Privacy Policy

2. Information We Collect

2.1 Account & Profile Data

• Identifiers: name, email address, username, password (hashed), country/region, billing address, and any profile details you add.
• Tier & status: plan (Lite, Pro, Legacy), renewal dates, upgrade/downgrade history, credits, trial eligibility, and feature entitlements.

2.2 Payment & Transaction Data

• Card/PayPal: we receive limited billing details and transaction metadata from payment processors (e.g., last four digits, card type, expiry month/year, transaction IDs). We do not store full card numbers or CVV.
• Crypto (ETH/BTC) for annual, non‑recurring subscriptions: wallet address provided or used for payment, transaction hash, amount, timestamp, and related operational records. On‑chain data is public and cannot be altered or deleted by us.

2.3 Usage & Device Data

• Technical: IP address, device and browser type, operating system, language, referring/exit pages, timestamps, error logs, performance and diagnostic information.
• Service activity: page views, content access (e.g., early access views), poll participation, feature interactions (e.g., search/filter on reviews), settings changes.

2.4 Communications & Support

Support requests, email threads, in‑product messages, and any attachments or screenshots you submit.

2.5 Community & Integrations (Discord)

• If you link or use Discord to access Club channels/roles, we may receive from Discord your Discord user ID, username, avatar, and role assignments to validate access.
• Discord Feed: the Site mirrors certain one‑way channels (including posts by CBC Detectives). These posts are member‑generated and may include usernames/avatars. We process and display this content within the Club. See Section 8 (User content).

2.6 Marketing Preferences

Your opt‑in/opt‑out status for newsletters, product updates, and promotions.

2.7 Derived, Aggregate, and Anonymized Data

We may generate aggregate statistics (e.g., feature adoption, poll results) or de‑identify data for analytics, product development, and reporting.

3. How We Use Your Information (Purposes & Legal Bases)

3.1 Provide and Operate the Services (Contract / Legitimate Interests)

Create and manage your account; authenticate you; provide tier‑based access (Lite/Pro/Legacy); deliver features (overview widgets, Discord Feed, reviews, polls, portfolios, deals); administer early‑access windows; and maintain security and service quality.

3.2 Payments, Billing & Plan Changes (Contract / Legal Obligation / Legitimate Interests)

Process payments (card, PayPal, eligible crypto); handle renewals, upgrades/downgrades, prorations, and credits; maintain invoices and accounting records; detect and prevent fraud/abuse.

3.3 Communications & Support (Contract / Legitimate Interests)

Send transactional emails (receipts, confirmations, service announcements), respond to support requests, and notify you about important changes (e.g., terms, pricing, features).

3.4 Personalization & Product Improvement (Legitimate Interests / Consent where required)

Understand how features are used; improve UI/UX; run A/B tests; recommend content; maintain service reliability and performance.

3.5 Marketing (Consent / Legitimate Interests)

With your consent (or as otherwise permitted), send newsletters, product updates, offers, and surveys. You can opt out at any time (see Section 9).

3.6 Compliance & Protection (Legal Obligation / Legitimate Interests)

Comply with applicable laws, tax and accounting requirements; enforce our Terms; prevent security incidents and misuse; and protect our users and platform.

We do not engage in automated decision‑making that produces legal or similarly significant effects about you.

4. Cookies and Similar Technologies

We use cookies, SDKs, and similar technologies to run the Services, keep you signed in, remember preferences, measure performance, and understand usage. For details (including categories, retention, and controls), see our Cookie Policy and any cookie preference tools provided in the interface. You can manage cookies in your browser settings; disabling cookies may impact functionality.

5. How We Share Information

5.1 Service Providers (Processors)

We share information with vendors who help us operate the Services (e.g., hosting, security, analytics, customer support, email delivery, payment processing, fraud detection, role/entitlement management). These providers may only process your data on our instructions and must protect it.

5.2 Payments

• Stripe/PayPal: for card/PayPal transactions and recurring billing.
• Crypto payments: we verify transactions using blockchain explorers and may work with crypto payment facilitators. On‑chain data is public.

