Back to Home

Privacy Policy

Last Updated: January 2026

1. Introduction

Coinseal ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our cryptographic security platform and services.

By using Coinseal, you consent to the data practices described in this policy. If you do not agree with any part of this policy, please do not use our services.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (for account identification and communication)
  • Hashed password (we never store plaintext passwords)
  • Account creation and last login timestamps

2.2 Encrypted Vault Data

When you create vaults, we store:

  • Encrypted seed phrase data (encrypted client-side before transmission)
  • Vault metadata (name, creation date, encryption version)
  • Access logs for security auditing

Important: Your PINs, passphrases, and unencrypted seed phrases are NEVER transmitted to or stored on our servers. All encryption happens locally in your browser.

2.3 Technical Information

We automatically collect:

  • IP addresses (for security monitoring and rate limiting)
  • Browser type and version
  • Device information
  • Access timestamps and activity logs

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain our services
  • Authenticate your identity and secure your account
  • Send important account notifications and security alerts
  • Detect and prevent fraud, abuse, and security threats
  • Comply with legal obligations
  • Improve our services and user experience

4. Data Security

We implement industry-leading security measures to protect your data:

  • End-to-End Encryption: All vault data is encrypted client-side using quantum-resistant algorithms (Argon2id, XChaCha20-Poly1305, ML-KEM-768) before being transmitted.
  • Double Encryption: Already-encrypted data is wrapped again with AES-256-GCM on our servers.
  • Zero-Knowledge Architecture: We cannot access your unencrypted data—only you hold the keys.
  • Secure Infrastructure: All data is stored in secured, encrypted databases with strict access controls.
  • HTTPS Only: All communications are encrypted in transit using TLS.
  • Rate Limiting: Protection against brute-force and denial-of-service attacks.

5. Data Retention

We retain your data as follows:

  • Account Data: Retained while your account is active and for a reasonable period after deletion for legal compliance.
  • Vault Data: Retained until you delete it or close your account.
  • Activity Logs: Retained for security purposes for up to 12 months.
  • Technical Logs: Retained for up to 90 days for troubleshooting and security.

6. Data Sharing

We do NOT sell, rent, or trade your personal information. We may share data only in these circumstances:

  • Service Providers: Trusted third parties who assist in operating our services (e.g., hosting, payment processing), bound by confidentiality agreements.
  • Legal Requirements: When required by law, subpoena, or court order.
  • Safety: To protect the rights, property, or safety of Coinseal, our users, or others.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users).

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of your personal data.
  • Correction: Request correction of inaccurate data.
  • Deletion: Request deletion of your account and associated data.
  • Portability: Request your data in a portable format.
  • Objection: Object to certain processing of your data.
  • Withdrawal: Withdraw consent where processing is based on consent.

To exercise these rights, contact us at privacy@coinseal.app.

8. Cookies and Tracking

We use essential cookies for:

  • Authentication and session management
  • Security (CSRF protection, rate limiting)
  • User preferences

We do NOT use third-party tracking cookies or advertising cookies.

9. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and compliance with applicable data protection laws.

10. Children's Privacy

Coinseal is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through the platform. Your continued use of Coinseal after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:
Coinseal Privacy Team
Email: privacy@coinseal.app

Terms of Service | Home

© 2026 Coinseal. All rights reserved.