Privacy Policy

Last updated: February 27, 2026

legal.disclaimer

1. Introduction

cryptr.ee ("we", "us", "our") operates the cryptr.ee website and service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. We are committed to protecting your privacy and handling your data transparently.

2. Account privacy

cryptr.ee implements a Privacy by Design approach for all accounts:

  • Email hashing: Your email address is never stored in plain text. We store only a one-way SHA-256 hash with a secret pepper. Even in the event of a database breach, your email cannot be recovered from the hash.
  • Access Key: At registration, every user receives a unique 64-character Access Key. This key provides an alternative way to sign in without entering your email. We store only a SHA-256 hash of the key — the original is shown to you once and never stored on our servers.
  • Two login methods: You can sign in via a magic link sent to your email, or by entering your Access Key directly. Both methods are passwordless.

A valid email address is required for registration and magic link authentication. These privacy measures do not exempt users from applicable laws.

3. Data we collect

We collect the following types of information:

  • Account information: A SHA-256 hash of your email address (not the email itself), your username, display name, and profile settings.
  • Wallet addresses: Cryptocurrency wallet addresses you add to your page. These are public blockchain addresses and are displayed publicly on your page.
  • Page view analytics: We track page views, wallet copy events, and explorer link clicks for your dashboard analytics.
  • IP addresses: Collected for security purposes (rate limiting, abuse prevention) and anonymized analytics.

4. Analytics

We use Simple Analytics, a privacy-friendly analytics service that does not use cookies, does not track users across websites, and does not collect personal data. Simple Analytics is GDPR compliant and processes data within the EU. We do not use Google Analytics or any cookie-based tracking tools.

5. Cookies

cryptr.ee does not use cookies for tracking or analytics. We store an authentication token in your browser's local storage to keep you logged in. This is not a cookie and is not shared with any third parties.

6. Payments

Premium subscriptions are processed by Stripe. We do not store your credit card details on our servers. All payment information is handled directly by Stripe in accordance with their privacy policy. We only receive confirmation of payment status from Stripe.

7. Data storage and security

Your data is stored on servers located in the European Union. We use industry-standard security measures including encrypted connections (HTTPS/TLS), secure password hashing, and regular backups. Access to user data is restricted to authorized personnel only.

8. Data sharing

We do not sell, trade, or rent your personal information to third parties. We only share data with third-party services essential to operating cryptr.ee: Stripe for payment processing and Simple Analytics for website analytics. Wallet addresses you add to your page are publicly visible by design -- this is the core function of the service.

9. Your rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate personal data.
  • Deletion: Delete your account and all associated data from your dashboard settings. Account deletion is permanent and removes all your data from our servers.
  • Portability: Request your data in a machine-readable format.
  • Objection: Object to the processing of your personal data.

10. Data privacy architecture

We implement a Privacy by Design architecture in accordance with GDPR Article 25 for all accounts:

  • Email hashing: Your email is stored as a SHA-256 hash with a secret pepper. A database export does not reveal email addresses. We use the hash solely to identify your account when you request a magic link.
  • Access Key hashing: Your Access Key is stored as a SHA-256 hash. The original key is shown only once at registration and is never stored on our servers.
  • No plaintext identifiers: Neither your email address nor your Access Key are stored in recoverable form. If both are lost, account access cannot be restored.

Important: This architecture is designed as a privacy measure, not as a means to circumvent the law. We retain all data required by applicable regulations (email hashes, IP addresses, timestamps) and will comply with lawful requests from competent authorities as described in section 11.

11. Law enforcement and legal compliance

cryptr.ee fully cooperates with law enforcement within the framework of applicable law. We may disclose user data when:

  • Required by a valid court order, subpoena, or other binding legal process.
  • Necessary to prevent imminent harm, fraud, or illegal activity.
  • Required by the laws of the Republic of Estonia or the European Union.

Since we store email addresses only as hashes, we cannot provide plaintext email addresses in response to legal requests — only the hashed values and associated account data (username, wallet addresses, IP logs, timestamps).

12. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the service after changes constitutes acceptance of the updated policy.

13. Contact

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at support@cryptr.ee.