Privacy Policy

TheCoinLab.io is operated by TheCoinLab B.V., registered in the Netherlands. For privacy-related questions, contact us at privacy@thecoinlab.io.

Account data: Email address, name and authentication tokens when you register via email or Google OAuth.

Wallet data: Public wallet addresses you connect to the Platform. We never collect or store private keys.

Token data: Token names, symbols, supply configurations and deployment parameters you enter.

Payment data: Stripe processes payments on our behalf. We store only the last 4 digits of card numbers and payment status — never full card details. On-chain payments are recorded by their public transaction signature.

Usage data: Page views, feature usage and interaction data collected via Google Analytics 4 (anonymised IP).

Technical data: Browser type, operating system, IP address (anonymised) and cookies necessary for session management.

• Providing, maintaining and improving the Platform;
• Processing your payments and deploying tokens on your behalf;
• Sending transactional emails (order confirmations, magic links, deployment notifications);
• Complying with legal obligations including anti-money laundering regulations;
• Analysing aggregate usage to improve the user experience;
• Preventing fraud and abuse of the Platform.

• Contract performance — processing necessary to provide the services you have requested;
• Legitimate interests — analytics, fraud prevention and security;
• Legal obligation — compliance with applicable laws;
• Consent — marketing communications (you can withdraw at any time).

We do not sell your personal data. We share data only with:

• Stripe — payment processing;
• Supabase / Neon — database hosting (EU region);
• Google Analytics — anonymised usage analytics;
• Alchemy / Helius — blockchain RPC providers (receive only public transaction data);
• Law enforcement or regulatory authorities when legally required.

We use the following cookies:

• Strictly necessary: Session cookies for authentication (NextAuth.js);
• Analytics: Google Analytics 4 cookies (_ga, _gid) with anonymised IPs;
• Preference: Colour theme overrides stored in localStorage.

You can disable analytics cookies in your browser settings or via the Google Analytics opt-out browser add-on.

We retain account data for as long as your account is active plus 2 years. Payment records are retained for 7 years as required by Dutch tax law. Usage analytics data is retained for 14 months per Google Analytics defaults. You can request deletion of your data at any time (see Your Rights below).

As a data subject in the EU/EEA, you have the right to:

• Access — request a copy of all personal data we hold about you;
• Rectification — correct inaccurate personal data;
• Erasure — request deletion of your data ("right to be forgotten");
• Portability — receive your data in a machine-readable format;
• Objection — object to processing based on legitimate interests;
• Restriction — request that we limit processing of your data.

Submit requests to privacy@thecoinlab.io. We will respond within 30 days. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Our primary infrastructure is hosted within the EU. Where data is transferred outside the EU (e.g. Google Analytics servers in the US), we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the transfer mechanism.

We may update this Privacy Policy from time to time. We will notify registered users by email of material changes. Continued use of the Platform after the effective date constitutes acceptance of the updated policy.