Privacy Policy

Introduction

CryptoShark.ai ("we," "us," "our," or "the Platform") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered cryptocurrency analysis platform.

By accessing or using CryptoShark.ai, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy and our Terms and Conditions. If you do not agree with our privacy practices, please do not use our Platform.

Your Privacy Matters

We believe in transparency and giving you control over your personal information. This policy provides detailed information about our data practices and your rights regarding your personal data.

Information We Collect

Account Information

When you create an account with us, we collect:

Basic Account Data: Email address, username, password (encrypted), and profile information
Profile Details: Display name, avatar selection, user preferences, and account settings
Authentication Data: OAuth tokens from third-party providers (Google, GitHub, Discord) when you choose social login
Verification Information: Email verification status and two-factor authentication settings

Trading and Financial Information

To provide our AI-powered analysis services, we may collect:

API Keys: Encrypted Binance API keys (read-only permissions) for portfolio tracking and analysis
Trading Preferences: Risk tolerance, investment goals, trading experience level, and strategy preferences
Portfolio Data: Cryptocurrency holdings, transaction history, and performance metrics (when you connect your exchange)
Watchlist Information: Cryptocurrencies you track and monitor
Analysis History: AI analysis requests, results, and usage patterns

Subscription and Payment Information

For paid subscriptions, we collect:

Billing Information: Payment method details processed securely through Stripe
Subscription Data: Plan type, billing cycle, subscription status, and payment history
Usage Metrics: Daily analysis limits, feature usage, and subscription tier benefits

Technical and Usage Information

We automatically collect certain technical information:

Device Information: Browser type, operating system, device identifiers, and screen resolution
Usage Analytics: Pages visited, features used, time spent on platform, and user interactions
Performance Data: API response times, error logs, and system performance metrics
Location Data: IP address and general geographic location for security and compliance
Session Information: Login times, session duration, and authentication events

Communications and Support

When you contact us, we collect:

Support Requests: Messages, feedback, bug reports, and feature requests
Communication Preferences: Email notification settings and marketing preferences
Community Interactions: Discord and Reddit activity when linked to your account

Data Minimization

We only collect information that is necessary to provide our services, improve user experience, and comply with legal obligations. You can control much of the information we collect through your account settings.

How We Use Your Information

Service Provision and Enhancement

We use your information to:

Provide AI Analysis: Generate personalized cryptocurrency insights, trading signals, and market analysis
Portfolio Management: Track your investments, calculate performance metrics, and provide portfolio optimization recommendations
Platform Functionality: Enable account access, save preferences, and maintain watchlists
Feature Development: Improve our AI models, develop new features, and enhance user experience
Personalization: Customize content, recommendations, and interface based on your preferences and usage patterns

Account Management and Security

We process your data to:

Authentication: Verify your identity, manage login sessions, and enable secure access
Security Monitoring: Detect suspicious activity, prevent fraud, and protect against unauthorized access
Account Recovery: Assist with password resets and account recovery processes
Compliance: Meet regulatory requirements and maintain audit trails

Communication and Support

Your information helps us:

Customer Support: Respond to inquiries, resolve issues, and provide technical assistance
Service Updates: Notify you about important changes, new features, and security updates
Educational Content: Provide relevant market insights, tutorials, and educational materials
Community Engagement: Facilitate participation in our Discord and Reddit communities

Business Operations

We use data for:

Analytics and Insights: Understand user behavior, measure platform performance, and identify improvement opportunities
Subscription Management: Process payments, manage billing cycles, and handle subscription changes
Legal Compliance: Meet regulatory obligations, respond to legal requests, and maintain records
Risk Management: Monitor for abuse, prevent misuse of services, and maintain platform integrity

Legitimate Interests

We process certain data based on our legitimate interests in providing secure, efficient services and improving our platform. You have the right to object to processing based on legitimate interests.

Information Sharing and Disclosure

We Do Not Sell Your Personal Information

CryptoShark.ai does not sell, rent, or trade your personal information to third parties for their marketing purposes. Your data privacy is fundamental to our service.

