EN flag

Privacy Policy

Effective Date: July 21, 2025

This Privacy Policy details the principles for collecting, processing, storing, and protecting the personal data of users of the Psyll.com platform. Our platform encompasses a wide range of services and tools, including a website, advanced mobile applications dedicated to various operating systems, innovative analytical tools, intelligent trading and investment bots, as well as all related services, functionalities, and application programming interfaces (APIs). This document has been meticulously prepared to ensure full compliance with the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR), Polish personal data protection acts, and other applicable national and international regulations concerning personal data protection and information security.

Our paramount goal is to guarantee the highest level of user data privacy and security, complete transparency of all data processing operations, and ensure full control over users' personal data. We are committed to adhering to fundamental data protection principles such as data minimization, purpose limitation, storage limitation, and ensuring data confidentiality, integrity, and availability. In this document, we explain in detail what categories of data we collect, for what purposes they are processed, to whom and on what terms they may be transferred, how long they are stored, and what rights users have in connection with the processing of their data. We want every Psyll.com user to have a complete understanding of how their data is used and protected.

1. Scope of the Privacy Policy

This Privacy Policy applies to all aspects and components of the Psyll.com platform, regardless of whether you use our services as an individual user or a business entity. It covers:

  • Website and user panel
  • Mobile applications
  • Payment and subscription handling modules
  • Integration features with external entities (e.g., exchanges)
  • Operations of investment bots and algorithmic analytical tools
  • Communication with users
  • Analytical and statistical services
  • Other related services and functionalities

This policy applies to both individual users and business entities utilizing our services within their operations, regardless of how they access the platform - via a web browser, a dedicated mobile application, or other authorized devices. All users are obliged to familiarize themselves with this document and accept its provisions.

2. Our Fundamental Data Protection Principles

Our approach to personal data protection is based on six fundamental principles defined in the GDPR, which form the cornerstone of all our operations. These principles guide every stage of data processing, from collection and storage to deletion:

  • Lawfulness, fairness, and transparency (Article 5(1)(a) GDPR)
  • Purpose limitation (Article 5(1)(b) GDPR)
  • Data minimization (Article 5(1)(c) GDPR)
  • Accuracy (Article 5(1)(d) GDPR)
  • Storage limitation (Article 5(1)(e) GDPR)
  • Integrity and confidentiality (Article 5(1)(f) GDPR and Article 32 GDPR)

3. No Cookies or External Tracking Tools

In the interest of your privacy and minimizing collected data, Psyll.com has adopted a rare but consistent policy: we do not use cookies or any external tracking technologies that would serve to identify users, collect behavioral data for advertising purposes, profiling, or transfer information to third parties for marketing or analytical purposes.

This means that:

  • We do not display cookie notices
  • We do not use external analytical tools
  • No advertising profiling or data selling

Our goal is to ensure maximum transparency and respect for your privacy. We consciously opt out of commonly used tracking mechanisms, which often raise privacy concerns and infringe on user autonomy. We believe that security and trust are built through full respect for privacy and minimization of collected data.

4. What Data Do We Process?

At Psyll.com, your privacy is our priority. That's why we only process data that's absolutely necessary to provide our services and ensure the secure and proper functioning of the platform. We always adhere to the principle of data minimization.

Below, we detail the categories of data we collect and explain why we collect them:

Identification and Login Data: We collect your email address, which is essential for account creation and management, communication, and the password reset process. Your password is stored in a secure, encrypted format, solely for verifying your identity during login. We also record your account registration date for administrative and statistical purposes.

Payment and Subscription Data: We gather information about your chosen subscription plan, including its type, activation and expiration dates, and status, allowing us to efficiently manage your access to services. If necessary, we collect billing data exclusively for the proper issuance of invoices and other accounting documents, in accordance with applicable regulations. We also store your transaction history, which is vital for managing subscriptions and all related billing.

Technical Data and System Logs: We use your IP address primarily for security purposes (e.g., detecting and blocking unauthorized access attempts) and for diagnosing technical issues. We collect your browser type and operating system, which helps us optimize platform performance, ensuring compatibility and stability across various devices. We monitor the date and time of access to our systems and identify any anomalies. Automatically generated error and failure information allows us to quickly diagnose and eliminate technical problems, improving platform stability.

Exchange Integration Data: We store cryptocurrency exchange API keys in a strongly encrypted form. These are essential for our trading bots to execute operations on your exchange account, in line with your settings. Important: Psyll.com never has access to your funds or the ability to withdraw them from the exchange. This information is used solely for the operation of analytical algorithms and to generate reports for you.

