Privacy Policy

1. INTRODUCTION

COIN CONNECTIN TECH PRIVATE LIMITED (hereinafter also referred to as "mineπcoin", "we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy describes how we collect, use, disclose, store, and protect your personal information when you use our mobile application (the "App"), available on the Google Play Store for Android devices, and our website at minepicoin.com (collectively, the "Service").

This Privacy Policy applies to all users of our Service. By accessing or using our Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Service.

This version was last updated on May 6, 2026. We may update this Privacy Policy from time to time. The updated version will be indicated by the revised date above. We encourage you to review this Privacy Policy periodically for any changes.

2. IMPORTANT INFORMATION AND WHO WE ARE

COIN CONNECTIN TECH PRIVATE LIMITED is a company duly organized and existing under the laws of India, having CIN U72900HR2022PTC108071, with its registered address at 1172, Sector 21, Gurugram, Haryana 122016, India.

We are the data controller responsible for your personal data. We provide digital mining services through our mobile application (built using React Native with Expo SDK) and our website. This Privacy Policy should be read in conjunction with our Terms of Service.

Our Service is currently available exclusively for Android devices through the Google Play Store.

3. INFORMATION WE COLLECT

Personal data means any information about an individual from which that person can be identified. We collect, use, store, and transfer different kinds of personal data about you. The information we collect falls into the following categories:

3.1 Information You Provide Directly

When you register for an account, use our Service, or communicate with us, we may collect:

• Account Data: Your email address, username, display name, and password (stored in hashed form using industry-standard cryptographic hashing). We do not have access to your plain-text password.
• Profile Data: Any additional profile information you choose to provide, such as a profile picture or display preferences.
• Cryptocurrency Wallet Data: Cryptocurrency wallet addresses you provide for the purpose of making deposits and receiving withdrawals. These may include addresses on the Ethereum (ETH), Binance Smart Chain (BSC), and Tron (TRX) blockchains.
• Communication Data: Information you provide when you contact us for support, including the content of your messages and any attachments.

3.2 Information Collected Through Third-Party Authentication

We offer the option to sign in using your Google account via Google OAuth (implemented through Better Auth). When you choose this option, Google will share certain information with us, which may include:

• Your Google account email address
• Your Google profile name
• Your Google profile picture (if available)
• A unique Google account identifier

The specific information shared is determined by Google and the permissions you grant. We only request access to the basic profile information necessary to create and maintain your account. We do not request access to your Google contacts, calendar, drive, or other Google services.

3.3 Information Collected Automatically

When you access or use our Service, certain information is collected automatically:

• Device Data: Information about the mobile device you use to access our Service, including the device model, operating system and version (Android version), unique device identifiers (such as Android ID), screen resolution, and device language.
• Push Notification Tokens: Unique tokens generated by Expo Notifications and assigned to your device to enable the delivery of push notifications. These tokens are stored on our servers and are used solely to send you notifications you have opted in to receive.
• Log Data: Our backend servers automatically collect and store certain log information when you interact with our Service, including your Internet Protocol (IP) address, browser type and version (when accessing our website), pages or screens viewed, the time and date of your visit, the time spent on those pages, referring URL, and other technical details about your device and interaction with the Service.
• Usage Data: Information about how you use our Service, including features accessed, actions taken within the App, session duration, and interaction patterns. We collect this data through our backend application logs.

3.4 Transaction Data

When you make payments or request withdrawals through our Service, we collect and store the following transaction-related information:

• Cryptocurrency wallet addresses used for deposits and withdrawals
• Transaction amounts and currency types (ETH, BSC-based tokens, TRX)
• Blockchain transaction hashes and confirmation status
• Date and time of transactions
• Transaction history and account balance information

We do not collect, store, or process any payment card information, bank account details, or other traditional financial instrument data. All payments and withdrawals on our platform are processed exclusively through cryptocurrency.