Service Providers and Partners

We may share limited information with trusted third-party service providers:

Supabase: Database hosting and user authentication services
Stripe: Payment processing for subscriptions (payment data only)
Google Analytics: Website usage analytics and performance monitoring
Binance API: Cryptocurrency market data and portfolio information (when you connect your account)
Cloud Infrastructure: Hosting and data storage providers with appropriate security measures

Legal Requirements and Protection

We may disclose your information when required by law or to:

Comply with legal obligations, court orders, or regulatory requirements
Protect our rights, property, or safety, or that of our users or others
Investigate fraud, security breaches, or violations of our Terms of Service
Respond to government requests or law enforcement inquiries
Enforce our agreements and policies

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity. We will notify you of any such change and ensure continued protection of your data.

Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot identify you personally for:

Market research and industry analysis
Platform performance metrics and statistics
Academic research and development
Business intelligence and strategic planning

Data Protection Agreements

All third-party service providers are bound by strict data protection agreements and are required to implement appropriate security measures to protect your information.

Data Security and Protection

Security Measures

We implement comprehensive security measures to protect your information:

Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
API Key Security: Binance API keys are encrypted using RSA encryption and stored securely
Access Controls: Role-based access controls and multi-factor authentication for administrative access
Secure Infrastructure: Hosted on secure cloud platforms with regular security audits
Password Protection: Passwords are hashed using industry-standard algorithms
Session Management: Secure session handling with automatic timeout and token refresh

Data Monitoring and Incident Response

Our security practices include:

Continuous Monitoring: 24/7 monitoring for security threats and suspicious activity
Vulnerability Management: Regular security assessments and prompt patching of vulnerabilities
Incident Response: Established procedures for responding to security incidents
Backup and Recovery: Regular data backups and disaster recovery procedures
Audit Trails: Comprehensive logging of access and data modifications

User Security Responsibilities

You can help protect your account by:

Using strong, unique passwords and enabling two-factor authentication
Keeping your API keys secure and using read-only permissions
Regularly reviewing your account activity and settings
Reporting suspicious activity immediately to support@cryptoshark.ai
Keeping your browser and devices updated with security patches

Security Limitations

While we implement robust security measures, no system is completely secure. We cannot guarantee absolute security, but we continuously work to protect your information using industry best practices.

Cookies and Tracking Technologies

Types of Cookies We Use

CryptoShark.ai uses various types of cookies and similar technologies:

Essential Cookies: Required for basic platform functionality, authentication, and security
Performance Cookies: Help us understand how users interact with our platform to improve performance
Functional Cookies: Remember your preferences, settings, and personalization choices
Analytics Cookies: Google Analytics cookies to measure website usage and performance

Local Storage and Session Storage

We use browser storage technologies for:

User Preferences: Theme settings, language preferences, and interface customizations
Session Management: Maintaining login state and authentication tokens
Watchlist Data: Temporarily storing your cryptocurrency watchlist for quick access
Cache Management: Improving performance by storing frequently accessed data
Form Data: Preserving form inputs to enhance user experience

Third-Party Tracking

We use the following third-party tracking services:

Google Analytics (G-V8LRBEJP4G): Website analytics and user behavior tracking
Google Tag Manager: Managing and deploying tracking codes
Supabase Analytics: Database performance and usage monitoring

Managing Cookies and Tracking

You can control cookies and tracking through:

Browser Settings: Most browsers allow you to block or delete cookies
Opt-Out Tools: Google Analytics opt-out browser add-on
Account Settings: Privacy preferences within your CryptoShark.ai account
Do Not Track: We respect browser Do Not Track signals where technically feasible

Cookie Consent

By using our platform, you consent to our use of cookies as described in this policy. Essential cookies cannot be disabled as they are necessary for platform functionality.

Third-Party Services and Integrations

Authentication Providers

We integrate with third-party authentication services to provide convenient login options:

Google OAuth: Google account authentication and profile information
GitHub OAuth: GitHub account authentication and basic profile data
Discord OAuth: Discord account authentication and server integration

Cryptocurrency Exchange Integration

When you choose to connect your exchange accounts:

Binance API: Read-only access to portfolio data, trading history, and account balances
API Key Encryption: All API keys are encrypted using RSA encryption before storage
Limited Permissions: We only request read-only permissions and cannot execute trades
Data Synchronization: Portfolio data is synchronized periodically for analysis purposes

AI and Analytics Services

Our AI-powered analysis relies on:

Market Data Providers: Real-time cryptocurrency prices and market information
News APIs: Cryptocurrency news and sentiment analysis data

Payment and Subscription Services

For subscription management, we use:

Stripe: Secure payment processing, subscription management, and billing
Payment Data: Stripe handles all payment information according to PCI DSS standards
Subscription Tracking: We store subscription status and billing information

Community and Social Features

Our community integrations include:

Reddit API: Community feed integration and social sentiment analysis
Discord Integration: Community server access and user verification
Social Login: Profile information from connected social accounts

Third-Party Privacy Policies

Each third-party service has its own privacy policy. We encourage you to review the privacy policies of any services you choose to connect with your CryptoShark.ai account.

