BasiCrypto Privacy Policy

Effective Date: September 24, 2025
Last Updated: September 24, 2025

BasiCrypto ("we", "us", "our") provides beginner‑friendly crypto education. This Privacy Policy explains what data is processed when you use our app, why it is processed, how it is shared, and what choices and rights you have. It applies to our mobile apps on Google Play and the Apple App Store, our in‑app experiences, and any website or pages that link to this policy.

Disclaimer (reminder): BasiCrypto provides educational content only. It is not financial, investment, tax, accounting, or legal advice. Do your own research and consult a qualified professional when needed.

1) Who we are

• Controller/Business: James Hammonds (operating as BasiCrypto)
  
  

• Contact: basicrypto.app@gmail.com
  
  

• Address: 5262 Brassie Ave, Westerville, OH 43081
  
  

• EU/UK Representative & DPO (if applicable): Tonia Convertini, In Taeschen 3, 71679 Asperg. Email: basicrypto.app@gmail.com
  
  

2) Quick summary (at a glance)

• No account required. We do not ask you to register or provide a name, username, or email to use core learning features.
  
  

• Ads support free access. We use Google AdMob to show ads. By default we aim to show non‑personalized ads unless you grant consent to use data for ad personalization where required by law (e.g., EEA/UK).
  
  

• What gets processed: Standard device/ads identifiers (e.g., IDFA/AAID), approximate location (derived from IP), app usage (e.g., screen views) and crash/performance logs may be collected by our providers to run the app, measure performance, and serve ads.
  
  

• Your choices: You can manage consent in Settings → Privacy (or the in‑app consent panel). On iOS you can use App Tracking Transparency and reset the IDFA; on Android you can reset the Advertising ID.
  
  

• We don’t sell your data. If “sharing” for cross‑context behavioral advertising applies in your region (e.g., California), we only do so with your consent and you can opt out any time.
  
  

3) What data is processed

We strive to limit data and avoid collecting anything we don’t need. The data below may be processed while you use our app.

A. Data you provide to us

• None required for basic use. You can access lessons and quizzes without creating an account.
  
  

• Support messages (optional): If you contact us, we process what you send so we can respond.
  
  

B. Data processed automatically (via app, SDKs, or similar)

Processed primarily by our service providers for functionality, reliability, and advertising:

• Identifiers: Mobile advertising ID (IDFA on iOS / AAID on Android), app instance ID, and similar device identifiers.
  
  

• Network/Device info: IP address (used to derive coarse/approximate location), device type, OS version, language, time zone, and basic app configuration.
  
  

• Usage data: Interactions such as screen views, taps, session duration, and frequency, used for analytics/measurement where applicable and consented.
  
  

• Diagnostics: Crash reports, performance data, error logs for troubleshooting and improving stability.
  
  

We do not request or access your contacts, photos, camera, microphone, precise (GPS) location, health/fitness, calendars, SMS, or stored files for normal operation.

C. Data from third parties

• Advertising & analytics partners (e.g., Google AdMob/Google Analytics for Firebase – if enabled): Receive the signals described above to serve/measure ads and understand usage (subject to your consent where required).
  
  

• Payment processors (only if we ever sell add‑ons): Would provide us with non‑card payment status; we would not store full card numbers.
  
  

4) Why we process data (purposes & legal bases)

Ads & Device Info

• Examples: Advertising ID (GAID/IDFA), IP address, coarse location, language, device type, OS version, app version
  
  

• Source: Your device via Google AdMob SDK
  
  

• Purpose: Show ads, cap frequency, measure ad performance, detect/prevent fraud
  
  

• Sharing: Shared with Google (AdMob) and its ad partners under AdMob policies
  
  

• Retention: Per Google/AdMob retention policies (we do not control their retention)
  
  

App Interactions (non-personal)

• Examples: Screen views, taps, session duration, basic engagement signals
  
  

• Source: AdMob SDK telemetry
  
  

• Purpose: Improve ad delivery and relevance at an aggregate level
  
  

• Sharing: Aggregated reporting via AdMob; we do not sell personal data
  
  

• Retention: Per Google/AdMob retention policies
  
  

Crash/Diagnostics (if enabled)

• Examples: Crash logs, performance metrics, error codes
  
  

• Source: Ad SDKs/OS telemetry
  
  

• Purpose: Stability, troubleshooting, app quality
  
  

• Sharing: Aggregated reporting; no user profiles by us
  
  

• Retention: Per Google/AdMob retention policies
  
  

Not Collected: Account/Profile, Contacts/Calendar, Payments/Purchases, Precise Location

5) Advertising and your choices

• Ad provider: Google AdMob (and Google’s ad tech stack).
  
  

• Default: We aim to serve non‑personalized ads unless you provide consent for personalization where applicable.
  
  

• Personalized ads (opt‑in): Use additional signals (e.g., interest categories) to make ads more relevant—only with your consent (EEA/UK and where required).
  
  

• Withdraw or change consent: Open Settings → Privacy (in‑app), or use the consent panel you saw when you started.
  
  

• iOS: Control tracking via App Tracking Transparency and Settings → Privacy & Security → Tracking; reset IDFA at any time.
  
  

• Android: Reset/opt out of ad personalization in Settings → Google → Ads; on newer Android, see Settings → Privacy → Ads.
  
