usage Data
- Chat query patterns
- Feature usage statistics
- Session timestamps
- Error occurrences
Technical Data
- Browser information
- Device type
- IP address (anonymized)
- Network information
Crypto Data
- Price queries
- Market analysis requests
- Risk assessment parameters
- Comparison preferences
How We Use Your Information
We use collected information for specific, legitimate purposes to provide and enhance our AI cryptocurrency service:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Service Operation & Delivery | Account data, session information | Contractual necessity |
| AI Model Improvement | Anonymized chat queries | Legitimate interest |
| Security & Fraud Prevention | IP address, device info | Legal obligation & security |
| Personalized Crypto Insights | Usage patterns, preferences | Consent & legitimate interest |
| Customer Support | Contact info, query history | Contractual necessity |
| Service Optimization | Performance metrics | Legitimate interest |
3.1 AI Processing & Machine Learning
Your anonymized cryptocurrency queries are used to train and improve our AI models via Together AI. This helps us:
- Enhance response accuracy for cryptocurrency analysis
- Improve risk assessment algorithms
- Develop better market trend predictions
- Personalize crypto insights based on query patterns
All training data is anonymized and aggregated to protect individual privacy.
3.2 Marketing Communications
With your explicit consent, we may send you:
- Service updates and new feature announcements
- Cryptocurrency market insights and analysis
- Premium subscription offers and promotions
- Educational content about cryptocurrency trading
You can opt-out of marketing communications at any time via your account settings or unsubscribe links.
Data Sharing & Disclosure
We share information only in specific circumstances with trusted partners:
4.1 Trusted Service Providers
We engage industry-leading partners to operate our service:
- Firebase (Google): Secure user authentication and data storage
- NowPayments: Secure cryptocurrency payment processing
- Together AI: AI model processing and response generation
- Binance API: Real-time cryptocurrency market data
- Vercel/AWS: Cloud hosting and infrastructure
4.2 Legal Requirements
We may disclose information when required by law:
- To comply with legal obligations and court orders
- To protect our rights, property, and safety
- To prevent fraud, security threats, or technical issues
- To enforce our Terms of Service
4.3 Business Transfers
In the event of a merger, acquisition, or asset sale, user information may be transferred as a business asset. We will notify users of any such change in ownership.
No Third-Party Data Selling: We maintain a strict no-data-selling policy. Your personal information is never sold, rented, or traded to third parties for marketing or advertising purposes.
Data Security & Protection
We implement robust security measures to protect your information:
- End-to-End Encryption: All data in transit is encrypted using TLS 1.3+
- Secure Authentication: OAuth 2.0 with Google for passwordless, secure sign-in
- Data Encryption at Rest: Sensitive data is encrypted using AES-256 encryption
- Regular Security Audits: Continuous vulnerability assessments and penetration testing
- Access Controls: Strict role-based access controls and authentication requirements
- DDoS Protection: Advanced distributed denial-of-service protection
- Secure Payment Processing: PCI-DSS compliant payment handling via NowPayments
While we implement industry-standard security measures, no system is 100% secure. We continuously monitor and update our security practices to protect against emerging threats.
5.1 Incident Response
In the unlikely event of a data breach, we will:
- Notify affected users within 72 hours of discovery
- Provide clear information about the breach and affected data
- Offer guidance on protective measures users can take
- Work diligently to resolve the issue and prevent future occurrences
Data Retention
We retain data only as long as necessary for legitimate business purposes:
| Data Type | Retention Period | Purpose |
|---|---|---|
| Account Information | Active account + 90 days after deletion | Service provision, legal compliance |
| Chat Messages & Queries | 30 days (anonymized after) | AI training, service improvement |
| Payment Records | 7 years (as required by law) | Legal compliance, financial reporting |
| Usage Analytics | 24 months (aggregated after) | Service optimization, trend analysis |
| Security Logs | 12 months | Security monitoring, threat detection |
Your Privacy Rights
Depending on your location, you have specific rights regarding your personal data:
Right to Access
Request a copy of your personal data we hold
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your personal data
Right to Restriction
Limit how we use your data
Right to Portability
Receive your data in a machine-readable format
Right to Object
Object to certain data processing
Withdraw Consent
Withdraw consent for data processing
Lodge Complaint
Complain to data protection authorities
To exercise these rights, contact us at privacy@cryptogpt.site. We will respond within 30 days and may need to verify your identity for security purposes.
7.1 California Privacy Rights (CCPA/CPRA)
California residents have additional rights under the California Consumer Privacy Act:
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of the sale of personal information
- Right to non-discrimination for exercising privacy rights
We do not sell personal information as defined by CCPA.
7.2 GDPR Rights (EU/UK)
European Union and United Kingdom residents have rights under GDPR:
- Right to be informed about data collection
- Right to access personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Rights related to automated decision-making
Cookies & Tracking Technologies
We use cookies and similar technologies to enhance your experience:
8.1 Essential Cookies
- Session Cookies: Maintain your login state and session
- Security Cookies: Protect against CSRF attacks and ensure secure connections
- Preference Cookies: Remember your settings and preferences
8.2 Analytics & Performance Cookies
We use Google Analytics (anonymized) to understand service usage:
- Track feature usage and popular queries
- Measure service performance and reliability
- Identify areas for improvement
- Understand user demographics (aggregated)
8.3 Managing Cookies
You can control cookies through your browser settings:
- Browser Settings: Most browsers allow you to block or delete cookies
- Opt-Out Tools: Use privacy tools like Ghostery or Privacy Badger
- Do Not Track: We respect "Do Not Track" browser signals
Note: Disabling cookies may affect certain service features and functionality.
International Data Transfers
CryptoGPT operates globally, and your data may be transferred to and processed in countries outside your country of residence. These countries may have different data protection laws.
We ensure appropriate safeguards for international data transfers:
- EU-US Data Privacy Framework compliance
- Standard Contractual Clauses (SCCs) where required
- Data processing agreements with all service providers
- Regular data transfer impact assessments
Children's Privacy
Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to delete such information from our systems.
Policy Updates
We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. We will notify you of significant changes by:
- Posting the updated policy on this page with a new "Last Updated" date
- Sending email notifications to registered users for major changes
- Displaying prominent notices within our service
We encourage you to review this policy periodically. Continued use of our service after changes constitutes acceptance of the updated policy.
Contact Us
For privacy-related inquiries or to exercise your rights, contact us:
General Inquiries
privacy@cryptogpt.site
Data Protection Officer
dpo@cryptogpt.site
Legal Address
Wilmington, Delaware, USA
Support
support@cryptogpt.site
For EU/UK residents: You have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your concerns adequately.