Privacy Policy
Introduction
CryptoBeast ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website cryptobeast.ai.
Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.
Mobile Application
In addition to our website, we offer a mobile application (CryptoBeast) for iOS and iPad devices. This privacy policy applies to both our website and mobile application.
Mobile App Data Collection
The mobile app collects and stores the following data:
- Device Information: Device type, operating system version, and device identifiers (for analytics only, not for tracking)
- Crash Data: Diagnostic information when the app encounters errors
- IP Address: Anonymized IP address for API functionality
- Local Storage: User preferences, bookmarks, reading history, watchlist, and language settings (stored locally on your device only and never transmitted to our servers)
Data NOT Collected by Mobile App
The mobile app does NOT collect:
- Email addresses, names, or other personal identification
- Location data (GPS coordinates)
- Camera, photo library, or microphone access
- Contacts or calendar information
- Biometric data (Face ID, Touch ID)
- Payment or financial information
Third-Party Services (Mobile App)
The mobile app connects to the following third-party services:
- CryptoBeast API: Fetches cryptocurrency news, sentiment analysis, and AI-powered trading signals
- Binance WebSocket: Receives real-time cryptocurrency price data (no personal data is sent to Binance)
The mobile app is designed with privacy in mind - most user data (preferences, bookmarks, history) is stored locally on your device and never leaves your device unless explicitly required for app functionality (such as fetching news or prices).
Information We Collect
We collect information in the following ways:
Automatically Collected Information
- Browser type and version
- Operating system
- Referring website
- Pages visited and time spent
- IP address (anonymized)
- Device information
Local Storage Data
We use browser local storage to save your preferences such as theme settings, watchlist selections, bookmarked articles, and language preferences. This data never leaves your device and is not transmitted to our servers.
Cookies and Tracking
We use cookies and similar tracking technologies to track activity on our website and hold certain information. Cookies are files with a small amount of data that may include an anonymous unique identifier.
Types of Cookies We Use
- Essential Cookies: Required for basic site functionality
- Analytics Cookies: Help us understand how visitors interact with our website
- Preference Cookies: Remember your settings and preferences
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our site.
Analytics Services
We may use third-party analytics services (such as Google Analytics, Vercel Analytics, or similar) to help analyze how users use the site. These services collect information such as how often users visit the site, what pages they visit, and what other sites they used prior to coming to our site.
We use this information to improve our website and user experience. The analytics providers may use cookies and other tracking technologies to collect this information. We do not combine the information collected through analytics with personally identifiable information.
How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain our website
- Improve, personalize, and expand our website
- Understand and analyze how you use our website
- Develop new products, services, features, and functionality
- Monitor and analyze usage and trends
- Detect and prevent fraud and abuse
Information Sharing
We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. This does not include trusted third parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential.
We may share aggregated, non-personally identifiable information publicly and with our partners. For example, we may share information about general website usage trends.
Third-Party Links
Our website contains links to third-party websites (news sources, exchanges, etc.). We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policy of every website you visit.