3.5 Information We Do Not Collect

For clarity, we do not collect the following types of information:

• Precise geolocation or GPS data
• Contacts or address book information
• Photos, camera, or media files (unless you voluntarily upload a profile picture)
• Microphone or audio recordings
• SMS or call log data
• Payment card or bank account information
• Biometric data
• Health or fitness data

4. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data for the following purposes:

• Account Creation and Management: To create and manage your account, authenticate your identity, and enable access to our Service. This includes processing your email login or Google OAuth sign-in through Better Auth.
• Service Delivery: To provide, maintain, and improve our digital mining services, process your transactions, and deliver the core functionality of the App.
• Transaction Processing: To process cryptocurrency deposits and withdrawals via our payment partner NowPayments, record transaction history, and maintain accurate account balance information.
• Notifications: To send you push notifications via Expo Notifications and email notifications regarding your account activity, transaction status, security alerts, and important Service updates. You may manage your notification preferences at any time through the App settings.
• Communication: To respond to your inquiries, provide customer support, and send you information about changes to our Service, terms, or policies.
• Security and Fraud Prevention: To detect, prevent, and address technical issues, fraud, security breaches, and other potentially prohibited or illegal activities. This includes analyzing backend logs for suspicious patterns and protecting against unauthorized access to your account.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests, including responding to lawful requests from public authorities.
• Service Improvement: To monitor and analyze usage patterns and trends to improve our Service, fix bugs, and enhance the user experience. This is currently done through our own backend application logs without the use of any third-party analytics services.

5. LEGAL BASIS FOR PROCESSING

We process your personal data only when we have a lawful basis to do so. The legal bases we rely on include:

• Contract Performance: Where processing is necessary for the performance of the contract between you and us, including providing the Service you have requested and processing your transactions.
• Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Our legitimate interests include operating and improving our Service, ensuring security, preventing fraud, and communicating with you about our Service.
• Legal Obligation: Where we need to comply with a legal or regulatory obligation, such as record-keeping requirements or responding to lawful requests from public authorities.
• Consent: Where you have given us explicit consent to process your personal data for a specific purpose, such as sending certain types of notifications. You may withdraw your consent at any time.

6. HOW WE SHARE YOUR PERSONAL DATA

We do not sell, rent, trade, or otherwise monetize your personal data. We may share your personal data with the following categories of third parties only as necessary to provide our Service and as described in this Privacy Policy:

• NowPayments: We use NowPayments as our cryptocurrency payment and payout gateway. When you make a deposit or request a withdrawal, your cryptocurrency wallet address, transaction amount, and related transaction details are shared with NowPayments to facilitate the transaction. NowPayments processes this data in accordance with their own Privacy Policy. For more information, please visit the NowPayments website.
• Google: When you choose to sign in using Google OAuth, your Google account information (email, name, profile picture) is shared with us through Google's authentication service. Google processes this data in accordance with Google's Privacy Policy. For more information, please visit https://policies.google.com/privacy.
• Cloudflare, Inc.: We use Cloudflare for website hosting (Cloudflare Workers), static file storage (Cloudflare R2), and proxy services (Cloudflare Proxy). Cloudflare may process your IP address, request data, and other technical data to deliver and secure our Service. Cloudflare processes this data in accordance with their Privacy Policy. For more information, please visit https://www.cloudflare.com/privacypolicy/.
• Expo (Expo Notifications): We use Expo Notifications to deliver push notifications to your Android device. This involves sharing your device's push notification token with Expo's notification service to route and deliver notifications. For more information, please visit the Expo privacy documentation.

We may also disclose your personal data to third parties in the following circumstances:

• Legal Requirements: If required to do so by law or in response to valid requests by public authorities, such as a court order, subpoena, or government investigation.
• Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction. We will notify you via email or through a prominent notice on our Service of any change in ownership or uses of your personal data.
• Protection of Rights: To protect and defend our rights, property, or safety, or that of our users or the public, including to detect, prevent, or address fraud, security issues, or technical problems.

7. THIRD-PARTY SERVICES

Our Service relies on, interacts with, and integrates with several third-party services. Below is a detailed description of each third-party service we use and the data they may process:

7.1 NowPayments (Payment and Payout Gateway)

NowPayments is a cryptocurrency payment processing service that we use to facilitate deposits and withdrawals on our platform. When you initiate a deposit or withdrawal, the following data is shared with NowPayments:

• Your cryptocurrency wallet address
• The transaction amount and selected cryptocurrency (ETH, BSC-based tokens, or TRX)
• Transaction status and confirmation data

NowPayments operates as an independent data controller for the data they receive. We encourage you to review NowPayments' Privacy Policy to understand how they handle your data.

7.2 Google OAuth (Authentication)

We use Google OAuth (via Better Auth) as an optional authentication method. When you sign in with Google, the following data may be shared:

• Your Google account email address
• Your Google profile name
• Your Google profile picture URL
• A unique Google account identifier

You can control the permissions granted to our App through your Google account settings at any time. Google's use of your data is governed by Google's Privacy Policy at https://policies.google.com/privacy.

