Privacy Policy

1. Introduction

AlgoZilla (“we,” “us,” or “our”) operates the website algozilla.io and provides cryptocurrency trading signal services. We are based in the Netherlands and operate under the General Data Protection Regulation (GDPR) and applicable Dutch and EU data protection laws.

This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and what rights you have. By using our website or services you acknowledge this policy.

2. Data Controller

The data controller responsible for your personal data is AlgoZilla, based in the Netherlands. For all privacy-related inquiries, contact our Data Protection Officer at privacy@algozilla.io.

3. Data We Collect

3.1 Data you provide

• Account information: name, email address, and password when you create an account.
• Payment information: billing address and payment details, processed securely by our payment processor (Stripe). We do not store full credit card numbers on our servers.
• Communications: messages, feedback, or support requests you send us via email or contact forms.
• Telegram username: if you connect your account to our Telegram signal channels.

3.2 Data collected automatically

• Usage analytics: pages visited, features used, session duration, and interaction patterns.
• Device information: browser type, operating system, screen resolution, and device type.
• Log data: IP address, access times, referring URLs, and API request logs.
• Cookies and similar technologies: see Section 7 below.

4. How We Use Your Data

We process your personal data for the following purposes, each with a legal basis under GDPR:

• Service delivery (contract performance) — to provide trading signals, API access, dashboard features, and account management.
• Billing and payments (contract performance) — to process subscriptions, generate invoices, and handle refunds via our payment processor.
• Service improvement (legitimate interest) — to analyze anonymized usage patterns, improve signal quality, and enhance user experience.
• Communication (legitimate interest / consent) — to send service updates and security alerts. Marketing communications are sent only with your explicit consent.
• Security (legitimate interest) — to detect and prevent fraud, abuse, and unauthorized access to our systems.
• Legal compliance (legal obligation) — to comply with applicable tax, accounting, and regulatory requirements.

5. Third Parties

We share personal data with the following categories of third-party processors, all bound by GDPR-compliant data processing agreements:

• Stripe (payment processor) — processes subscription payments and manages billing. Payment card data is handled directly by Stripe and never stored on our servers.
• Telegram (signal delivery) — we deliver trading signals through Telegram channels and bots. Your Telegram username is used solely for signal delivery.
• Google Analytics (analytics) — collects anonymized usage data to help us understand how visitors use our website. IP anonymization is enabled.
• Hosting provider (infrastructure) — hosts our website and backend services within the EU (Hetzner, Germany).
• Email service provider — sends transactional emails such as account confirmations, password resets, and signal notifications.

We do not sell your personal data. We do not share your data with third parties for their own marketing purposes.

6. Data Retention

We retain your personal data only as long as necessary for the purposes described above:

• Account data: retained while your account is active, plus 12 months after deletion to handle any outstanding issues.
• Payment and billing data: retained for 7 years to comply with Dutch tax and accounting obligations.
• Usage analytics: retained in anonymized form for up to 26 months.
• API and server logs: retained for 90 days for security and debugging purposes.
• Support communications: retained for 24 months after the last interaction.

After the retention period, personal data is securely deleted or irreversibly anonymized.

7. Cookies

We use cookies and similar technologies on our website:

• Essential cookies — required for basic website functionality such as login sessions and security tokens. These cannot be disabled.
• Analytics cookies (Google Analytics) — help us understand how visitors interact with our site. These are placed only with your consent.
• Preference cookies — remember your settings such as language and display preferences.

You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling analytics cookies does not affect the functionality of our service.

8. International Transfers

Your data is primarily processed within the European Economic Area (EEA). Where data is transferred outside the EEA (for example, to Telegram servers), we ensure adequate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission or transfers to countries with an adequacy decision.

9. Your Rights under GDPR

As a data subject in the EU, you have the following rights:

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — request correction of inaccurate or incomplete data.
• Right to erasure — request deletion of your personal data (“right to be forgotten”), subject to legal retention requirements.
• Right to data portability — receive your data in a structured, commonly used, machine-readable format (JSON or CSV).
• Right to object — object to processing based on legitimate interest, including profiling.
• Right to restrict processing — request that we limit how we use your data while a dispute is resolved.
• Right to withdraw consent — withdraw consent at any time for processing based on consent (e.g., marketing emails), without affecting the lawfulness of prior processing.

To exercise any of these rights, email privacy@algozilla.io. We will respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.

10. Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

• All data in transit is encrypted using TLS (HTTPS).
• Sensitive data at rest is encrypted on our servers.
• Access to personal data is restricted to authorized personnel only.
• We conduct regular security assessments and follow secure development practices.
• Payment data is handled exclusively by our PCI DSS-compliant payment processor (Stripe).

11. Children’s Privacy

Our service is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a minor, we will promptly delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email and/or a prominent notice on our website at least 30 days before they take effect. The “Last updated” date at the top of this page reflects the most recent revision.

13. Contact

For general inquiries: info@algozilla.io

For privacy and data protection inquiries: privacy@algozilla.io