Last Updated: April 4, 2026

Privacy Policy

Your data. Your rights. Our responsibilities.

Simple Truth: We do not use cookies, sell personal data, or build advertising profiles. We do use minimal anonymous analytics and site telemetry to understand what people read, improve the product, and keep core features reliable.

1. Information We Collect

We Don't Collect Personal Information

We do not collect any personal information. No names, no emails (unless you contact us first), no accounts, no profiles, no cookies, no tracking across websites. You are anonymous here. We don't know who you are, and we don't want to.

What We Do Collect (Minimal Anonymous Usage Data)

We use Cloudflare Web Analytics and limited first-party telemetry to understand how the site is used and whether core features are working:

Anonymous visitor counts and page reads
Aggregated referral, browser, and device information for technical optimization
Article votes, feedback totals, and outbound listing clicks counted in aggregate
Temporary live-visitor heartbeat signals used to estimate how many people are active on the site right now

This data is intended to stay minimal, aggregated where practical, and focused on site operations rather than advertising. Cloudflare Web Analytics is cookieless, and our own telemetry is used to improve the product, monitor reliability, and prevent abuse.

Direct Email Communication (User-Initiated)

If you choose to email us directly at addresses we provide (e.g., [email protected]), you are voluntarily sharing your email address and message content. This is standard email communication — not data collection via our website.

2. How We Use Your Information

We use limited anonymous usage data to operate the site responsibly. Here's what that means in practice:

Analytics: Anonymous, aggregated data helps us understand traffic patterns and improve the site (for example, which pages are useful and where people drop off).
Product Signals: We count article votes, outbound listing clicks, and swap comparison activity in aggregate so we can improve rankings, content, and tool quality.
Operational Telemetry: Temporary live-visitor heartbeats and technical request data help us keep features working, understand load, and limit abuse.
Direct Emails: If you email us, we'll respond to your inquiry. We won't add you to mailing lists without permission.
No Personal-Data Sales: We do not sell personal data or build advertising profiles from site usage.

3. Third-Party Services

Fonts

All fonts (JetBrains Mono, IBM Plex Mono) are hosted locally on our own servers. No third-party font services are used. Your browser makes zero external requests for typography — no IP addresses are shared with font providers.

Swap Provider APIs (8 providers)

When you compare swap rates, your browser sends one request to our worker. The worker then queries each provider (ChangeNOW, SimpleSwap, FixedFloat, Exolix, SideShift, Godex, ChangeHero, LetsExchange) on your behalf and returns the merged response. Providers see our worker's Cloudflare egress IP, never yours. We do not custody funds or process swaps. If you click a swap provider link, you leave our site and are subject to their privacy policies.

What our worker does with your IP. Before forwarding, the worker passes your IP through HMAC-SHA256 (with a rotating secret) and uses the first 16 hex characters as an opaque rate-limit bucket key. The bucket lives 60 seconds in KV storage, then expires. The raw IP is never written to KV, logs, or any datastore we own. Workers Logs (“Observability”) is disabled on this worker as of 2026-04-16.

What Cloudflare sees at the edge. Your IP arrives at Cloudflare's network at the TCP layer — this is unavoidable for any HTTPS request. Cloudflare's platform-level services (WAF, DDoS mitigation, Analytics Engine sampling) may briefly process that IP under Cloudflare's own privacy policy. We do not query, export, or join that data.

GDPR Art. 13(1)(e) disclosure: recipients of your swap-comparison request are (1) YouBuyBitcoin's worker as a processor; (2) Cloudflare as our infrastructure sub-processor; (3) the 8 swap providers, each receiving only the worker's egress IP and the requested swap parameters. The providers are independent data controllers for the data they receive.

Auto-refresh behavior (30-second cadence)

What it does. After you click Compare Rates at least once, we re-fetch quotes from all 8 providers every 30 seconds so the rates you see stay current. Swap rates drift in seconds — a 5-minute-old quote can be meaningfully wrong. The rolling refresh keeps the comparison honest while you deliberate.

