Privacy Policy

This policy covers all data collected through the CryptoFox website — including when you read articles, submit a feedback form, react to content, participate in polls, subscribe to our newsletter, or simply browse the Site.

Data Controller: CryptoFox is the data controller responsible for your personal data collected through this Site. If you have questions about how we handle your data, please contact us using the details in Section 11.

Depending on how you interact with the Site, we may collect the following categories of data:

Automatically collected data (all visitors)

Data point	How collected	Purpose
IP address	Server logs & interaction records	Security / Anti-abuse
User-Agent string	HTTP request header	Analytics / Security
Pages visited, timestamps	Google Analytics	Analytics
Referring URL	Google Analytics	Analytics
Browser & device type	Google Analytics	Analytics
Country / approximate location	Google Analytics (IP-based)	Analytics

Article reactions (when you vote)

When you submit a reaction (thumbs up / thumbs down) on an article, we record the following in our database (cfnews_article_reactions):

Field	Description	Purpose
reaction	"up" or "down" — the type of reaction submitted	Functional
voter_hash	One-way SHA-256 hash of IP + User-Agent + article_id. Cannot be reversed to identify you.	Anti-duplicate vote
ip_address	Stored in binary form via INET6_ATON(). Used only for abuse prevention.	Security
user_agent	Browser identifier string (nullable)	Anti-abuse
created_at	Timestamp of the reaction	Functional

Poll votes (when you participate in a poll)

When you vote in a poll on the Site, we record the following in (cfnews_poll_votes):

Field	Description	Purpose
poll_id	Identifier of the poll you voted in	Functional
option_id	The poll option you selected	Functional
voter_hash	SHA-256 hash to prevent duplicate votes (not personally identifiable)	Anti-duplicate
created_at	Timestamp of the vote	Functional

Contact / feedback form

When you submit the feedback or contact form on the Site, we store the following in our (feedback) table:

Field	Description	Legal basis
name	Your name as provided in the form	Consent
email	Your email address to allow us to respond	Consent
message	The content of your message	Consent
ip_address	For spam prevention and abuse reporting	Legitimate interest
user_agent	For spam prevention (nullable)	Legitimate interest
created_at	Timestamp of submission	Functional

Email newsletter (future feature)

When the newsletter subscription feature launches, we will collect your email address and (optionally) your name, along with the subscription date and your IP address at the time of sign-up for confirmation purposes. Full details are in Section 6.

We use the data we collect for the following purposes:

• Operating the Site: enabling core features such as article reactions and community polls, processing feedback submissions, and ensuring the Site displays correctly on your device.
• Security and abuse prevention: detecting and blocking spam submissions, bot activity, duplicate votes, and other abusive behavior using IP addresses and hashed identifiers.
• Analytics and improvement: understanding how visitors use the Site via aggregated and anonymized Google Analytics data, so we can improve our content and user experience.
• Communication: responding to messages sent through the contact/feedback form using the email address you provide.
• Newsletter delivery (future): sending crypto news updates and editorial content to subscribers who have explicitly opted in.
• Legal compliance: retaining records as required by applicable laws, or cooperating with law enforcement when legally obliged to do so.

We will not use your data for automated decision-making or profiling that produces significant legal or similarly significant effects on you.

CryptoFox uses Google Analytics (provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to collect anonymous usage statistics about visitors to our Site.

Google Analytics places cookies on your device and collects information such as your approximate geographic location, browser type, device category, pages visited, time spent on pages, and traffic source. This data is aggregated and does not directly identify you as an individual.

Data collected by Google Analytics is transmitted to and stored on Google's servers, which may be located in the United States or other countries. Google processes this data in accordance with its own Privacy Policy, available at policies.google.com/privacy.

You can opt out of Google Analytics tracking at any time by installing the Google Analytics Opt-out Browser Add-on, or by adjusting your cookie preferences (see Section 5).

