跳转至内容

    隐私政策

    了解 Crypto Tools & Guides 如何处理您的数据并保护您的隐私,包括 Cookie、数据分析及数据收集的详细说明。

    1. Introduction

    This Privacy Policy explains how BitcoinMargin (\"we\", \"us\", \"our\") collects, uses, and protects information when you visit our website at bitcoinmargin.com. We are committed to safeguarding your privacy and ensuring transparency about data practices in compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

    数据控制方: BitcoinMargin,通过 bitcoinmargin.com 运营。如有隐私相关问题,请通过 联系页面.

    2. Information We Collect

    We may collect the following types of information:

    • Usage data ——访问页面、停留时长、浏览器类型、设备信息及来源 URL。
    • Cookies & local storage ——存储在您设备上的小文件,用于记住偏好设置(例如,主题、cookie 同意、货币选择)。
    • Analytics data ——汇总匿名数据,用于了解访客如何使用本站。
    • 哈希 IP 地址(预测) ——当您提交 Bitcoin 价格预测时,我们会存储您 IP 地址的单向加密哈希值(SHA-256)。该哈希值不可逆,无法还原为您的真实 IP,仅用于频率限制(每人每 14 天一次预测)。
    • IP 地址(情绪投票) ——当您在社区情绪投票中投票时,您的 IP 地址将与投票一同存储,以执行每天一票的限制。与投票相关联的 IP 地址不会与第三方共享。
    • IP 地址(地理封锁) ——当您访问本站时,您的 IP 地址会被发送至我们的服务端地理检测服务以确定您所在国家/地区。此操作仅用于合规目的(限制特定司法管辖区的访问)。您的 IP 不会被永久存储——仅在实时地理查询时使用,之后即被丢弃。第三方 IP 地理位置服务(ip-api.com、ipapi.co)可能为此目的处理您的 IP。
    • IP 地址(频率限制) ——我们所有服务端函数均会在短暂的内存缓存中记录 IP 地址(60 秒),以防止滥用并执行请求频率限制。该数据不会持久化到任何数据库中。
    • Contact form data ——如果您使用联系表单,我们会收集您的姓名、电子邮件地址、主题和消息内容。您的 IP 地址也会被临时存储用于频率限制(每个 IP 每小时最多 3 条消息)。联系表单提交内容在我们的数据库中最多保存 5 分钟以供去重,之后旧条目将被删除。

    We do not 收集付款信息、政府颁发的身份证件或敏感个人信息。我们不会 not 向税务机关或监管机构报告任何用户数据。

    3. Cookies & Local Storage

    We use the following third-party services to operate the website:

    • 必要 ——网站正常运行所必需(例如,记住您的 cookie 同意选项、主题偏好)。
    • 功能性 ——记住您的偏好设置,例如所选货币、重量单位和收藏的币种。
    • Analytics ——帮助我们了解流量和使用模式,仅在您同意后才会设置。
    • Advertising ——由第三方广告网络使用,仅在您同意后才会设置。
    名称Provider类型Purpose有效期
    cookie-consent第一方必要Stores your cookie consent preferences (necessary, analytics, advertising).Persistent
    theme第一方必要Remembers your light/dark theme preference.Persistent
    sb-*-auth-tokenSupabase必要Keeps you securely logged in to your account during your session.Session
    favourite-coins第一方功能性Remembers your favourite coins so they appear at the top of your watchlist on every visit.Persistent
    sentiment-vote-*第一方功能性Stores your market sentiment vote to prevent duplicate submissions and display your current stance.5 minutes
    Google Analytics session cookie (_ga_gid)Google AnalyticsAnalyticsTracks unique visitors and page views to help us understand site usage.Up to 2 years
    Third-party ad cookiesAd networksAdvertisingUsed to deliver relevant advertisements and measure campaign effectiveness.Varies

    You can withdraw or change your consent at any time by clicking the \"Cookie Settings\" link in the website footer or by clearing cookies in your browser settings.

    4. Legal Basis & Retention

    We process the limited data described above on the following legal bases under GDPR:

    • Legitimate interest (Art. 6(1)(f)) ——IP 地址用于频率限制、防滥用、出于合规需要的地理封锁以及公平使用政策的执行。用于预测的哈希 IP 是不可逆的,无法识别您的身份。
    • Consent (Art. 6(1)(a)) ——分析和广告 cookies 仅在您通过 cookie 同意横幅明确授权后才会被设置。
    • Contract performance (Art. 6(1)(b)) ——联系表单数据将被处理,用于回复您的咨询。

    Retention periods:

    • Prediction hashed IPs ——最多保留 14 天,用于执行冷却期限制。
    • Sentiment vote IPs ——与投票记录一并保留。投票作为社区汇总数据永久存储,但 IP 地址可能会定期清除。
    • Contact form data ——最多存储 5 分钟用于去重,之后旧条目将自动删除。
    • Rate limiting data ——仅在内存中保留 60 秒,随后自动过期,从不写入数据库。
    • 地理检测 IP 查询 ——实时处理,不予存储。第三方地理位置服务商可能有其自己的数据保留政策。
    • Aggregated statistics ——预测分布、情绪汇总及类似匿名指标将被永久保留,因为其中不包含个人数据。

