Privacy Policy
Last Updated: December 2024
GDPR Compliance: This privacy policy complies with EU GDPR, California CCPA, and other international data protection laws. EU residents have specific rights outlined below.
1. Introduction
BRAINMOON ("we," "our," "us") is committed to protecting your privacy. This policy explains how we collect, use, and protect your information when you use our AI-powered SPOT cryptocurrency trading platform.
Data Controller: BRAINMOON AI Trading Systems
Contact: privacy@brainmoon.app
2. Information We Collect
Personal Information You Provide
- Account Information: Username, email, password (encrypted)
- Investment Plan: Selected tier (Builder, Accumulator, or Player)
- Communication Data: Support requests and feedback
Automatically Collected Information
- Usage Data: Login times, IP addresses, device info, browser type
- Trading Activity: Trade history, portfolio performance
- Cookies: Session and preference cookies
Binance API Keys
- API keys are encrypted with AES-256
- We only request trading permissions (never withdrawal)
- Keys are never shared with third parties
- You can delete them anytime
3. How We Use Your Information
Legal Bases (GDPR)
- Contract Performance: Provide the SPOT trading service
- Legitimate Interest: Platform security, fraud prevention
- Legal Obligation: Tax compliance requirements
- Consent: Marketing communications (opt-out available)
Specific Uses
- Execute SPOT trades via your Binance account
- Send trade notifications and performance updates
- Provide customer support
- Detect and prevent fraud
- Improve platform performance
4. Data Sharing
We do NOT sell your personal data. We only share with:
- Binance: Trade execution via your API keys
- Email Provider: Transactional notifications
- Hosting Provider: Secure cloud infrastructure
International Transfers: For EU users, data transfers use Standard Contractual Clauses (SCCs) approved by the European Commission.
5. Your Privacy Rights
GDPR Rights (EU Residents)
- Access: Request a copy of your data
- Rectification: Correct inaccurate data
- Erasure: Delete your account and data
- Portability: Download your data (CSV/JSON)
- Object: Object to certain processing
- Withdraw Consent: Unsubscribe anytime
How to Exercise Rights
- Profile Settings: Change password, download data, delete account
- Email: privacy@brainmoon.app (response within 30 days)
6. Data Security
- Encryption: AES-256 for data at rest, TLS 1.3 in transit
- Passwords: Bcrypt hashing (salted, one-way)
- API Keys: Encrypted storage, never logged
- Sessions: HTTPOnly cookies with SameSite protection
- Brute Force: 5 failed attempts = 15-minute IP block
Security Notice: No internet transmission is 100% secure. Use strong, unique passwords for your account.
7. Data Retention
- Active Accounts: Data stored while account is active
- Trade History: Retained for account lifetime
- Deleted Accounts: Data erased within 30 days
- Legal Requirements: Some data retained 7 years for tax compliance
8. Cookies
- Essential: Session management, security (required)
- Preferences: Dashboard layout, settings (optional)
- Analytics: Anonymized usage data (optional)
Manage cookies in browser settings. Disabling essential cookies affects functionality.
9. Age Requirement
BRAINMOON is for users 18+ only. We don't knowingly collect data from minors. Contact privacy@brainmoon.app if you believe a minor has registered.
10. Policy Changes
We may update this policy. Material changes will be communicated via email and dashboard notification. Continued use indicates acceptance.
11. Contact Us
Privacy Team: privacy@brainmoon.app
General Support: support@brainmoon.app
Response Time: Within 30 days (GDPR requirement)
EU users may lodge complaints with local data protection authorities.
12. Our Commitment
- We will NEVER sell your personal data
- We notify of data breaches within 72 hours
- You can download or delete your data anytime
- Your funds remain in YOUR Binance account