Privacy Policy

Last updated: February 7, 2026

Effective Date: February 7, 2026

Version: 1.0

Your Privacy Matters

We respect your privacy and protect your data. We never collect or store your private keys, wallet seeds, or customer personal information.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address
  • Business name
  • Phone number (optional)
  • Billing information (processed by Stripe)

1.2 Payment and Transaction Data

We collect information about Bitcoin payments:

  • Lightning invoices and payment hashes
  • Payment amounts and status
  • Invoice details

1.3 Technical Data

We automatically collect:

  • API usage logs
  • Device information
  • IP address
  • Performance data

1.4 Information We Do NOT Collect

We do NOT collect:
  • Your Bitcoin private keys
  • Your wallet seeds or mnemonics
  • Your Lightning node private keys
  • Your customers' personal information
  • Your customers' payment card details

2. How We Use Your Information

2.1 Provide the Service

We use your data to:

  • Create and maintain your account
  • Generate Bitcoin addresses
  • Monitor payments and confirmations
  • Send payment notifications
  • Provide dashboard and reporting
  • Process subscriptions
  • Provide customer support

2.2 Improve the Service

  • Analyze usage patterns
  • Fix bugs and improve features
  • Develop new features
  • Conduct analytics

2.3 Communicate

We may send you:

  • Service updates
  • Payment confirmations
  • Security alerts
  • Customer support responses
  • Marketing (you can opt out)

3. How We Share Your Information

3.1 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information.

3.2 Service Providers

We share information with third parties who help operate the Service:

  • Stripe: Payment processing
  • Email Provider: Transactional emails
  • Hosting: Server infrastructure
  • Analytics: Usage analytics (if implemented)

These providers are contractually obligated to protect your data.

3.3 Lightning Network Data

Note: Lightning payment data is shared between nodes involved in routing your payment. We cannot control data visible to routing nodes on the Lightning Network.

3.4 Legal Requirements

We may disclose information if required by:

  • Court orders or subpoenas
  • Legal process
  • Fraud prevention
  • Protecting our rights

4. Data Security

4.1 Security Measures

We implement reasonable security including:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest
  • Access controls
  • Regular security audits
  • API token security

4.2 Your Responsibility

You must:

  • Keep your password secure
  • Protect your API tokens
  • Enable two-factor authentication
  • Not share account credentials
No system is 100% secure. You use the Service at your own risk.

5. Data Retention

How long we keep data:

Account Data While account is active
Transaction Data Minimum 7 years (legal/tax)
API Logs 90 days
Support Tickets 3 years

6. Your Rights

6.1 Access and Portability

You can:

  • Access your personal information
  • Request a copy of your data
  • Export your data

6.2 Correction and Updates

You can:

  • Update account information
  • Correct inaccurate data
  • Request corrections

6.3 Deletion

You can request deletion of your data (subject to legal retention).

6.4 Marketing Opt-Out

You can:

  • Click "unsubscribe" in emails
  • Update preferences in dashboard
  • Contact support

Note: You cannot opt out of essential service communications.

7. GDPR Rights (EU Users)

If you are in the European Economic Area, you have additional rights:

7.1 Your GDPR Rights

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent
  • Lodge complaint with supervisory authority

7.2 Exercising Rights

Contact us at privacy@satsrail.com - We will respond within 30 days.

8. CCPA Rights (California Users)

California residents have rights under CCPA:

8.1 Your CCPA Rights

  • Right to Know: What information we collect
  • Right to Delete: Request deletion
  • Right to Opt-Out: We don't sell data
  • Right to Non-Discrimination: No penalties for exercising rights

8.2 Exercising Rights

Contact us at privacy@satsrail.com - We will respond within 45 days.

9. Cookies

Essential Cookies

  • Session management
  • Authentication
  • Security features

Functional Cookies

  • Preferences and settings
  • Dashboard functionality

You can control cookies through browser settings. Disabling essential cookies may affect functionality.

10. Children's Privacy

SatsRail is not intended for individuals under 18. We do not knowingly collect information from children.

11. International Transfers

Your data may be stored and processed in the United States and other countries. By using the Service, you consent to international data transfers.

12. Merchant Responsibilities

Your Customers' Data

You are responsible for:

  • Your privacy practices with customers
  • Collecting customer consent
  • Providing your own privacy policy
  • Complying with GDPR/CCPA for your customers

SatsRail is not responsible for how you collect or use customer data.

13. Updates to Policy

We may update this Privacy Policy. Changes are effective upon posting. We'll notify you of material changes via email.

14. Contact Us

For privacy questions or to exercise your rights:

Response Times:

  • General inquiries: 5 business days
  • GDPR requests: 30 days
  • CCPA requests: 45 days
Complete Privacy Policy

This is a summary version for easy reading. For the complete Privacy Policy with all details, please view the full document.

View Complete Privacy Policy The complete policy includes additional details on data processing, international transfers, and jurisdiction-specific requirements.

Draft Status: This document is prepared for attorney review and does not constitute legal advice.

Version: 1.0 (Draft) | Last Updated: February 7, 2026