    5. Sub-Processors & Third-Party Services

    We use the following third-party services to operate the website:

    ServicePurpose已处理数据
    SupabaseDatabase hosting, edge functions (API proxy, voting, predictions)哈希 IP、投票数据、联系表单提交内容、API 请求元数据
    HostingerStatic site hosting and CDNStandard web server logs (IP, user agent, timestamps)
    CoinGecko加密货币价格数据No user data sent — server-side API calls only
    Binance APIReal-time ticker and futures dataNo user data sent — server-side API calls only
    Yahoo FinanceCommodity and metal price dataNo user data sent — server-side API calls only
    ip-api.com / ipapi.coIP geolocation for regulatory geo-blockingVisitor IP address (processed in real-time, not stored by us)
    Google AnalyticsTraffic analytics (only with consent)Anonymised usage data, cookies
    SMTP ProviderSending contact form email notificationsName, email, subject, message (from contact form only)

    Non-affiliate third-party references — such as CoinGecko, Bitcoin, Ethereum, and other cryptocurrency or platform names — appear for informational purposes only and do not imply any data-sharing arrangement between us and those entities.

    6. Affiliate Links & Referral Tracking

    Some links on this website are affiliate links, including links to Binance (通过我们的推荐标识符)。当您点击联盟链接并在合作伙伴平台注册时,我们可能会获得佣金,且不会为您产生任何额外费用。这不会影响我们的内容或推荐。

    Affiliate links on this site contain a referral parameter that identifies bitcoinmargin.com as the source. Clicking these links may earn us a commission at no extra cost to you.

    For details on how affiliate partners handle your data, please review their respective privacy policies (e.g., Binance Privacy Policy).

    7. Geo-Blocking & Access Restrictions

    For regulatory compliance, we restrict access to the website from certain jurisdictions. When you visit the site, a server-side function determines your approximate location using your IP address via third-party geolocation services. If you are in a restricted region, a visual overlay is displayed indicating the site is not available in your location.

    The underlying page content remains in the browser DOM but is not interactable. Your IP address is not stored as part of this process — it is used only for the real-time country lookup and then discarded.

    8. Tax Reporting

    While our educational content discusses tax regulations (such as the EU's DAC8 directive), we do not report any user data to tax authorities, financial regulators, or government agencies. We are an informational website, not a crypto-asset service provider. Any tax reporting obligations rest with the exchanges and platforms you use directly.

    9. Data Security

    We implement the following security measures to protect your data:

    • All data transmitted between your browser and our servers is encrypted via HTTPS/TLS.
    • Database access is restricted via Row-Level Security (RLS) policies — the client-side API key can only read public data, not write or modify records.
    • All server-side functions enforce IP-based rate limiting to prevent abuse.
    • Contact form inputs are sanitised to prevent injection attacks.
    • Sensitive operations (writes, deletes) require a server-side service role key that is never exposed to the client.

    However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of data transmitted to our site.

    10. Your Rights Under GDPR

    If you are in the European Economic Area (EEA), you have the following rights under the GDPR:

    • Right of access (Art. 15) ——您可以请求获取我们持有的关于您的个人数据副本。
    • Right to rectification (Art. 16) ——您可以请求更正不准确的个人数据。
    • Right to erasure (Art. 17) ——您可以请求删除您的个人数据("被遗忘权")。
    • Right to restriction (Art. 18) ——您可以请求我们限制对您数据的处理。
    • Right to data portability (Art. 20) ——您可以请求以结构化、机器可读的格式获取您的数据。
    • Right to object (Art. 21) ——您可以对基于合法利益的数据处理提出异议。
    • Right to withdraw consent (Art. 7(3)) ——您可以随时通过 cookie 设置横幅撤回对 cookie 的同意。
    • Right to lodge a complaint ——如果您认为您的权利受到侵害,可向当地数据保护机构(DPA)提出投诉。

    To exercise any of these rights, please contact us via the contact page. Since we collect minimal personal data (primarily IP addresses for rate limiting and voting), most requests can be fulfilled by clearing your browser cookies and cache.

    11. International Data Transfers

    Our infrastructure providers (Supabase, Hostinger) may process data in regions outside the EEA. Where this occurs, appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) as required by GDPR Chapter V. By using the website, you acknowledge that some data processing may occur outside your jurisdiction.

    12. Children's Privacy

    This website is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe your child has provided data to us, please contact us and we will promptly delete it.

    13. Changes to This Policy

    We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated \"Last updated\" date. We encourage you to review this page periodically. Continued use of the website after changes constitutes acceptance of the updated policy.

    Last updated: April 2026