When it pauses. The refresh pauses automatically when the /swap tab is hidden, when you've been idle for 15 minutes, or when you click the ON/OFF toggle next to “Auto-refresh every 30s”. It resumes when you return to the tab unless you've explicitly switched it off.

Same data flow as the initial Compare. Each 30-second cycle uses the same worker-proxy path, the same HMAC-hashed rate-limit bucket, and the same “we don't log your IP” guarantee covered in the four paragraphs above. Auto-refresh does not collect any additional data, contact any additional services, or change the GDPR recipient list.

How to disable it. Click the ON/OFF button next to the timer on the /swap page. Your preference is stored in your browser's localStorage (key ybb-swap-auto-refresh) and remembered on future visits. If you'd rather never auto-refresh, toggle it off once; the site will respect that across sessions.

How the sanity check works

What “sanity check” means here. When 6–8 live swap quotes land in the results table, we compute a peer median across them. That median is the comparison reference that drives the “Best Rate” badge and the outlier filter. The footer line at the bottom of the results (“Sanity check: …”) shows you the inputs we used to rank this particular comparison.

Peer median N BTC. The middle value of all live quotes, sorted. Half the quotes fall above it, half below. Using the median (not the average) means one outlier — a provider momentarily returning a wildly wrong rate — doesn't skew the reference. The median stays stable even when one quote goes haywire.

Reference <source> within X%. We also fetch a separate BTC/USD price from an external feed (CoinGecko primary, CoinLore fallback, Kraken fallback) and compare the peer median against it. If the two agree within 5%, the reference line renders in green (“within 1.2%”) — that's a positive confirmation that our peer consensus tracks the broader market.

Reference <source> diverges X%. Same comparison, but the peer median and external reference disagree by more than 5%. One of them is stale or wrong, and we can't tell which without more signal. Amber coloring flags the uncertainty. The comparison still ranks providers, but you should verify the final rate on the provider page before swapping.

“Best Rate” badge rules. The badge goes to the highest live quote whose rate stays within peer-median tolerance (±10%). A provider returning an unusually generous quote that's 15% above the peer median gets excluded from the badge — their quote looks good on paper but is likely a glitch that won't hold at execution time. We'd rather badge the honest #2 than the possibly-broken #1.

What updates this. Every 30 seconds while the /swap tab is visible and auto-refresh is ON (see the section above), we re-run the full pipeline: fresh quotes, fresh peer median, fresh reference delta, fresh badge. Numbers drift slightly as provider quotes and BTC/USD drift — that's normal market motion, not instability.

The Orange Pages (External Listings)

When you visit an Orange Pages listing website, you leave YouBuyBitcoin.com and are subject to that third-party's privacy policy. We curate and verify listings, but we do not control or monitor external websites. Some listings may include affiliate links — these are always disclosed.

Cloudflare Web Analytics

As mentioned above, we use Cloudflare's cookieless analytics. Cloudflare does not track individual users or use cookies. All data is anonymized and aggregated. Learn more about Cloudflare Web Analytics.

First-Party Site APIs

We use limited first-party endpoints to power article feedback totals, outbound listing click counts, aggregated swap-comparison activity, and the live visitor counter. Each request reaches one of our Cloudflare Workers. Per-request user IPs are hashed (HMAC-SHA256 with a rotating secret) on arrival and the hash is used only as a rate-limit bucket key with a 60-second TTL. The raw IP is never written to KV, logs, or any datastore we own. Workers Logs (“Observability”) is disabled on every public-facing worker as of 2026-04-16. We do not build advertising profiles or sell personal data.

Site Search (Cloudflare Workers AI)

When you use the site search feature, your search query is sent to our Cloudflare Worker which uses Cloudflare Workers AI to generate a semantic embedding for matching against our content index. Query text is processed in real time and is not stored, logged, or shared with any third party. The AI model runs entirely within our Cloudflare account — no data leaves Cloudflare’s infrastructure. Search results may be cached briefly (up to 1 hour) to improve performance, using only the query text as a cache key.