5.3 Community Integrations

If you connect Discord for Club access, we exchange limited identifiers and role information to validate your entitlements. Content you post on Discord is governed by Discord's terms and privacy policy.

5.4 Deals & Partner Offers

If you choose to interact with a third‑party deal/offer, you do so directly with that partner. We may share minimal data needed to validate eligibility (e.g., membership status) if required to fulfill the offer.

5.5 Corporate Transactions & Legal

We may disclose information in connection with a merger, acquisition, financing, or sale of assets. We may also disclose information to comply with law, lawful requests, court orders, or to protect rights, users, and the platform.

6. International Data Transfers

The Services are hosted in the United Arab Emirates and may involve processing in other countries. If you are in the EEA/UK, we rely on appropriate safeguards (e.g., Standard Contractual Clauses or UK equivalents) for transfers to processors located outside your region. You may contact us for more information on these safeguards.

7. Data Security

We use appropriate technical and organisational measures designed to protect personal data (e.g., encryption in transit, access controls, network protections, secure development practices, employee confidentiality). No system is 100% secure; you are responsible for safeguarding your account credentials.

8. User Content, Discord Feed, and Polls

• Discord & CBC Detectives: Posts shown in the Club's Discord Feed are member‑generated content and may display usernames/avatars. Coin Bureau does not control what members choose to publish on Discord. Consider your own privacy when posting on third‑party platforms.
• Polls: We record your participation and votes to operate the feature and prevent abuse. We typically present poll outcomes in aggregate.
• Your submissions to us: If you send questions, feedback, or other content, we may use it to operate and improve the Services (see the Terms & Conditions for details).

9. Your Choices & Rights

9.1 Email and Marketing

• Transactional emails (e.g., receipts, service notices) are necessary for the Services.
• Marketing emails are optional. You may opt out via unsubscribe links or by contacting [email protected]. Opting out won't affect your transactional emails.

9.2 Cookies

Use the cookie preference tools and/or your browser settings to manage cookies. Some cookies are essential for the Services to function.

9.3 Access, Correction, Deletion, and Portability

Depending on your location, you may have rights to request:

• Access to the personal data we hold about you;
• Correction of inaccurate or incomplete data;
• Deletion of your data (subject to legal/contractual retention);
• Portability of certain data in a structured, commonly used, machine‑readable format;
• Restriction or objection to certain processing;
• Withdrawal of consent where processing is based on consent.

To exercise rights, use the Settings area or contact [email protected]. We may verify your identity before responding. We aim to respond within the timeframes required by applicable law.

9.4 California (CPRA) Notice

California residents may have rights to know/access, delete, correct, opt out of sale/sharing, limit use of sensitive personal information, and non‑discrimination. We do not sell personal information and do not share personal information for cross‑context behavioral advertising. We do not use or disclose sensitive personal information for purposes beyond those permitted by law (e.g., to provide the Services, detect security incidents, or prevent fraud).

9.5 EU/UK Supervisory Authority

If you are in the EEA/UK, you also have the right to lodge a complaint with your local data protection authority. We encourage you to contact us first so we can address your concerns.

10. Data Retention

We retain personal data for as long as necessary to:

• Provide the Services and manage your account;
• Comply with legal, tax, and accounting obligations (often 6–10 years for transaction records, depending on jurisdiction);
• Resolve disputes and enforce agreements;
• Maintain security and prevent abuse.

We may retain aggregated or de‑identified data that does not identify you.

Blockchain records: Crypto transaction data recorded on public blockchains cannot be altered or erased by us.

11. Third‑Party Links and Social Media

Our Services may link to or embed content from third‑party platforms (e.g., Discord, YouTube, Instagram, Telegram). Your interactions with those platforms are governed by their terms and privacy policies. We are not responsible for their practices.

12. Do‑Not‑Track

Some browsers offer "Do‑Not‑Track" (DNT) signals. Because there is no common industry standard, the Services may not respond to DNT at this time. You can manage tracking through our cookie tools and your browser settings.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you (e.g., by email, in‑product notice, or posting an update with a new effective date). Your continued use of the Services after the effective date means you accept the updated Policy.