Privacy Policy
This Privacy Policy explains how the operator of Phivote ("Phivote", "we", "us") collects, uses, discloses, and protects information when you use our website, application, and Telegram bot (the "Service"). By using the Service you agree to this Policy. If you do not agree, do not use the Service.
In short: we collect the minimum needed to run your account and deliver alerts. We do not sell your personal information. We never receive your exchange API keys, your wallet private keys, or custody of your funds, and we do not store payment-card data.
1. Information we collect
Account and identity. When you sign in we receive a basic profile from your chosen provider - for example, your email address and, where applicable, your name, profile photo, and a provider user ID (Google or GitHub), or your Telegram user ID, username, and name. If you sign in by email, we store the email you provide.
Subscription and billing records. When you purchase a plan we record the plan, the amount, the payment method (USDT), a transaction reference, and timestamps. Payment is settled on a public blockchain; we verify it on-chain. We do not collect or store credit-card or bank details.
Usage and preferences. We store your scanner preferences (such as exchange, timeframe, and filters), your alert subscriptions (including the Telegram chat the alerts are linked to), and activity needed to provide the Service.
Technical data. Like most online services, our infrastructure provider automatically logs technical information such as IP address, device and browser type, and request metadata, for security, abuse prevention, and reliability.
Local storage. We use your browser's local storage to keep you signed in, remember preferences, and store your entitlement (license) token on your device.
2. How we use information
We use information to: (a) provide, operate, and maintain the Service and your account; (b) authenticate you and keep the Service secure; (c) deliver the alerts and notifications you request; (d) process and verify payments and manage subscriptions; (e) provide support and communicate with you about the Service; (f) detect, prevent, and address fraud, abuse, and technical issues; (g) improve and develop the Service; and (h) comply with legal obligations and enforce our terms.
3. Legal bases (where applicable)
Where data-protection laws such as the GDPR apply, we process personal data on the bases of: performance of our contract with you (providing the Service); our legitimate interests (security, abuse prevention, and improving the Service); your consent (which you may withdraw); and compliance with legal obligations.
4. Cookies and similar technologies
We rely primarily on browser local storage rather than tracking cookies, and we do not use third-party advertising or cross-site ad-tracking. Our infrastructure may set strictly necessary cookies for security and load management. You can clear local storage and cookies in your browser at any time; doing so will sign you out and reset preferences.
5. How we share information
We do not sell your personal information. We share information only as needed to run the Service, with service providers ("sub-processors") that act on our behalf, and where required by law:
- Cloudflare - hosting, content delivery, edge storage (KV/D1), and security/logging.
- Telegram - to deliver the alerts and bot interactions you request.
- Sign-in providers (Google, GitHub) - to authenticate you when you choose social sign-in.
- On-chain data providers - to verify your cryptocurrency payment on the public blockchain.
- Cryptocurrency exchanges - we fetch public market data; we do not share your personal data with them.
We may also disclose information to comply with applicable law, regulation, legal process, or governmental request; to enforce our terms; or to protect the rights, property, or safety of Phivote, our users, or the public. If we are involved in a merger, acquisition, or asset sale, information may be transferred subject to this Policy.
6. Data retention
We retain personal information for as long as your account is active or as needed to provide the Service, and thereafter only as necessary to comply with legal obligations, resolve disputes, prevent abuse, and enforce our agreements. You may request deletion of your account, after which we will delete or anonymise your personal data except where retention is legally required.
7. Security
We use technical and organisational measures designed to protect information, including encryption in transit and signed (HMAC) license and session tokens. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your devices and credentials secure.
8. International transfers
The Service operates on globally distributed infrastructure, and your information may be processed in countries other than your own, which may have different data-protection laws. Where required, we take steps to ensure appropriate safeguards for such transfers.
9. Your rights
Depending on your jurisdiction, you may have rights to access, correct, update, port, restrict, or delete your personal data, to object to certain processing, and to withdraw consent. Subject to the General tier and your account, you can update preferences, downgrade, or remove your account from within the Service. To exercise any right, contact us at the address below; we may need to verify your identity. You also have the right to complain to your local data-protection authority. We honour applicable "Do Not Sell or Share" requests; we do not sell personal information.
10. Children
The Service is not intended for, and may not be used by, anyone under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.
11. Third-party links
The Service links to third-party websites and services that we do not control. This Policy does not apply to them, and we are not responsible for their privacy practices. Review their policies before using them.
12. Changes to this Policy
We may update this Policy from time to time. We will post the updated version with a new "Last updated" date, and material changes take effect when posted. Your continued use of the Service after changes constitutes acceptance.
13. Contact
For privacy questions or to exercise your rights, contact privacy@phivote.com or our Telegram bot, @PhivoteBot.