  

California (CPRA) – Do Not Sell/Share: We do not sell personal information for money. If “sharing” for cross‑context behavioral advertising applies, we do so only with your consent; you can opt out any time via Settings → Privacy → Do Not Sell or Share (or the in‑app consent panel).

6) How we share information

We share data only with service providers/partners under contracts limiting their use to providing services to us:

• Hosting & infrastructure (cloud services, CDN).
  
  

• Advertising & measurement (Google AdMob; see Section 5).
  
  

• Analytics/diagnostics (e.g., crash reporting) if enabled and consented.
  
  

• Legal/compliance: When required by law or to protect rights, safety, and security.
  
  

• Business transactions: If we are involved in a merger or acquisition, your information may transfer under this policy.
  
  

We do not allow partners to use your data for their own independent marketing without your consent.

7) International data transfers

We and our providers may process data in the United States and other countries. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) to protect EEA/UK users’ data. Contact us to learn more.

8) Data retention

• We retain information only as long as needed to provide the app, comply with law, resolve disputes, and enforce agreements.
  
  

• Usage/analytics events (if enabled) are typically retained by providers for up to 24 months (shorter where feasible).
  
  

• Crash/performance logs are typically kept 30–180 days unless needed longer to investigate issues.
  When data is no longer required, it is deleted or de‑identified.
  
  

9) Security

We use administrative, technical, and organizational safeguards (e.g., encryption in transit, least‑privilege access). No system is 100% secure. If you believe there is a security issue, contact basicrypto.app@gmail.com.

10) Your rights & choices

EEA/UK (GDPR): You may have rights to access, rectify, erase, restrict, object, and port your data, and to withdraw consent at any time (without affecting prior lawful processing). You can also lodge a complaint with your local supervisory authority.

United States (e.g., CA/CPRA; CO/VA/CT, etc.): You may have rights to know/access, correct, delete, and opt‑out of sale/share. You also have the right not to be discriminated against for exercising your rights.

How to exercise: Use Settings → Privacy → Manage My Data (if available) or email privacy@basicrypto.app. We will verify your request and respond within applicable timelines. Authorized agents may submit requests where permitted by law.

11) Children’s privacy

BasiCrypto is not directed to children under 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children. Personalized ads are disabled for known minors. If you believe a child has provided information, contact us to delete it.

12) Cookies/SDKs & similar technologies

Our app and providers use SDKs and similar technologies to store and read identifiers on your device for the purposes described above (strictly necessary, analytics with consent, advertising with consent). You can manage these choices via our in‑app consent panel and your device settings.

13) Google Play “Data safety” (disclosure mapping)

Collected (by us or our providers):

• Approximate location (derived from IP) → Ads/analytics
  
  

• App activity (e.g., screen views, interactions) → Analytics/measurement (with consent where required)
  
  

• App info & performance (crash logs, diagnostics) → App functionality & reliability
  
  

• Device or other IDs (IDFA/AAID, app instance ID) → Ads/analytics
  
  

Not collected: Contacts, calendar, photos/videos, audio, files & docs, health/fitness, precise location, messages, and sensitive personal info.

Data sharing: For ad delivery/measurement and analytics, data may be shared with service providers/partners under contract; we do not sell personal information for money.

14) Apple App Store privacy labels (summary)

• Data Used to Track You: Identifiers (IDFA) and Usage Data may be used by ad partners to deliver/measure ads only with your consent.
  
  

• Data Not Linked to You: Diagnostics (crash data, performance) may be collected to improve the app and is not linked to your identity.
  
  

• Not Collected: We do not request contacts, photos, precise location, or other sensitive categories for normal use.
  
  

Your exact label may vary by region, device settings, and your consent selections.

15) Region‑specific disclosures (California)

Categories collected (last 12 months): Identifiers (ad IDs), Internet/Usage data, Geolocation (approximate), and Diagnostics.
Sources: Your device, our app, and service providers.
Purposes: Provide and secure the app, measure usage, and deliver ads (with consent where required).
Selling/Sharing: We do not sell personal information for money. If “sharing” under CPRA applies, we rely on consent and offer an opt‑out in‑app.
Sensitive information: Not collected.

16) Changes to this policy

We may update this policy from time to time. When we do, we’ll update the "Last Updated" date and, if changes are material, provide a more prominent notice or request new consent where required.

17) Contact us

Questions or requests about privacy?
Email: basicrypto.app@gmail.com
Mail: 5262 Brassie Ave, Westerville, OH 43081

Appendix A — How consent works in our app

• On first launch (or when required), we show a Consent Panel. Your choices are stored locally in your device/app. If you clear storage or switch devices, we will ask again.
  
  

• You can change your preferences any time via Settings → Privacy (reopen the panel).
  
  

• If you decline personalized ads, we will request non‑personalized/contextual ads where available.
  
  

Appendix B — Your device‑level controls (quick links)

• iOS: Settings → Privacy & Security → Tracking; per‑app toggles; Reset Advertising Identifier.
  
  

• Android: Settings → Privacy/Google → Ads; Reset Advertising ID; Opt out of Ads Personalization.
  
  

If anything in this policy conflicts with partner SDK policies (e.g., Google AdMob) or new platform rules, we will update our implementation and this policy to remain compliant.