Data Retention and Storage

Retention Periods

We retain your information for different periods based on the type of data and legal requirements:

Account Information: Retained while your account is active and for 30 days after deletion
Transaction History: Retained for 7 years for tax and regulatory compliance
Usage Analytics: Aggregated data retained indefinitely; personal data for 2 years
Support Communications: Retained for 3 years for quality assurance and legal purposes
Security Logs: Retained for 1 year for security monitoring and incident response
Marketing Data: Retained until you opt out or for 3 years of inactivity

Data Storage Locations

Your data is stored in secure facilities:

Primary Storage: Supabase cloud infrastructure with data centers in secure locations
Backup Storage: Encrypted backups stored in geographically distributed locations
Session Data: Temporarily stored in secure server-side sessions
Cache Storage: Temporary data stored in secure cloud cache systems

Data Deletion

When you delete your account or request data deletion:

Immediate Deletion: Account access is immediately revoked
30-Day Grace Period: Account data is retained for 30 days for recovery purposes
Complete Removal: All personal data is permanently deleted after the grace period
Legal Retention: Some data may be retained longer for legal compliance
Anonymized Data: Aggregated, anonymized data may be retained for analytics

Data Portability

Before deletion, you can request a copy of your data through your account settings or by contacting our support team.

Your Privacy Rights

Access and Control

You have the following rights regarding your personal information:

Right to Access: Request a copy of the personal information we hold about you
Right to Rectification: Correct inaccurate or incomplete personal information
Right to Erasure: Request deletion of your personal information (subject to legal requirements)
Right to Portability: Receive your data in a structured, machine-readable format
Right to Restrict Processing: Limit how we process your personal information
Right to Object: Object to processing based on legitimate interests

Account Management

You can manage your privacy settings through:

Account Settings: Update personal information, preferences, and privacy settings
Communication Preferences: Control email notifications and marketing communications
Data Export: Download your account data and analysis history
Account Deletion: Permanently delete your account and associated data
API Key Management: Add, remove, or update connected exchange accounts

Exercising Your Rights

To exercise your privacy rights:

Self-Service: Many rights can be exercised through your account settings
Support Request: Contact support@cryptoshark.ai for assistance
Identity Verification: We may require identity verification for security purposes
Response Time: We will respond to requests within 30 days
No Cost: Exercising your rights is free, except for excessive or repetitive requests

Limitations on Rights

Some rights may be limited by legal requirements, legitimate interests, or technical constraints. We will explain any limitations when responding to your requests.

International Data Transfers

Cross-Border Data Processing

CryptoShark.ai operates globally, and your information may be transferred to and processed in countries other than your country of residence. These transfers are necessary to provide our services and may include:

Cloud Infrastructure: Data stored in secure cloud facilities across multiple regions
Service Providers: Third-party services located in different countries
Business Operations: Support and development teams in various locations

Transfer Safeguards

When transferring data internationally, we ensure appropriate safeguards:

Adequacy Decisions: Transfers to countries with adequate data protection laws
Standard Contractual Clauses: EU-approved contracts for data protection
Certification Programs: Service providers with recognized privacy certifications
Binding Corporate Rules: Internal policies ensuring consistent data protection

Data Localization

Where required by local laws, we implement data localization measures:

Regional Storage: Storing certain data within specific geographic regions
Local Processing: Processing data within required jurisdictions
Compliance Monitoring: Regular audits to ensure compliance with local requirements

Children's Privacy

Age Restrictions

CryptoShark.ai is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18 years of age.

Parental Rights

If we become aware that we have collected personal information from a child under 18:

We will delete the information as soon as possible
We will terminate the associated account
We will notify the parents or guardians if contact information is available
We will implement additional safeguards to prevent future collection

Reporting Underage Use

If you believe a child under 18 has provided personal information to us, please contact us immediately at support@cryptoshark.ai so we can take appropriate action.

Age Verification

By using our services, you represent that you are at least 18 years old and have the legal capacity to enter into agreements.