AI Content Assistance Tools

We use AI tools including Claude (by Anthropic) and Perplexity to assist with content writing, research, code generation, and fact-checking. These tools are used by the operator in an offline capacity only. No visitor data, search queries, or personal information is shared with these AI services. All AI-assisted content is reviewed, fact-checked, and approved by the site founder before publication.

4. Data Controller

The data controller for this website is:

Name: Marius Madar (known as: Marius, The Master Of Disaster)
Location: Oradea, Bihor, Romania
Email: [email protected]
Supervisory Authority: ANSPDCP (Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal) — dataprotection.ro

For full operator details, see our Impressum / Legal Information page.

5. Purposes of Processing

We process limited technical and communication data for specific operational purposes:

Analytics: Understanding page demand, traffic patterns, and product usage at an aggregate level.
Feedback totals: Counting article votes and feedback signals so we can improve content quality.
Outbound click counts: Measuring which directory listings people actually use.
Swap activity: Tracking aggregate comparison activity and redirect interactions needed to operate the swap tool responsibly.
Live visitor heartbeats: Estimating how many visitors are active on the site right now and keeping that feature reliable.
Semantic search: Processing search queries so the site can return relevant results.
Direct email correspondence: Responding when you contact us by email.
Security and abuse prevention: Rate limiting, reliability monitoring, and basic technical fraud/abuse controls.

6. Legal Bases for Processing

Where the GDPR applies, we rely primarily on the following legal bases:

Legitimate interests (Art. 6(1)(f)): Site security, anti-abuse controls, aggregate analytics, first-party telemetry, live visitor heartbeats, and semantic search operations needed to run and improve the website.
Performance of a contract / pre-contract steps (Art. 6(1)(b)): When you email us with a question, we process your message to respond to you at your request — a pre-contract step initiated by you.
Legal obligation (Art. 6(1)(c)) or legitimate interests where applicable: Recordkeeping, dispute handling, and compliance with applicable law.

Balancing test for legitimate interests: Where we rely on Art. 6(1)(f), we have balanced our interests against your rights and freedoms. Given the minimal, temporary, and non-sensitive nature of the data we process (aggregated, IP-hashed, short retention), we consider our legitimate interest is not overridden by your rights. You can object to processing under Art. 6(1)(f) at any time (Art. 21).

We do not rely on advertising consent banners because we do not use advertising cookies or behavioral advertising trackers.

7. Recipients / Processors

We keep the processor surface intentionally small. Depending on the feature you use, data may be processed by:

Cloudflare: For Pages hosting, Workers, Web Analytics, Workers AI search, and supporting storage/caching infrastructure. Cloudflare’s Data Processing Addendum is available at cloudflare.com/cloudflare-customer-dpa.
Microsoft 365 (via GoDaddy): Hosts our email ([email protected] and [email protected]) for standard email communication if you contact us directly.
Third-party swap providers and external listing websites: For details on these data flows, see Section 3: Third-Party Services above.

Cloudflare operates a global network. Data processed through Cloudflare Workers and analytics may transit through data centers outside the European Economic Area. Cloudflare maintains Standard Contractual Clauses (SCCs) and other safeguards compliant with GDPR Chapter V for international transfers.

We do not sell personal data, rent audience lists, or share personal data with advertising networks to build marketing profiles.

8. Your Rights

Under the GDPR, you may have the right to:

Access (Article 15): Ask what personal data we hold about you, especially if you contacted us directly by email.
Rectification (Article 16): Ask us to correct inaccurate personal data.
Erasure (Article 17): Request deletion of personal data we control, such as email correspondence, subject to legal or operational retention needs.
Restriction (Article 18): Ask us to limit certain processing in appropriate cases.
Portability (Article 20): Request your personal data in a portable format where applicable.
Objection (Article 21): Object to certain processing where legitimate interests are used as the legal basis.