Communication and Customer Support Data: We record the content of your correspondence (emails, chats, and service requests), which enables us to effectively answer questions, resolve problems, and improve service quality. Support request identification data, such as the number, date, and status, helps us efficiently manage the support process.

Behavioral Data and User Preferences: We record your notification preferences, allowing us to send you only the information that's relevant to you. Your user settings enable the personalization of your experience on the platform.

5. Purposes and Legal Bases for Data Processing

Personal data is processed by Psyll.com for clearly defined purposes and always on the basis of relevant GDPR provisions. Below are the detailed purposes and their corresponding legal bases:

  • Provision of Services (Art. 6(1)(b) GDPR - performance of a contract)
    • Establishing and managing a user account on the Psyll.com platform.
    • Enabling access to all platform functionalities, including trading bots, analytical tools, and the user panel.
    • Managing subscriptions and service billing.
    • Executing transactions on exchanges via bots, according to user instructions.
  • Security and Abuse Prevention (Art. 6(1)(f) GDPR - legitimate interest of the controller)
    • Monitoring platform activity to detect and prevent unauthorized access attempts, fraud, cyberattacks, and other security breaches.
    • Ensuring system and data integrity.
    • Detecting and responding to platform terms of service violations.
  • Regulatory and Legal Requirements (Art. 6(1)(c) GDPR - legal obligation)
    • Issuing invoices and other accounting documents in accordance with applicable tax laws.
    • Fulfilling obligations arising from anti-money laundering (AML) and counter-terrorist financing (CTF) regulations, if applicable to our services.
    • Transferring data to state authorities based on a justified request and in accordance with applicable laws.
  • Technical Support and Communication (Art. 6(1)(b) and (f) GDPR - performance of a contract and legitimate interest)
    • Providing technical assistance, answering questions, and solving problems reported by users.
    • Sending important system notifications, information about changes to the terms of service or privacy policy.
    • Conducting correspondence as part of customer service.
  • Platform Development, Optimization, and Analysis (Art. 6(1)(f) GDPR - legitimate interest of the controller)
    • Analyzing anonymized and aggregated data regarding platform usage to improve its functionalities, performance, and usability.
    • Introducing new features and services based on user needs analysis.
    • Testing and optimizing trading bot algorithms.
  • Direct Marketing (Art. 6(1)(a) GDPR - consent)
    • Sending information about Psyll.com news, promotions, and offers (without external marketing entities), solely with the explicit consent of the user.
  • User Preference Customization (Art. 6(1)(a) or (f) GDPR - consent or legitimate interest)
    • Personalizing the user interface and delivering content consistent with preferences (e.g., language, theme, notifications), depending on whether these preferences require explicit consent or constitute a legitimate interest in improving user experience.

6. Data Sharing

User personal data may be transferred to the following entities to the necessary extent, solely for the purpose of implementing specific platform functionalities and in accordance with applicable regulations:

  • Providers of technological infrastructure
  • Payment operators
  • Law enforcement agencies or other public institutions
  • Potential platform purchaser or acquiring entity

We emphasize that each entity processing data on our behalf acts on the basis of a written data processing agreement, which complies with the requirements of Article 28 of the GDPR. These agreements clearly define the scope and purpose of processing, obligate subcontractors to maintain confidentiality, implement appropriate security measures (including technical and organizational), and adhere to our instructions. We regularly verify our partners' compliance with data protection requirements.

7. Data Retention Period

The period of personal data retention by Psyll.com is strictly defined and consistent with the processing purposes, the principle of data minimization, and applicable legal requirements. After this period, data is securely deleted or permanently anonymized.

  • Account and Subscription Data
  • Payment Data
  • Technical Data (system logs, IP addresses, activity)
  • Communication Data (correspondence with Psyll.com support)
  • Data processed based on user consent

After the specified retention periods, personal data is securely and permanently deleted from our systems or subjected to an anonymization process in a way that prevents the identification of a specific natural person. This process is irreversible and consistent with best practices in data protection.

8. Data Transfer Outside the European Economic Area (EEA)

In rare instances where it's necessary to transfer your personal data outside the European Economic Area (EEA), for example, when using the services of selected hosting providers located in third countries (such as the USA), Psyll.com applies the highest security standards and strictly adheres to GDPR requirements to ensure an adequate level of data protection.

