Legal
Privacy Policy & Acceptable Use Policy
This page combines our Privacy Policy and Acceptable Use Policy. Expand each section below to read the full text. Last updated: July 11, 2026.
Information Collected
Paycryptohost collects only the information needed to operate a secure Bitcoin invoicing and crypto payment-link platform. Below is the full inventory of categories we process.
Personal Information
Email address, display name, country, and any optional profile fields you choose to provide.
Technical Information
Browser type and version, operating system, timezone, and language preference, used to render the dashboard correctly and to debug issues.
IP Address Collection
IP addresses are logged for authentication, fraud prevention, and abuse investigation. They are stored alongside login events, invoice creation, and withdrawal requests, and are retained for up to 180 days.
Device and Browser Data
A coarse device fingerprint (operating system, browser family, screen size class) is recorded for security alerts on new-device logins.
Cookies and Tracking Technologies
We use a small number of first-party cookies for authentication sessions, theme preference, and CSRF protection. We do not embed advertising trackers and do not sell user data to third parties.
Payment Information
Subscription payments are processed by our payment partner; we receive only the minimum metadata required to reconcile billing (transaction ID, amount, status). Card numbers are never stored on our infrastructure.
Cryptocurrency Transaction Information
For Bitcoin invoices we store the destination address or xPub, derived child addresses, the BTC amount, the USD reference rate at invoice time, and the on-chain transaction hash once paid. We do not store private keys โ settlement is non-custodial.
How Information Is Used
To deliver the Services, authenticate users, generate invoices, send transactional emails (payment confirmations, account changes), prevent fraud, comply with legal obligations, and improve the platform through aggregated analytics.
Data Retention
Account and invoice records are retained for as long as your account is active and for up to 7 years after closure to satisfy tax and accounting obligations. Security logs are retained for 180 days. You may request earlier deletion subject to those mandatory retention periods.
Third-Party Services
We rely on a small set of vetted vendors: a managed Postgres database, a transactional email provider, a Bitcoin price feed, and an IP-geolocation API. Each vendor receives only the data necessary for its function and is bound by a data-processing agreement.
User Rights
You may access, correct, export, or request deletion of your personal data at any time through the dashboard or by emailing support. Where the GDPR applies you also have the right to restrict or object to processing and to lodge a complaint with your local supervisory authority.
Data Security Measures
All traffic is encrypted in transit with TLS 1.2+. Passwords are stored using a memory-hard hash. Database backups are encrypted at rest. Administrative access uses role-based access control, mandatory 2FA, and audit logging.
GDPR and International Privacy Compliance
We process EU/UK personal data on the legal bases of contract performance (delivering the Services), legitimate interest (security and abuse prevention), and consent (optional analytics). International transfers rely on Standard Contractual Clauses where applicable.
Contact Information
Privacy requests can be sent through our support page and will be acknowledged within 30 days.