7.3 Cloudflare (Infrastructure)

We use multiple Cloudflare services as part of our technical infrastructure:

• Cloudflare Workers: Our website is hosted on Cloudflare Workers, a serverless computing platform. Cloudflare may process request data including IP addresses and HTTP headers when serving our website.
• Cloudflare R2: Static files (such as images and other assets) are stored in Cloudflare R2, an object storage service. Access to these files may be logged by Cloudflare.
• Cloudflare Proxy: Our website and API are proxied through Cloudflare's global network, which provides DDoS protection, SSL/TLS termination, and performance optimization. Cloudflare acts as a reverse proxy and may process IP addresses, DNS queries, and HTTP request/response data.

Cloudflare acts as a data processor on our behalf for the services described above. Cloudflare's privacy practices are described in their Privacy Policy at https://www.cloudflare.com/privacypolicy/.

7.4 Expo Notifications (Push Notifications)

We use Expo Notifications to deliver push notifications to your Android device. To deliver these notifications, the following data is processed:

• Expo Push Token: A unique token assigned to your device by Expo's notification service. This token is stored on our servers and is used exclusively to target push notifications to your specific device.
• Notification Content: The title and body text of notifications we send through the Expo notification service.

Push notifications are transmitted through Expo's servers and then delivered to your device via Firebase Cloud Messaging (FCM), Google's push notification service for Android. This means Google (through FCM) may temporarily process notification delivery data. You can disable push notifications at any time through the App settings or your device's notification settings.

7.5 Firebase Cloud Messaging (FCM)

As part of delivering push notifications to your Android device, Google's Firebase Cloud Messaging (FCM) service is utilized. FCM is integrated into the Android system and is used by Expo Notifications to route notifications to your device. FCM may process your device's registration token and notification delivery data. Google's use of this data is governed by Google's Privacy Policy at https://policies.google.com/privacy.

7.6 Better Auth (Authentication Library)

We use Better Auth as our authentication library on the backend. Better Auth runs on our own server infrastructure and processes authentication data including your email, hashed password, and OAuth tokens. This data is stored in our MariaDB database on our VPS. Better Auth does not transmit your authentication data to any external servers beyond what is described in this Privacy Policy.

7.7 Google Play Store

Our App is distributed through the Google Play Store. When you download or update our App, Google may collect information about your device and the installation process in accordance with Google Play's terms and privacy policy. We do not control Google's data collection practices in connection with the Google Play Store.

8. DATA STORAGE AND SECURITY

8.1 Data Storage

Your personal data is stored on our own Virtual Private Server (VPS) infrastructure. Our backend application is built using Node.js with Express and TypeScript, and our data is stored in a MariaDB database, both running on our VPS. Static files are stored in Cloudflare R2 buckets.

We take the security of your data seriously and have implemented appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

8.2 Security Measures

We employ the following security measures to protect your personal data:

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS/SSL. Our website and API are proxied through Cloudflare, which provides additional SSL/TLS termination and security features.
• Password Security: Your passwords are hashed using industry-standard cryptographic hashing algorithms before being stored in our database. We never store passwords in plain text and do not have the ability to retrieve your original password.
• Access Controls: Access to your personal data is restricted to authorized personnel who have a legitimate business need to access it. All authorized personnel are subject to confidentiality obligations.
• Infrastructure Security: Our VPS is maintained with appropriate security configurations, including firewalls, access controls, and regular security updates.
• Cloudflare Security: Our use of Cloudflare Proxy provides additional security layers including DDoS protection, web application firewall, and bot mitigation.

8.3 Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, and in any case within the timeframe required by applicable law.

9. DATA RETENTION

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

• Account Data: We retain your account data for as long as your account is active. If you choose to delete your account, we will delete your personal data within 30 days of receiving your deletion request, except where we are required to retain certain information by law.
• Transaction Data: Cryptocurrency transaction records, including wallet addresses, transaction amounts, and blockchain transaction hashes, are retained for as long as necessary to comply with applicable legal and regulatory requirements, resolve disputes, and enforce our agreements.
• Log Data: Backend application logs are retained for a limited period necessary for security monitoring, debugging, and service improvement, after which they are automatically deleted or anonymized.
• Push Notification Tokens: Expo push notification tokens are retained for as long as your account is active. If you delete your account, these tokens are deleted within 30 days.