Data Security
We implement appropriate technical and organizational security measures to protect your information. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
Specific safeguards in production include:
- Transport encryption (HTTPS/TLS 1.3) for all traffic between your browser and our servers
- Encryption at rest for any stored analytics data on our primary infrastructure
- Principle of least privilege for internal access to systems holding any user data
- Regular dependency security scanning and automated patching on production hosts
- Rate limiting and request validation on all public API endpoints to mitigate abuse
- Audit logs for administrative operations retained for a rolling 90-day window
Data Retention
We retain the minimum data necessary for the minimum time. Current retention windows:
- Analytics events: aggregated after 26 months, then deleted at raw level
- Server access logs: 30 days
- Security / abuse logs: 90 days, longer if an active investigation requires it
- Crash and error reports: 180 days
- Local preferences (theme, watchlist, bookmarks): stored only on your device; never uploaded, never retained server-side
- Email correspondence with support: up to 24 months for quality assurance
Legal Basis for Processing (GDPR)
For visitors in the European Economic Area (EEA) and the United Kingdom, we process personal data under the following legal bases in Article 6 of the GDPR:
- Legitimate interests (Art. 6(1)(f)): operating, securing, and improving the website; preventing fraud and abuse
- Consent (Art. 6(1)(a)): analytics and marketing cookies, where you actively opt in via the cookie banner
- Contractual necessity (Art. 6(1)(b)): where processing is strictly required to deliver a feature you have requested (e.g., responding to a support email)
- Legal obligation (Art. 6(1)(c)): retention of records where required by applicable law
International Data Transfers
CryptoBeast's primary infrastructure is hosted in the European Union. Some subprocessors (analytics providers, CDN edge locations) may process data outside the EEA, including in the United States. Where transfers occur, they rely on one or more of the following safeguards:
- EU Standard Contractual Clauses (SCCs) for transfers outside adequate jurisdictions
- UK International Data Transfer Addendum (IDTA) for UK-origin personal data
- EU–US Data Privacy Framework certification where the recipient is participating
- Additional supplementary measures (encryption in transit and at rest, access controls) to protect data end-to-end
Subprocessors
We rely on the following categories of third-party services to deliver the platform. Each has its own privacy policy and is bound by a data-processing agreement where applicable:
- Cloud hosting: Hetzner Online GmbH (Germany / Finland) for primary compute and storage
- Content delivery: Cloudflare, Inc. for DNS, CDN, and DDoS protection
- Product analytics: Google Analytics 4 and Umami Analytics for aggregated traffic metrics
- Behavioural analytics: FullStory for error reproduction and UX research (optional, gated by consent)
- Market data: Binance and CoinGecko public APIs for prices and market metadata (no personal data sent)
Cookies — What We Set
Below is a non-exhaustive list of the most common cookies a visit to CryptoBeast may set. Expiry and scope may change as we improve the product; this page is the source of truth.
- NEXT_LOCALE — essential — remembers your language choice — expires after 365 days
- cb_theme — essential — dark / light mode preference — 365 days
- cb_consent — essential — stores your cookie-banner choices — 180 days
- _ga, _ga_* — analytics (consent-gated) — Google Analytics client ID and session — 24 months
- umami.* — analytics (consent-gated) — privacy-preserving page metrics — session only
- __cf_bm, cf_clearance — essential — Cloudflare bot management — up to 30 days
Essential cookies do not require consent. Analytics and marketing cookies are loaded only after you opt in via the consent banner. You can revoke consent at any time by clearing site data in your browser.
Breach Notification
In the event of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and the relevant supervisory authority within 72 hours of becoming aware, in line with Article 33 and Article 34 of the GDPR. Notifications are sent by email where contact details exist, and posted publicly on this page when a broader user population may be affected.
Do Not Track
We honour the W3C Do Not Track signal: when DNT is enabled in your browser, our analytics layer treats the visit as opted-out and does not set or read analytics cookies, regardless of the consent banner state. Essential cookies remain active because the site cannot function without them.
Your Rights
Depending on your location, you may have certain rights regarding your personal information:
- Right to access the personal data we hold about you
- Right to request correction of inaccurate data
- Right to request deletion of your data
- Right to opt-out of certain data processing
- Right to data portability
To exercise any of these rights, please contact us at contact@cryptobeast.ai.
GDPR Compliance (EU Users)
If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data.
CCPA Compliance (California Users)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA). You have the right to know what personal information we collect, request deletion of your data, and opt-out of the sale of personal information. We do not sell personal information.
Children's Privacy
Our website is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and you believe your child has provided us with personal information, please contact us.
Changes to This Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.
Last updated: January 2026
Contact Us
If you have any questions about this Privacy Policy, please contact us at:
Email: contact@cryptobeast.ai