EN flag

Data rights and GDPR

Effective Date: November 05, 2025

At Psyll.com, we consider your privacy and the protection of your personal data to be fundamental. This page outlines how we handle the information you provide or generate while using our platform. All data processing is conducted in strict compliance with the European Union General Data Protection Regulation (GDPR) and applicable local data protection laws.

We aim for complete transparency in all aspects of data management. This page provides detailed explanations regarding:

  • The types of personal data we collect and store.
  • The purposes for which we process data.
  • The duration of data storage.
  • How you can access, download, update, or delete your personal information.
  • Security measures in place to protect your data.

Our commitment is not only to legal compliance but also to ensuring our users feel confident that their data is treated responsibly and ethically.

1. Data Controller

Data Controller: Psyll.com Contact Email: support@psyll.com

As the data controller, Psyll.com determines the purposes and means of processing your personal data. You may contact us regarding any matter related to your personal information, including:

  • Requests for access to your data.
  • Requests to correct or update your data.
  • Requests to delete or restrict your data processing.
  • Requests regarding data portability.

All requests are handled in accordance with GDPR timelines and procedures, and we will respond as quickly as possible, generally within one month of receipt.

2. Categories of Data We Collect, Process, and Retain

We collect and store a range of personal and system-related data to provide services effectively, ensure security, and maintain compliance with legal obligations. Below is a detailed description of each category of data, its purpose, retention period, and where you can manage it.

User Account Data

  • Data Collected: Core account details including username, email, profile preferences, language and display settings.
  • Purpose: To maintain your account and personalize your experience.
  • Retention Period: Until the account is permanently deleted.
  • Management: My Account settings

User Authorization and Security Data

  • Data Collected: Login attempts, two-factor authentication (TOTP) status, device information, IP addresses.
  • Purpose: To verify your identity, prevent unauthorized access, and enhance account security.
  • Retention Period: Automatically deleted after 30 days unless extended for security audit purposes.
  • Management: Security / Login History

API Keys Vault

  • Data Collected: Encrypted API keys used for connecting your account to cryptocurrency exchanges.
  • Purpose: To facilitate trading bots, automation, and secure integration with external services.
  • Retention Period: Stored until you delete them or until your PRO subscription ends.
  • Management: API Keys Vault
  • Security Note: Keys are always stored encrypted and never displayed in plaintext.

Invoice Data Change Requests

  • Data Collected: Requests to update billing information, including name, address, and payment method.
  • Purpose: To maintain accurate billing records and comply with audit requirements.
  • Retention Period: Until account deletion.
  • Management: Customer Data Page

Webhooks

  • Data Collected: Configurations of automated webhooks, including encrypted tokens and endpoint URLs.
  • Purpose: To enable automated account actions or trading processes.
  • Retention Period: Stored until deletion by the user.
  • Management: My Webhooks

Notifications

  • Data Collected: System alerts, security notifications, and important account messages.
  • Purpose: To inform you about account activity, security events, and system updates.
  • Retention Period: Automatically deleted after 1 month.
  • Management: Notifications History

Payment Receipts

  • Data Collected: Receipts and invoices for purchases, including subscription fees and PRO feature charges.
  • Purpose: Proof of payment and record-keeping for accounting purposes.
  • Retention Period: Stored until account deletion (or longer if legally required).
  • Management: Receipts

Cryptocurrency Payment Sessions

  • Data Collected: Temporary session data, including wallet addresses, payment status, and transaction logs.
  • Purpose: To track pending cryptocurrency transactions and ensure accurate processing.
  • Retention Period: Automatically deleted after 4 hours.
  • Management: Payment Sessions

Stripe Payment Sessions

  • Data Collected: Temporary session data processed through Stripe payment gateway.
  • Purpose: To facilitate secure payment processing.
  • Retention Period: Automatically deleted after 4 hours.
  • Management: Payment Sessions

PRO Subscription Data

  • Data Collected: Subscription status and data required to manage access to PRO features.
  • Purpose: To verify subscription eligibility and manage user privileges.
  • Retention Period: Stored only while subscription is active.
  • Management: PRO page

Support Tickets

  • Data Collected: Communications between users and support staff, including messages, attachments, and ticket metadata.
  • Purpose: To provide support, resolve issues, and maintain a record of interactions.
  • Retention Period: Automatically deleted after 3 months.
  • Management: Support Tickets

Trading Bots Slots

  • Data Collected: Configuration data for trading bots, including encrypted exchange keys, trading parameters, and strategy settings.
  • Purpose: To automate trading according to user preferences while maintaining secure integration.
  • Retention Period: Stored until deletion or PRO subscription expiration.
  • Management: My Trading Bots

3. Your Rights Under GDPR

As a user of Psyll.com, you have several rights to ensure control over your personal data. These rights are described in detail below:

Right to Access

You can request access to your personal data at any time. This allows you to review which data we hold and for what purposes. Where to Access: Data Management → Preview

Right to Data Portability (Download)

You have the right to receive a complete copy of your personal data in a portable format such as TXT or JSON. This facilitates transferring your data to another service or keeping personal records. Where to Download: Data Management → Download

Right to Correction

You can correct, update, or amend any personal information we hold to ensure accuracy. This includes email addresses, profile details, or billing information.

Right to Erasure (Delete Account)

You can request the permanent deletion of your account and all associated data. Once deletion is complete, data cannot be restored. This is sometimes referred to as the “right to be forgotten.” Where to Delete: Data Management → Delete

Right to Restrict Processing

You may request restrictions on certain processing activities in cases permitted by law. This limits the use of your data without deleting it entirely.

Right to Object

Where applicable, you may object to certain types of processing, particularly if the processing is based on legitimate interest rather than consent.

Right to Lodge a Complaint

If you believe your data rights have been violated, you have the right to lodge a complaint with a supervisory authority in your country or region.

4. Data Security

We take robust technical and organizational measures to protect your personal data:

  • All sensitive data, including API keys, TOTP secrets and authentication tokens are encrypted using strong, industry-standard encryption methods.
  • Access to data is limited to authorized personnel only and logged for audit purposes.
  • We do not sell, trade or share your personal data with third parties for marketing purposes.
  • We store only the data necessary to provide our services efficiently and securely.

Security is a continuous priority, and we regularly review our processes to ensure maximum protection against unauthorized access or data breaches.

5. Contact

For any inquiries regarding your personal data, to exercise your GDPR rights or to request further clarification:

Email: support@psyll.com

We are committed to responding promptly and transparently to all data-related inquiries.