California Privacy Rights (CCPA)

California Consumer Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: Request information about the categories and specific pieces of personal information we collect
Right to Delete: Request deletion of your personal information (subject to exceptions)
Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

Categories of Information Collected

In the past 12 months, we have collected the following categories of personal information:

Identifiers: Email addresses, usernames, and account identifiers
Commercial Information: Subscription details and payment history
Internet Activity: Usage patterns, preferences, and interaction data
Financial Information: Payment method details (processed by Stripe)
Professional Information: Trading experience and investment preferences

Exercising CCPA Rights

To exercise your CCPA rights:

Email Request: Send a request to support@cryptoshark.ai
Subject Line: Include "CCPA Request" in the subject line
Identity Verification: We will verify your identity before processing requests
Response Time: We will respond within 45 days (extendable by 45 days if necessary)

No Sale of Personal Information

CryptoShark.ai does not sell personal information to third parties and has not sold personal information in the past 12 months.

European Privacy Rights (GDPR)

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on:

Contract Performance: Processing necessary to provide our services
Legitimate Interests: Improving our services, security, and business operations
Consent: Marketing communications and optional features
Legal Obligations: Compliance with applicable laws and regulations

Enhanced Rights Under GDPR

As an EU resident, you have enhanced privacy rights:

Right to Withdraw Consent: Withdraw consent for processing based on consent
Right to Lodge Complaints: File complaints with your local data protection authority
Right to Automated Decision-Making: Object to decisions based solely on automated processing
Data Protection Officer: Contact our DPO for privacy-related matters

Data Protection Authority

You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates the GDPR. You can contact your local data protection authority or the authority in the country where the alleged violation occurred.

Data Transfers Outside the EU

When we transfer your data outside the European Economic Area, we ensure adequate protection through:

Adequacy Decisions: Transfers to countries deemed adequate by the European Commission
Standard Contractual Clauses: EU-approved contractual safeguards
Certification Mechanisms: Privacy certifications and codes of conduct

Changes to This Privacy Policy

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

Advance Notice: Provide at least 30 days' notice of material changes
Email Notification: Send notifications to your registered email address
Platform Notice: Display prominent notices on our platform
Version Control: Maintain previous versions for reference

Acceptance of Changes

Your continued use of CryptoShark.ai after the effective date of any changes constitutes acceptance of the updated Privacy Policy. If you do not agree to the changes, you should discontinue use of our services and may delete your account.

Significant Changes

For significant changes that materially affect your privacy rights, we may:

Require explicit consent for continued use
Provide opt-out mechanisms for new processing activities
Offer data export options before implementing changes
Extend notification periods beyond the standard 30 days

Stay Informed

We recommend reviewing this Privacy Policy periodically to stay informed about how we protect your information. The "Last Updated" date at the top of this policy indicates when it was last revised.

Contact Information for Privacy Matters

Privacy Questions and Requests

If you have questions about this Privacy Policy, want to exercise your privacy rights, or need to report a privacy concern, please contact us:

Email: Contact: support@cryptoshark.ai

Subject Line: Privacy Policy Inquiry

We will respond to your privacy-related inquiries within 30 days during business days.

Types of Privacy Requests

When contacting us about privacy matters, please specify the type of request:

Data Access: Request a copy of your personal information
Data Correction: Update or correct inaccurate information
Data Deletion: Request deletion of your personal information
Data Portability: Receive your data in a portable format
Processing Objection: Object to certain types of data processing
Consent Withdrawal: Withdraw previously given consent
Privacy Complaint: Report privacy concerns or violations

Response Process

When you contact us with a privacy request:

Acknowledgment: We will acknowledge receipt within 5 business days
Identity Verification: We may request additional information to verify your identity
Processing Time: Most requests are processed within 30 days
Status Updates: We will provide updates if additional time is needed
Resolution: We will provide a detailed response explaining our actions

Additional Provisions

Severability

If any provision of this Privacy Policy is found to be unenforceable or invalid, the remaining provisions will remain in full force and effect.

Entire Agreement

This Privacy Policy, together with our Terms and Conditions, constitutes the entire agreement between you and CryptoShark.ai regarding the privacy of your personal information.

Language and Interpretation

This Privacy Policy is written in English. In case of any discrepancy between translated versions and the English version, the English version shall prevail.

Governing Law

This Privacy Policy is governed by the same laws that govern our Terms and Conditions, without regard to conflict of law principles.

Table of Contents