Specifically, we use the following data transfer mechanisms, compliant with Articles 44-49 of the GDPR:

  • Adequacy Decisions by the European Commission
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Explicit User Consent
  • Binding Corporate Rules (BCRs)

Regardless of the legal basis for the transfer, all data transmissions are encrypted using SSL/TLS protocols, ensuring the confidentiality and integrity of data during transit. Data storage outside the EEA is subject to the principle of data minimization and strict security procedures, analogous to those applied within the EEA. We regularly monitor the European Commission's decisions and the European Data Protection Board's (EDPB) guidelines concerning data transfers to third countries to ensure full compliance of our practices and the highest level of protection for your data. We make every effort to ensure that our partners outside the EEA also employ advanced data protection measures.

9. User Rights Regarding Personal Data

In accordance with the GDPR, every user has a number of rights regarding their personal data, which Psyll.com is committed to fully respecting and facilitating their exercise:

  • Right of Access to Data (Article 15 GDPR):
  • Right to Rectification of Data (Article 16 GDPR)
  • Right to Erasure of Data (Article 17 GDPR) - "Right to Be Forgotten"
  • Right to Restriction of Processing (Article 18 GDPR)
  • Right to Data Portability (Article 20 GDPR):
  • Right to Object to Data Processing (Article 21 GDPR)
  • Right to Withdraw Consent (Article 7(3) GDPR)
  • Right to Lodge a Complaint with a Supervisory Authority (Article 77 GDPR):

How to exercise your rights?

To exercise these rights, simply contact our support team. Requests are processed promptly, in accordance with applicable regulations, no later than one month from their receipt. In justified cases, this period may be extended by another two months, of which the user will be informed. In case of doubts regarding the identity of the person submitting the request, we may ask for additional information to verify, to ensure that data is provided only to the authorized person.

10. No Automated Decision-Making and Profiling

Psyll.com adopts a transparent approach to data processing. Our platform does not use automated decision-making that could produce legal effects concerning users or similarly significantly affect them within the meaning of Article 22 of the GDPR. This means that no decision regarding your account, access to services, or significant platform functionalities is made solely based on automated data processing, without human intervention.

Although we use advanced algorithms and artificial intelligence in the operation of trading bots and analytical tools, they serve only as supporting tools. Final investment or strategic decisions are always in the hands of the user. Our algorithms provide analysis, suggestions, and perform operations based on your configured parameters and their consistent operation, but they do not make binding legal decisions without your knowledge and control.

We also do not conduct profiling for marketing or sales purposes. All analyses of user behavior on the platform are carried out internally, on anonymized and aggregated data, serving solely to optimize platform operation, improve usability, and develop new features. We do not create individual user profiles to target them with personalized advertisements based on their behavior outside the Psyll.com platform.

Our goal is to ensure you have full control over your interaction with the platform, where algorithms are a supportive tool, not a substitute for your independent decisions.

11. Data Security

The security of your personal data is our absolute priority. We employ comprehensive and advanced technical and organizational measures to protect your data from unauthorized access, unauthorized modification, disclosure, destruction, or accidental loss. Our safeguards are regularly verified, updated, and adapted to changing threats.

The main security measures we have implemented include:

  • Data Encryption
    • Connection encryption (SSL/TLS)
    • Encryption at Rest
  • Access Restriction and Permission Management
  • Backup and Disaster Recovery Mechanisms
  • Monitoring and Responding to Security Incidents
  • User Authentication Mechanisms
    • Strong passwords
    • Two-Factor Authentication (2FA)

12. Privacy Policy Updates

We reserve the right to make changes to this Privacy Policy. These changes may be necessary to adapt it to new legal regulations (e.g., changes in GDPR, new national regulations, supervisory authority guidelines), the technological evolution of the platform, the introduction of new functionalities that affect data processing, or other significant factors affecting data processing.

Users will be notified of any significant changes to the Privacy Policy with appropriate advance notice. Notification will be provided via a notification on the Psyll.com platform, sent to the registered email address, or through other available communication channels if we deem it appropriate and effective. The notification will include information about the effective date of the new provisions.

Continued use of the Psyll.com platform after the effective date of the amended Privacy Policy will constitute acceptance of the new provisions. We encourage you to regularly review this document to stay informed about our privacy practices.

The last updated date of the Privacy Policy will always be clearly visible at the beginning of the document so that you can easily check when the last change occurred.

13. Contact

If you have any questions, concerns, or comments regarding this Privacy Policy, the processing of your personal data by Psyll.com, or to exercise your rights, please contact our support team.