Privacy Policy
Last updated: April 2026
1. Information We Collect
We collect the following categories of information: (a) Account information: your name and email address when you sign up or request the free Safety Kit. (b) Payment information: processed securely through Stripe. We never store your credit card number, CVV, or full card details on our servers. (c) Usage data: sandbox completion scores, module progress, email open and click metrics, and page views. (d) Device information: browser type, operating system, and IP address for security and fraud prevention.
2. How We Use Your Information
We use your information to: provide, operate, and improve the Service; deliver the Safety Kit email sequence and educational content you opted into; process subscription payments via Stripe; send scam alerts, safety updates, and product announcements; analyze aggregate platform usage to improve curriculum and content; prevent fraud and enforce our Terms of Service.
3. Email Communications
When you sign up for the free Safety Kit, you will receive a "Day Zero" onboarding email followed by a sequence of educational emails. Paid members receive weekly scam alerts and module updates. You may unsubscribe from marketing emails at any time using the link in any email. Transactional emails (billing confirmations, password resets) will still be sent as needed.
4. Payment Processing
All payment processing is handled by Stripe, Inc. When you subscribe, your payment details are sent directly to Stripe and are subject to Stripe's Privacy Policy. CryptostoicMedia receives only a confirmation of payment, your subscription status, and the last four digits of your card for display purposes. We never have access to your full card number.
5. What We Never Collect
We never collect, store, or request: cryptocurrency wallet addresses, private keys or seed phrases, bank account or brokerage login details, government identification documents, or social security numbers.
6. Third-Party Services
We use the following third-party services: Stripe for payment processing, Brevo (formerly Sendinblue) for email delivery, and Sentry for anonymized error tracking. Each service operates under its own privacy policy. We do not sell, rent, or share your personal data with any third party for their marketing purposes.
7. Cookies
We use only essential cookies required for authentication and session management. We do not use advertising cookies, tracking pixels from ad networks, or behavioral targeting technologies. We do not participate in any ad exchanges or data broker networks.
8. Data Security
We protect your data using: encrypted connections (HTTPS/TLS) for all data in transit, bcrypt-hashed passwords, secure token-based authentication (JWT), role-based access controls, and regular security reviews of our codebase and infrastructure.
9. Data Retention
We retain your personal data for as long as your account is active. If you delete your account, we will anonymize or delete your personal data within 30 days, except where retention is required by law. Payment and billing records may be retained for up to 7 years for tax and legal compliance. Anonymized usage analytics may be retained indefinitely.
10. Your Rights
You have the right to: access your personal data via your account settings; correct any inaccurate information; request deletion of your account and associated data; export your data in a portable format; unsubscribe from marketing emails at any time; and lodge a complaint with a supervisory authority if applicable.
11. Children's Privacy
The Service is not intended for users under 18 years of age. We do not knowingly collect data from minors. If you believe a minor has provided personal data to us, please contact us and we will promptly delete it.
12. International Users
CryptostoicMedia is based in the United States. If you access the Service from outside the US, your data may be transferred to and processed in the United States. By using the Service, you consent to this transfer.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users of material changes via email at least 14 days before they take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.
14. Contact
For privacy-related questions or data requests, contact us at hello@cryptostoic.com.