Skip to content
HalalCryptoAbout

Privacy

We keep the launch surface minimal and the data footprint small.

This page explains how the HalalCrypto launch surface handles messages, visits, and other light-touch operational data.

Information we collect

When you sign up, we collect your email address, country, name, IP address, browser fingerprint (hashed — not stored in plaintext), and tier preference. For launch, online exchange-key entry is disabled and provisioning is handled only through the authenticated support desk until the encrypted credential vault and live permission validator are active. If you contact us by email or WhatsApp, we receive the information you choose to send. We also see standard server logs and site usage signals.

How we use it

We use your information to operate your subscription, run your bot, send account and billing notifications, and respond to support inquiries. We do not sell personal information and do not use it for advertising.

Sub-processors — third parties that handle your data

We use the following sub-processors to operate the service. Each processes only the data necessary for its function: Supabase (database and authentication hosting — US); Cloudflare (CDN, edge hosting, DDoS protection — US/EU); DodoPayments (card payment processing — EU/US); NowPayments (crypto payment processing — Estonia); Resend (transactional email delivery — US). Data transfers outside the Kingdom of Saudi Arabia rely on standard contractual clauses or equivalent safeguards. Sub-processor list updated: 2026-04-28.

Operator disclosure

Operating status: launch-stage Saudi sole-establishment setup under a Saudi freelance-license filing — application filed 2026-04-19, commercial registration pending issuance. Jurisdiction: Kingdom of Saudi Arabia. Data controller: HalalCrypto's authorized representative within the operating entity. Operator status, domain roles, support hours, and complaint channels are published at /operator and will be updated when a CR number is issued. Operational contact: [email protected]. Last updated: 2026-05-01.

Your rights

You may request access to, correction of, or erasure of your personal data at any time by emailing [email protected]. We will respond within 30 days. Account deletion removes all personal data from our systems; encrypted API key blobs are also deleted — your exchange account itself is unaffected.

PDPL complaint channel

Under Saudi Arabia's Personal Data Protection Law (PDPL), you may file a complaint with the Saudi Data and AI Authority (SDAIA) at https://sdaia.gov.sa/en/PDPL/Pages/PDPLcomplaint.aspx if you believe your personal data has been mishandled by this service.

Your choices

You can contact us directly, request updates to your information, or ask us to stop using your contact details for future launch communication. The operator page lists the current controller status, domain roles, and complaint channel.

[email protected]