This Privacy Policy explains how Bitcoin Strategy, accessible at https://the-bitcoin-strategy.com, collects, uses, shares, and protects personal information about visitors and members. Bitcoin Strategy is a service operated by Gold Maple Tree Ltd, a company organised under the laws of the Hong Kong Special Administrative Region of China (the "Company", "we", "us", or "our"), which is the data controller responsible for your personal information.
This Privacy Policy applies only to the Bitcoin Strategy website and its services. It does not apply to any third-party services that are linked from or to the service — such as (but not limited to) YouTube, Vimeo, Facebook, X (Twitter), or Telegram. We encourage you to review the privacy policies of any linked platforms you access from the Bitcoin Strategy website.
If you have questions about this Privacy Policy or wish to exercise any of your rights, please contact us at thebitcoinstrategy [at] gmail.com.
Who we are and how to contact us
The data controller is Gold Maple Tree Ltd, operating the Bitcoin Strategy service. For any privacy request — access, correction, deletion, objection, or a complaint — email thebitcoinstrategy [at] gmail.com. We aim to respond within one month.
Information we collect
The personal information we ask you to provide, and the reasons why, are made clear to you at the point we collect it. We collect:
- Account information you provide when you subscribe or are added as a member — such as your name, email address, and country.
- Payment information. For card payments this is handled directly by our payment processor (see "Payment processing" below) and is not stored on our systems. If you pay with cryptocurrency, we process on-chain payment details such as wallet/sending addresses and transaction identifiers in order to verify and reconcile your payment.
- Usage and device data collected automatically when you use the website — including IP address, date/time stamps, browser and device type, referring/exit pages, and pages viewed. For members who use two-factor authentication, we derive an approximate location from your IP address to detect unusual sign-ins.
- Communications — if you contact us, we receive the contents of your message, any attachments, and any other information you choose to provide (for example a phone number).
How we use your information and our legal bases
We use the information we collect to:
- Provide, operate, maintain, and secure the website and your membership (legal basis: performance of our contract with you);
- Process payments, renewals, and refunds where applicable (performance of contract; compliance with legal obligations);
- Communicate with you about your account, service updates, and support requests (performance of contract);
- Send marketing and promotional emails where you have not opted out, in line with your communication preferences (legitimate interests, or consent where required);
- Understand and analyse how the website is used, and improve and develop our services (legitimate interests; consent for non-essential analytics cookies);
- Detect, prevent, and investigate fraud, abuse, and security incidents (legitimate interests; legal obligations).
Where we rely on consent (for example, non-essential cookies), you may withdraw it at any time. Where we rely on legitimate interests, you have the right to object (see "Your rights" below).
Payment processing
We provide a paid subscription service. For card payments we use Stripe as our third-party payment gateway. Your card details are transmitted directly from your browser to Stripe and are never collected or stored by the Bitcoin Strategy systems. Stripe adheres to the PCI-DSS standards managed by the PCI Security Standards Council. Please review the Stripe Privacy Policy before paying.
For cryptocurrency payments, we record the on-chain transaction details needed to confirm and reconcile your payment (such as the sending address and transaction hash) and may use blockchain explorer services to verify that a payment has settled. Blockchain transactions are inherently public; we do not control the underlying networks.
Cookies, analytics, and tracking
Bitcoin Strategy uses cookies and similar technologies. These fall into two broad categories:
- Essential cookies — required for the website to function, including session cookies that keep you signed in and security/anti-fraud cookies. These session cookies expire after a period, after which you will be asked to sign in again.
- Analytics and tag-management cookies — we use Google Analytics and Google Tag Manager, together with our own first-party analytics (including UTM/referral attribution stored on a first-party cookie), to understand how visitors find and use the site. Our content-delivery and security provider, Cloudflare, also sets cookies to route traffic and protect against abuse.
A notice on the site informs you that we use cookies. You can refuse or remove cookies through your browser settings, and you can opt out of Google Analytics using Google's opt-out add-on. Disabling some cookies may affect how parts of the website work. We are continuing to improve the granularity of cookie controls we offer.
Who we share your information with
We do not sell your personal information. We share it only with service providers ("sub-processors") who process it on our behalf to deliver the service, and with authorities where legally required. Our main sub-processors are:
- Stripe — card payment processing.
- DigitalOcean — cloud hosting and database storage (Singapore region).
- Cloudflare — content delivery, DNS, and security/anti-abuse.
- Google (Analytics & Tag Manager) — website analytics.
- Twilio SendGrid — transactional and marketing email delivery.
- Vimeo — video hosting and streaming.
- Telegram — community group/channel access (your email and identity are used to manage access).
- MaxMind (GeoLite2) — IP-based geolocation for two-factor authentication.
- Blockchain explorer services — verification of cryptocurrency payments.
- Error-monitoring services — diagnosing technical errors (may capture IP address and account context at the time of an error).
We may also disclose information to law enforcement or government bodies where required by law, where illegal activity is suspected, or in connection with legal proceedings.
International transfers and data storage
Our application and database are hosted in Singapore. Some of our sub-processors (for example payment, email, and analytics providers) operate globally and may process data in other countries, including outside your country of residence. By using the website you understand your information will be stored and accessed from Singapore and from the locations of those sub-processors. Where we transfer personal data of users in the European Economic Area or the United Kingdom to a country without an adequacy decision, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.
Data retention
We keep your personal information for as long as your account is active and for as long as needed to provide the service. After your membership ends, we retain account, billing, and transaction records for the period required to meet our legal, tax, accounting, and fraud-prevention obligations, after which we delete or anonymise the data. You may ask us to delete your data earlier, subject to those legal retention requirements (see "Your rights").
Security
Personal information is stored on systems with restricted access, and we take reasonable technical and organisational measures to protect it. However, no IT system can be guaranteed to be 100% secure. While we take steps to protect your information, Bitcoin Strategy cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Your rights
Depending on where you live, you may have the following rights regarding your personal information:
- Access — request a copy of the personal data we hold about you. The first copy is provided free of charge.
- Rectification — ask us to correct inaccurate or incomplete data.
- Erasure — ask us to delete your personal data, subject to legal retention obligations.
- Restriction — ask us to restrict processing in certain circumstances.
- Objection — object to processing based on our legitimate interests, including direct marketing.
- Portability — receive your data in a portable format or have it transferred to another organisation, where applicable.
- Withdraw consent — where we rely on consent, withdraw it at any time without affecting prior processing.
- Complain — lodge a complaint with your local data protection authority.
To exercise any of these rights, contact us at thebitcoinstrategy [at] gmail.com. We will respond within one month.
California privacy rights (CCPA)
If you are a California resident, you have the right to request the categories and specific pieces of personal information we have collected about you, to request deletion of that information, and to direct us not to sell your personal information. We do not sell personal information. To exercise these rights, contact us at thebitcoinstrategy [at] gmail.com; we have one month to respond.
Children's information
The Bitcoin Strategy service is intended only for users aged 18 or older, and we do not knowingly direct the service to, or knowingly collect personal information from, anyone under 18 (or under the applicable minimum digital-consent age in their country). If you believe a minor has provided us with personal information, please contact us at thebitcoinstrategy [at] gmail.com and we will promptly remove it.
Third-party links and services
This Privacy Policy does not apply to other websites or services linked from Bitcoin Strategy. We advise you to consult the privacy policies of those third parties for details of their practices and your choices, including how to opt out.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes to our practices or for legal reasons. When we do, we will revise the "Last updated" date at the top of this page. Your continued use of the website after an update constitutes acceptance of the revised policy.