Privacy Policy

1. Introduction

CRS Bot ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our website and purchase our trading bot products.

2. Data We Collect

We collect and process the following information:

Account Information: Name, email address, and password (encrypted)
Purchase Information: Order history, products purchased, and license keys
Payment Information: Processed securely by Stripe (we do not store card details)

3. How We Use Your Data

We use your personal data for the following purposes:

Process and fulfill your orders
Generate and deliver license keys
Send purchase confirmations and product updates
Provide customer support
Detect and prevent fraud
Comply with legal obligations

4. Legal Basis (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data based on:

Contract Performance: To fulfill our obligations when you purchase our products
Legitimate Interests: To improve our services and prevent fraud
Legal Compliance: To comply with tax and financial regulations
Consent: For marketing communications (you can opt-out anytime)

5. Data Sharing

We share your data with the following third parties:

Stripe: For payment processing (see Stripe's privacy policy)
Resend: For sending transactional emails
License API: For generating and validating license keys

We do not sell or rent your personal data to third parties for marketing purposes.

6. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

Account Data: Until you request deletion or your account is inactive for 3 years
Order Data: 7 years for tax and accounting purposes
License Keys: For the duration of the license validity

7. Your Rights (GDPR)

Under GDPR, you have the following rights:

Right to Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate data
Right to Erasure: Request deletion of your data ("right to be forgotten")
Right to Restriction: Limit how we process your data
Right to Data Portability: Receive your data in a portable format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent for marketing communications

To exercise your rights, contact us using the information below.

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

HTTPS encryption for all data transmission
Bcrypt password hashing
Secure database access controls
Regular security audits
Rate limiting to prevent abuse

9. Cookies

We use essential cookies to provide our services:

Authentication Cookies: To keep you logged in
Security Cookies: To protect against fraud

We do not use tracking or advertising cookies.

10. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

13. Contact Us

If you have questions about this privacy policy or wish to exercise your rights, contact us at:

Email: [email protected]

Data Protection Officer: [email protected]

14. Supervisory Authority

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with your local data protection supervisory authority.