Cookies are small text files placed on your device when you visit a website. CryptoFox uses the following types of cookies:

Most browsers allow you to control cookies through their settings. You may also use browser extensions or opt-out tools to limit specific third-party cookies. Please note that disabling certain cookies may affect the functionality of the Site.

For more information about cookies and how to manage them, visit allaboutcookies.org.

CryptoFox plans to offer an email newsletter service that delivers curated crypto news, market summaries, and editorial content directly to your inbox. This feature is not yet live, but the following terms will apply when it launches:

• Subscription is entirely voluntary. We will never add you to our mailing list without your explicit, affirmative consent (opt-in).
• We will collect your email address and, optionally, your first name for personalisation purposes.
• We will record your subscription date and IP address at sign-up as evidence of your consent, in compliance with applicable law.
• Newsletter emails may be processed by a third-party email delivery service provider. Such providers act as data processors under a Data Processing Agreement and may not use your email address for their own purposes.
• Every newsletter email will contain a clear and easy one-click unsubscribe link. Unsubscribing will result in prompt removal from our mailing list.
• We may track open rates and click-through rates within newsletters for editorial analytics purposes only.

We do not sell, rent, or trade your personal data. We may share data only in the following limited circumstances:

• Google LLC — as described in Section 4, Google receives anonymized analytics data via Google Analytics.
• Hosting and infrastructure providers — our web hosting provider(s) necessarily have access to server logs, which may include IP addresses and request data, solely for the purpose of operating and securing the Site.
• Email service provider (future) — for newsletter delivery, your email address will be shared with our chosen email platform acting solely as a data processor.
• Law enforcement or legal proceedings — we may disclose data if required by law, court order, or to protect our legal rights or the safety of others.
• Business transfers — in the event of a merger, acquisition, or sale of our assets, user data may be transferred as part of that transaction. We will notify you in advance if this occurs.

We retain data only as long as necessary for the purpose it was collected, or as required by law:

Data type	Retention period	Reason
Article reactions	12 months from submission	Prevent vote manipulation; aggregate stats
Poll votes	12 months from submission	Prevent duplicate voting; display results
Feedback / contact messages	24 months from submission	Support correspondence; legal compliance
IP addresses (server logs)	90 days (rolling)	Security monitoring; DDoS mitigation
Google Analytics data	14 months (Google's default retention)	Traffic analysis; editorial planning
Newsletter subscriptions	Until unsubscribe + 30 days	Proof of consent (legal requirement)

When data is no longer required and no legal obligation prevents deletion, we delete or irreversibly anonymize it.

We implement appropriate technical and organizational measures to protect your data against unauthorized access, accidental loss, destruction, or alteration. These include:

• HTTPS encryption on all pages to protect data in transit between your browser and our servers.
• Hashed identifiers — voter IP addresses are processed via SHA-256 one-way hashing, making personal re-identification practically impossible.
• Binary IP storage — IP addresses in interaction tables are stored in compact binary form (INET6_ATON), not as plain-text strings, adding a layer of obfuscation.
• Access controls — database access is restricted to authorized personnel and automated systems only.
• Regular security reviews — we periodically audit our data handling processes and software dependencies.

However, no system is completely secure. While we strive to protect your data, we cannot guarantee its absolute security. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by law.

Depending on your jurisdiction, you may have the following rights regarding your personal data. Under the GDPR, EEA/UK residents have full access to all rights listed below:

To exercise any of these rights, contact us at privacy@cryptofox.news. We will respond within 30 days. We may need to verify your identity before processing certain requests.

Please note that some rights may be limited where we are required by law to retain data or where data has been irreversibly anonymized (in which case it is no longer personal data).

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will update the "Last updated" date at the top of this page. For material changes affecting your rights, we may also notify newsletter subscribers directly by email.

We encourage you to review this page periodically. Your continued use of the Site following any update constitutes your acknowledgment of the revised policy.