Privacy Policy

1. General Provisions

1.1. This Privacy Policy describes what data Price Pulse ("we", "us", the "Service") collects, how it is used, stored, and protected when you use our website (pricepulsebot.com), web application (app.pricepulsebot.com), bots, API, and related tools.

1.2. By using Price Pulse, you confirm your agreement with this Policy.

1.3. Price Pulse respects users' right to privacy and processes personal data in accordance with applicable law, including the EU General Data Protection Regulation (GDPR).

1.4. The data controller is Price Pulse, contactable at [email protected].

2. Data We Collect

2.1. Data you provide directly — depending on the features you use, we may collect:

• Email address

• Username

• Password (stored as a salted hash, never in plaintext or reversible form)

• Account settings and preferences

• Exchange API keys (stored encrypted at rest; see Section 3 for the permissions we require)

• Communication you send us (support messages, feedback)

2.2. Technical data collected automatically:

• IP address

• Device and browser type

• Operating system

• Date and time of access

• Interface actions (anonymized for analytics)

• Cookies and similar technologies (see Section 7)

2.3. Payment data — Price Pulse does not store credit card or bank account details. Subscription payments are processed through Binance Pay. We retain payment transaction metadata — transaction ID, amount, status, and timestamp — for billing, accounting, and tax compliance purposes.

3. Exchange API Keys — What We Require and What We Never Touch

Price Pulse requires API keys for Binance and/or Bybit in order to manage your P2P ads on your behalf. We require these permissions only:

• Read access to market data

• Create, update, and pause your own P2P advertisements

We never request, accept, or use withdrawal permissions. When you create an API key, you must explicitly disable withdrawals. This means Price Pulse cannot move funds out of your exchange account under any circumstances.

We do not collect or access: your exchange account password, your private keys, your wallet seed phrases, funds in your spot or futures wallets, KYC documents, or any other asset-custody information.

4. Legal Basis for Processing (GDPR Article 6)

We process your personal data on the following legal bases:

• Contract performance — processing necessary to provide the Service you subscribed to (account management, automation, billing).

• Legitimate interest — service improvement, security monitoring, fraud prevention, and analytics.

• Legal obligation — compliance with accounting, tax, and lawful regulatory requests.

• Consent — for optional features such as marketing emails or non-essential cookies. You may withdraw consent at any time.

5. How We Use Data

Collected data is used solely for:

• Providing and operating the Service

• User authentication and account security

• Saving and applying your automation settings

• Processing payments and managing subscriptions

• Improving service quality and reliability

• Analytics and statistics (in anonymized form where possible)

• Communicating with you (service notifications, support responses, critical alerts)

6. Auto Price and Market Data

Market data used by the Auto Price engine (competitor ads, spot prices, market averages) is sourced from public exchange APIs and is not personal data about you. Your own Auto Price configuration — strategy rules, min/max limits, competitor lists — is stored privately, linked to your account only, and is never shared with third parties or other users.

7. Cookies and Similar Technologies

7.1. We use cookies for:

• Core service operation

• Session management and authentication

• Security and fraud prevention

• Analytics and performance measurement

• Preference storage (language, theme)

7.2. You may restrict or disable cookies in your browser settings. Disabling essential cookies may affect Service functionality.

8. Sharing Data with Third Parties

8.1. We do not sell personal data and do not transfer it to third parties for their own commercial purposes.

8.2. We share data only with the following categories of processors and recipients, under contractual confidentiality and data-protection obligations:

• Infrastructure providers — Hetzner and Contabo (hosting and VPS infrastructure, located in the European Union)

• Payment processors — Binance Pay (payment transactions only)

• Exchange APIs — Binance and Bybit (to execute the automation you configured)

• Communication providers — email delivery and Telegram Bot API (for notifications and alerts you opt into)

• Analytics providers — for anonymized usage analytics

• Government and regulatory authorities — only upon lawful request and only to the extent legally required

8.3. A current list of sub-processors is available on request from [email protected].

9. Data Storage and Security

9.1. Your data is stored on infrastructure located in the European Union (primarily Germany). Our primary PostgreSQL database is hosted in Europe with API keys and other sensitive fields encrypted at rest. Every merchant's automation runs on a dedicated, single-tenant VPS with a fixed IP address — your data and automation never share a server with other users.

9.2. We apply technical and organizational security measures including:

• Encryption of sensitive data at rest and in transit (TLS)

• Password hashing with modern algorithms

• Access controls and authentication for internal systems

• Network isolation between users via dedicated VPS

• System monitoring, logging, and alerting

• Regular security updates to infrastructure and dependencies

9.3. Despite these measures, no system can guarantee absolute security. You are responsible for keeping your account password confidential and for reporting suspicious activity to us promptly.

10. Data Retention

10.1. We retain personal data:

• While your account exists

• For as long as necessary to provide the Service

• For periods required by applicable law (for example, accounting records are typically retained for 5–10 years depending on jurisdiction)

10.2. On account deletion, your personal data is deleted or anonymized within 30 days, except where retention is required by law. Automation settings, API keys, and account credentials are deleted immediately on request.

11. Your Rights Under GDPR

If you are located in the EU or EEA, you have the right to:

• Access — request a copy of the personal data we hold about you

• Rectification — correct inaccurate or incomplete data

• Erasure ("right to be forgotten") — request deletion of your data

• Restriction — request that we limit how we process your data

• Portability — receive your data in a structured, machine-readable format

• Objection — object to processing based on legitimate interest

• Withdraw consent — at any time, where processing is based on consent

• Lodge a complaint — with your local data protection supervisory authority

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

12. International Data Transfers

Your data is primarily stored and processed within the European Union. Where data is transferred outside the EU/EEA (for example, when communicating with exchange APIs operated by entities outside the EU), we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions as required by GDPR.

13. Children's Privacy

Price Pulse is not intended for users under the age of 18. We do not knowingly collect personal data from children. If you believe a minor has provided us with personal data, please contact us so we can delete it.

14. Policy Updates

14.1. We may update this Privacy Policy to reflect changes in our practices, services, or legal requirements.

14.2. For material changes, we will notify affected users by email or through the Service before the changes take effect.

14.3. The effective date at the top of this Policy will always reflect the date of the most recent update. Continued use of the Service after notification constitutes acceptance of the updated Policy, except where applicable law requires explicit consent.

15. Contact

For any privacy-related inquiries, data subject requests, or questions about this Policy:

• Email: [email protected]

• Website: pricepulsebot.com