ZypherBeta

Privacy Policy

Last updated: March 2, 2026

Our Philosophy

Zypher is built on a privacy-first principle. We collect only the absolute minimum data required to operate the service. We do not sell, share, or monetize your personal information.

What We Collect

  • Email address — for account authentication and critical security notifications only.
  • Encrypted password hash — stored using bcrypt with salt rounds. We never store plaintext passwords.
  • Transaction records — minimal records necessary for exchange operations (amounts, addresses, timestamps).

What We Do NOT Collect

  • IP addresses (not logged or stored)
  • Browser fingerprints or device identifiers
  • Browsing history or page analytics
  • Identity documents (no KYC)
  • Location data
  • Third-party tracking cookies

Data Storage

All data is encrypted at rest using AES-256-GCM. Database connections are secured with TLS. We retain transaction data for the minimum period required for operational purposes.

Data Sharing

We do not share your data with third parties for marketing or analytics. Data may only be disclosed if required by a valid legal order in our operating jurisdiction, and we will contest overbroad requests.

Your Rights

You may request deletion of your account and associated data at any time through Settings. Upon deletion, all personal data is permanently removed within 30 days.

Cookies

We use only essential cookies for session management (JWT tokens). No tracking cookies, no analytics cookies, no third-party cookies.