This Privacy Policy governs the processing of personal data by CoinBelieve in compliance with the Digital Personal Data Protection Act, 2023 (India), GDPR (EU), and CCPA/CPRA (California).
1. Data Purpose Mapping
| Category | Elements | Purpose | Legal Basis |
|---|---|---|---|
| Identity | Email, Username | Account authentication, 2FA security | Contractual Necessity |
| Technical | IP, User Agent | Fraud prevention, DDOS protection | Legitimate Interest |
| Location | City/Country | Regional content, Tax compliance | Legitimate Interest |
| Behavior | Clicks, Views | Algorithmic ranking, Analytics | Legitimate Interest |
2. User Rights (Global)
Access & Portability
Request a copy of your personal data in JSON format.
Rectification
Correct inaccurate data via Dashboard settings.
Erasure
"Right to be Forgotten" - permanent account deletion.
To exercise these rights, email: [email protected]
3. Data Retention & Deletion
We retain data only as long as necessary to fulfill the purposes outlined above:
- Active Accounts: Indefinite until deletion request is received.
- Security Logs: Retained for 90 days (rolling window) for audit trails.
- Deleted Accounts: Hard deletion occurs within 30 days. Backups may retain encrypted fragments for up to 60 days.
4. Third-Party Sharing & Transfers
We do not sell personal data. We share data only with infrastructure providers bound by Data Processing Agreements (DPAs):
- Google (AdSense/Analytics): For advertising personalization and traffic analysis.
- MaxMind (GeoIP): For location resolution (City-level).
- Cloudflare: For edge caching and security firewalling.
Data may be processed on servers located outside your country (e.g., USA, EU). We rely on Standard Contractual Clauses (SCCs) to ensure data protection standards are met during transfer.
5. Children's Privacy
CoinBelieve is not intended for users under the age of 16 (or 13 in jurisdictions where that is the minimum age). We do not knowingly collect personal information from children. If we become aware that a user is under the applicable minimum age, we will promptly delete their account and associated data.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected].