Skip to content

Privacy Policy

Last updated: March 4, 2026

1. Introduction

CryptoWithAlgo ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cryptocurrency portfolio tracking service.

By using CryptoWithAlgo, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (for email/password registration)
  • Password (encrypted and hashed)
  • Name and profile information (from OAuth providers like Google or GitHub)
  • OAuth provider ID and access tokens (stored securely)

2.2 Portfolio and Trading Data

You manually provide:

  • Cryptocurrency holdings (symbols, quantities, purchase prices, dates)
  • Portfolio names and configurations
  • Watchlist symbols
  • Alert thresholds and preferences
  • Trading journal entries (trades, strategies, notes, sentiment)
  • Backtest configurations and results
  • Research notes and market analysis

Important: We do NOT access your exchange accounts. We do NOT store exchange API keys. All portfolio data is manually entered by you.

2.3 Usage Data

We automatically collect:

  • IP address and browser information
  • Pages visited and features used
  • Session duration and timestamps
  • Device type and operating system
  • Referral sources

2.4 Cookies and Tracking

We use cookies for:

  • Session management (authentication state)

User preferences (theme, chart settings) are stored locally in your browser using localStorage and are never transmitted to our servers.

You can control cookies through your browser settings, but disabling them may affect Service functionality.

3. How We Use Your Information

We use collected information to:

  • Provide and maintain the Service
  • Authenticate your identity and manage your account
  • Calculate portfolio performance and analytics
  • Deliver in-app price alerts and notifications you configured
  • Generate trading signals and backtest results
  • Improve Service features and user experience
  • Detect and prevent security threats or abuse
  • Communicate updates, changes, or important notices
  • Comply with legal obligations

4. Data Storage and Security

4.1 Storage Infrastructure

Your data is stored using:

  • MongoDB: Portfolio data, user accounts, journal entries, alerts
  • Redis: Temporary cache for market data
  • Self-hosted server: Application and database hosting on a dedicated VPS

4.2 Security Measures

We implement security practices including:

  • Password hashing with bcrypt
  • HTTPS/TLS encryption for all data transmission
  • Secure session management with httpOnly cookies
  • Regular security audits and dependency updates
  • Rate limiting to prevent abuse
  • Input validation and sanitization

4.3 Data Retention

We retain your data:

  • Account data: Until you request account deletion
  • Portfolio data: Until you delete it or close your account
  • Session data: 7 days after issuance
  • Analytics data: Aggregated and anonymized indefinitely

5. Data Sharing and Third Parties

5.1 Third-Party Services

We integrate with the following services:

  • Binance API: Market data retrieval (no account access, public data only)
  • Google OAuth: Optional authentication (subject to Google Privacy Policy)
  • GitHub OAuth: Optional authentication (subject to GitHub Privacy Policy)
  • CryptoPanic: Cryptocurrency news data (subject to CryptoPanic Terms of Service)
  • Alternative.me: Fear & Greed Index data (subject to Alternative.me Terms of Service)

5.2 Data We Do NOT Sell or Share

We DO NOT sell, rent, or share your personal information or portfolio data with third parties for marketing purposes.

5.3 Legal Disclosures

We may disclose your information if required to:

  • Comply with legal obligations (court orders, subpoenas)
  • Protect our rights, property, or safety
  • Prevent fraud or illegal activity
  • Respond to emergencies involving personal safety

6. Your Privacy Rights

6.1 Access and Control

You have the right to:

  • Access: View all your personal data through the Service
  • Update: Modify your account information and portfolio data
  • Delete: Remove portfolio holdings and journal entries, or request full account deletion by contacting us
  • Export: Download your data in CSV format
  • Opt-out: Disable alerts and notifications at any time

6.2 GDPR Rights (EU Users)

If you are in the EU, you have additional rights:

  • Right to data portability
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority

6.3 CCPA Rights (California Users)

California residents have the right to:

  • Know what personal information we collect and how it's used
  • Request deletion of personal information
  • Opt-out of the sale of personal information (we do not sell data)
  • Non-discrimination for exercising privacy rights

6.4 Exercising Your Rights

To exercise your privacy rights, contact us at:

Email: [email protected]
To request account deletion, send an email from your registered address.

7. Children's Privacy

CryptoWithAlgo is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will delete it immediately.

If you believe a child has provided us with personal information, please contact us at [email protected].

8. International Data Transfers

Your data may be transferred to and processed in countries other than your own. Our servers are located in Germany. Third-party APIs (Binance, CryptoPanic, Alternative.me) may process requests in other jurisdictions.

By using CryptoWithAlgo, you consent to the transfer of your information to these jurisdictions.

9. Data Breach Notification

In the event of a data breach that compromises your personal information, we will:

  • Notify affected users within 72 hours via email and in-app notification
  • Report to relevant authorities as required by law
  • Take immediate steps to secure systems and prevent further breaches
  • Provide guidance on protective measures you can take

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Changes will be posted on this page with an updated "Last Updated" date.

We will notify you of material changes via prominent notice in the Service, such as a banner notification on login.

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

11. Do Not Track Signals

Some browsers support "Do Not Track" (DNT) signals. Currently, there is no industry standard for responding to DNT signals. CryptoWithAlgo does not respond to DNT browser settings at this time.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Privacy Officer
Email: [email protected]

We will respond to all requests within 30 days.

This Privacy Policy is effective as of March 4, 2026 and applies to all users of CryptoWithAlgo.