Privacy Policy

Privacy Policy

What data we collect, how we use it, your rights under GDPR and other regulations, and our third-party service providers.

Last updated: March 2026

Bitcoin.diy takes your privacy seriously. This policy explains what data we collect, why we collect it, how we protect it, and what rights you have. We have tried to keep this as clear and readable as possible.

1. Data We Collect

Account Information

When you create a Learn-to-Earn account, we collect:

  • Email address (for account login and communication)
  • Phone number (for verification and fraud prevention)
  • Hashed password (we never store your password in plain text)

Activity Data

When you use the Learn-to-Earn program, we track:

  • Quiz submissions and scores
  • Module progress and completion history
  • Earnings and withdrawal history
  • Timestamps of all program activity

Security and Fraud Prevention Data

To protect the platform and all users from abuse, we collect:

  • IP addresses (logged during account activity)
  • Device fingerprints (to detect multi-accounting)
  • Browser user agent strings
  • Quiz timing patterns (to detect automated submissions)

Identity Verification (KYC)

For users who reach withdrawal thresholds that require identity verification, we may collect:

  • Full legal name
  • Government-issued ID document (processed by our verification provider)
  • Selfie or liveness check (processed by our verification provider)

Identity documents are processed by our third-party KYC provider and aren't stored directly on Bitcoin.diy servers. See our KYC/AML Policy for more details.

Website Analytics

For the general website (outside the Learn-to-Earn program), we use Plausible Analytics, a privacy-focused analytics tool. Plausible doesn't use cookies, doesn't track individuals, and is fully GDPR compliant. No cookie consent banner is needed.

2. How We Use Your Data

We use collected data for the following purposes:

  • Account management: To create and maintain your account, process login requests, and communicate important account information.
  • Fraud detection and prevention: To identify and prevent abuse such as multi-accounting, bot activity, and quiz answer sharing. This is the primary reason we collect IP addresses and device fingerprints.
  • Service improvement: To understand usage patterns and improve the educational content and platform experience.
  • Legal compliance: To comply with applicable laws and regulations, including anti-money laundering requirements.
  • Security: To detect and respond to security incidents, unauthorized access attempts, and suspicious activity.

3. Data Retention

We retain different types of data for different periods:

  • Account data: Retained as long as your account is active. After account deletion, most data is removed within 30 days.
  • Security logs: IP addresses, device fingerprints, and audit logs are retained for up to 1 year for fraud investigation purposes.
  • Transaction records: Earning and withdrawal records are retained for up to 5 years for financial compliance purposes.
  • KYC data: Identity verification records are retained according to our KYC provider's retention policy and applicable regulations.

4. Your Rights (GDPR and Beyond)

Regardless of where you are located, we believe in strong data rights. If you are in the EU/EEA, these rights are protected under GDPR. We extend similar protections to all users:

  • Right to access: You can request a copy of all personal data we hold about you.
  • Right to rectification: You can request correction of inaccurate personal data.
  • Right to deletion: You can request deletion of your account and personal data, subject to legal retention requirements.
  • Right to data portability: You can request your data in a machine-readable format.
  • Right to restriction: You can request that we limit how we process your data.
  • Right to object: You can object to certain types of data processing.

To exercise any of these rights, contact us at hello@bitcoin.diy. We will respond within 30 days.

5. Third-Party Services

We use the following third-party services that may process your data:

6. We don't Sell Your Data

We don't sell, rent, or trade your personal information to third parties for marketing purposes. We don't share your data with advertisers. Your data is used only for the purposes described in this policy.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Passwords are hashed using bcrypt (never stored in plain text).
  • All data transmission is encrypted via HTTPS/TLS.
  • Database access is restricted and monitored.
  • Fraud detection systems operate in real-time to protect accounts.

While we strive to protect your data, no system is 100% secure. If we discover a data breach that affects your personal information, we will notify you as required by applicable law.

8. Cookies

Bitcoin.diy uses minimal cookies:

  • Session cookie: Required for Learn-to-Earn authentication. This is a functional cookie that expires when you close your browser or after your session ends.
  • No tracking cookies: We don't use third-party tracking cookies. Plausible Analytics doesn't use cookies at all.

9. Children's Privacy

Bitcoin.diy isn't intended for users under the age of 18. We don't knowingly collect personal information from children. If you believe a child has created an account, please contact us and we will promptly delete the account and associated data.

10. Changes to This Policy

We may update this privacy policy as our services evolve or as regulations change. Significant changes will be communicated through the platform and noted with an updated date at the top of this page. Continued use of Bitcoin.diy after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or to exercise your data rights, contact us at hello@bitcoin.diy.

← Back to Legal Hub