When personal data is no longer required, we will securely delete or anonymize it in accordance with our data retention procedures.

10. YOUR RIGHTS

Under applicable data protection laws, you have certain rights regarding your personal data. These rights may include:

• Right of Access: You have the right to request a copy of the personal data we hold about you and to obtain information about how we process it.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
• Right to Erasure: You have the right to request the deletion of your personal data. Upon request, we will delete your personal data within 30 days, subject to any legal obligations requiring us to retain certain data.
• Right to Restriction: You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.
• Right to Data Portability: You have the right to request a copy of your personal data in a structured, commonly used, machine-readable format, and to have that data transferred to another service provider where technically feasible.
• Right to Object: You have the right to object to our processing of your personal data where we rely on legitimate interests as the legal basis for processing.
• Right to Withdraw Consent: Where we process your personal data based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

To exercise any of these rights, please contact us at legal@minepicoin.com. We will respond to your request within the timeframe required by applicable law, typically within 30 days. We may request verification of your identity before processing your request to protect the security of your personal data.

If you are not satisfied with our response to your request, you have the right to lodge a complaint with a supervisory authority in the jurisdiction where you reside or work.

11. PUSH NOTIFICATIONS

We use Expo Notifications (which utilizes Firebase Cloud Messaging on Android) to send push notifications to your device. These notifications may include:

• Account-related notifications (login alerts, password changes, security alerts)
• Transaction status updates (deposit confirmations, withdrawal processing)
• Service announcements and updates
• Important information about your account or our Service

You can manage your notification preferences through the App settings or by adjusting your device's notification settings for our App. If you disable push notifications, you will still receive important account-related communications via email where applicable.

12. EMAIL COMMUNICATIONS

We may send you emails in connection with your use of our Service. These emails may include:

• Account verification and security emails (email verification, password reset, security alerts)
• Transaction-related notifications (deposit and withdrawal confirmations)
• Service-related communications (terms of service updates, privacy policy changes)
• Responses to your support inquiries

You cannot opt out of essential transactional and security-related emails, as they are necessary for the operation and security of your account. You may manage other email notification preferences through the App settings.

13. COOKIES AND TRACKING TECHNOLOGIES

When you visit our website (minepicoin.com), we may use cookies and similar tracking technologies to track the activity on our Service and hold certain information. Cookies are small data files stored on your device that help us improve our Service and your experience.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Our mobile App does not use cookies. However, the App may use locally stored data (such as shared preferences or secure storage) to maintain your session and preferences.

14. ANALYTICS

We are not currently using any third-party analytics services. We collect usage information only through our own backend application logs for the purposes of operating and improving our Service.

If we decide to implement third-party analytics services in the future, we will update this Privacy Policy to disclose the specific services used, the data they collect, and how you can exercise any available opt-out rights. We will notify you of any material changes to our analytics practices.

15. CHILDREN'S PRIVACY

Our Service does not specifically target children, and we do not knowingly collect personal data from children. The use of cryptocurrency for payments and withdrawals involves financial instruments and blockchain technology that may be subject to age restrictions in certain jurisdictions. Users of our Service are responsible for ensuring that their use of the Service complies with all applicable local laws and regulations regarding age and cryptocurrency usage.

If we become aware that we have inadvertently collected personal data from a child without verification of parental consent, we will take steps to delete that information as quickly as possible. If you believe that a child has provided us with personal data, please contact us at legal@minepicoin.com.

16. INTERNATIONAL DATA TRANSFERS

Your personal data is stored on our VPS servers and processed in accordance with this Privacy Policy. As we use Cloudflare's global network for hosting, proxy, and storage services, your data may be processed in Cloudflare data centers located in various countries around the world. Cloudflare ensures appropriate safeguards for international data transfers in accordance with applicable data protection laws.

By using our Service, you acknowledge and consent to the transfer of your personal data to our servers and to the third-party services described in this Privacy Policy, which may involve processing in jurisdictions other than your own. We will take steps to ensure that your data receives an adequate level of protection in accordance with applicable law.

17. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this Privacy Policy.

If we make material changes to this Privacy Policy, we will notify you by:

• Posting a prominent notice within the App or on our website
• Sending a notification to the email address associated with your account
• Any other method required by applicable law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

18. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

For data access, correction, deletion, or any other data protection inquiries, please email legal@minepicoin.comwith "Data Privacy Request" in the subject line. We will respond to your inquiry within 30 days.