CryptoConverter
Sign in

Privacy policy

Last updated: June 3, 2026

This Privacy Policy describes how CryptoConverter ("we", "us", "our") collects, uses, discloses, and safeguards your information when you use cryptoconverter.io (the "Service"). We are the controller of personal data processed through the Service.

1. Data we collect

  • Account data (if you sign up): email address, hashed password or OAuth identifier, display preferences.
  • Product data: watchlist coins, price alerts, portfolio entries you create, app settings.
  • Swap routing data: source/destination asset, amount, destination address, and provider selection — only what is needed to fulfill the swap and shown to the chosen third-party provider.
  • Technical data: IP address, user agent, language, approximate region, and standard server logs (used for security and abuse prevention).
  • Analytics: aggregated, anonymized usage metrics to improve the product.

2. What we do not collect

We do not collect wallet seed phrases, private keys, KYC documents, or any custody-related information. We do not require government identification.

3. Legal bases for processing (GDPR)

We process personal data on the following bases: performance of a contract (operating the Service you request), legitimate interests (security, fraud prevention, product improvement), consent (where required, e.g. optional analytics), and legal obligation (compliance with applicable laws).

4. How we use data

To operate the Service, route swap quotes, send transactional emails (e.g. price alerts you configure, security notifications), prevent abuse, comply with law, and improve the product. We do not sell or rent personal data. We do not send marketing emails.

5. Third parties (sub-processors)

  • CoinGecko — price and market data.
  • ChangeNOW, SimpleSwap, Changelly — non-custodial swap execution. Each receives the swap parameters and your destination address to fulfill the swap under their own terms and privacy policies.
  • Lovable Cloud / Supabase — database, authentication, and hosting infrastructure.
  • Mailgun (via Lovable Emails) — transactional email delivery from our verified sender domain.
Each sub-processor receives only the minimum data needed for its function.

6. International transfers

Some sub-processors may process data outside your country of residence. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) for transfers from the EEA, UK, or Switzerland.

7. Retention

Account and product data are retained for as long as your account exists. Swap routing metadata is retained for up to 24 months for support and fraud-prevention purposes, then deleted or anonymized. Server logs are retained for up to 90 days. You can request earlier deletion at any time (see Section 9).

8. Security

We use industry-standard measures including TLS in transit, encryption at rest, row-level access controls, principle-of-least-privilege secret management, and regular dependency scanning. No system is perfectly secure; you are responsible for safeguarding your account credentials and wallet keys.

9. Your rights

Depending on your jurisdiction, you may have the right to access, correct, delete, port, restrict, or object to the processing of your personal data, and to lodge a complaint with a supervisory authority. You can export or delete your account data from Settings → Account, or contact us at privacy@cryptoconverter.io. We respond within 30 days.

10. Cookies

We use strictly necessary cookies (authentication, security, preferences). We do not use third-party advertising cookies. Any optional analytics will request your consent where required.

11. Children

The Service is not directed to children under 18. We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.

12. Changes to this policy

We may update this policy from time to time. Material changes will be announced in-app or by email where appropriate. The "Last updated" date reflects the latest revision.

13. Contact

Privacy questions or requests: privacy@cryptoconverter.io.

This document is a general template and not legal advice. We recommend a review by qualified privacy counsel for your jurisdiction before relying on it in production.