Because much of our analytics and telemetry is aggregated or temporary, some rights may apply only to data that can reasonably be linked to you, such as direct email correspondence.

Automated Decision-Making (Article 22): We do not engage in automated decision-making, including profiling, that produces legal or similarly significant effects on individuals.

9. Retention Periods

We aim to keep data only for as long as it is actually useful for the feature involved:

Live visitor heartbeat identifiers: Up to 90 seconds of inactivity, as described by the feature itself.
Search cache entries: Up to 1 hour for query-result performance.
Aggregate feedback, vote, click, and usage totals: Retained in aggregate form for product history and measurement, not as personal profiles.
Technical anti-abuse / rate-limit data: Retained only as long as operationally needed for security and reliability.
IP addresses and user agents (first-party API requests): Retained for a maximum of 7 days for security, rate-limiting, and abuse prevention, then deleted or anonymized. IP addresses are not used for tracking, advertising, or building user profiles.
Cloudflare Web Analytics data: Retained by Cloudflare for up to 6 months per their data retention policy. See Cloudflare's privacy documentation for details.
Email correspondence: Retained for up to 3 years from the date of last contact, unless longer retention is required by law, or deleted on request where appropriate.

10. Cookies and Browser Storage

We do not use cookies — no analytics cookies, no advertising cookies, no session cookies.
Some features use browser-native storage (localStorage and sessionStorage) for performance caching and temporary session data. These are not cookies, are never transmitted to our servers, and are fully described below.

Local Storage (localStorage)

We use your browser's localStorage to cache site data locally for performance — for example, listing data, education reading progress, swap rate comparisons, and your last swap comparison selection (currency and amount, 24-hour cache). This data stays on your device, is never transmitted to our servers, and can be cleared at any time through your browser settings. It is not used for tracking or advertising.

Live Visitor Counter

We display an anonymous count of active visitors to foster a sense of community. This uses a random, temporary session identifier stored in your browser tab only (sessionStorage, not cookies). It is operational telemetry, not advertising tracking. The identifier is automatically deleted when you close the tab and expires on our server within 90 seconds of inactivity.

11. Data Storage & Security

Our stack is intentionally lightweight, but it still uses limited storage and processing for core site operations:

No user-account database: We do not operate account registration or personal user profiles.
Limited browser storage: Some features may use temporary browser storage such as sessionStorage.
Limited server-side processing: We use server-side infrastructure for anonymous analytics, feedback aggregation, outbound click counts, rate limiting, semantic search, and live-visitor heartbeats.
Standard email storage: If you email us, your message is stored in Microsoft 365 (our email provider, hosted via GoDaddy) as part of normal email infrastructure.

We use reasonable technical and organizational measures appropriate to the limited amount of data we handle, but no internet service can promise absolute security.

12. Children's Privacy

Our website is not directed at children, and we do not knowingly seek personal information from anyone under 18. If you're a parent or guardian and believe a child has shared personal data with us, contact us at [email protected].

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or for legal compliance. Updates will be posted on this page with a revised "Last Updated" date at the top. Significant changes will be announced on our homepage.

14. Data Breach Notification

In the unlikely event of a data breach affecting personal data, we will:

Notify the relevant supervisory authority within 72 hours as required by GDPR Article 33
Notify affected individuals without undue delay where the breach poses a high risk to their rights (GDPR Article 34)
Document the breach, its effects, and remedial actions taken

Because we do not store personal data beyond hashed rate-limit keys and aggregate counters, the realistic scope of any breach is extremely limited.

15. Contact and Complaints

This website is operated by Marius, The Master Of Disaster. For full legal operator details, see our Impressum / Legal Information page.

Questions about this Privacy Policy? Contact us:

Email: [email protected]
Response Time: We aim to respond within 48 hours, up to 30 days where GDPR rights requests apply.
Supervisory authority (Romania): ANSPDCP — www.dataprotection.ro
GDPR complaint right: You may also lodge a complaint with the supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.
EU ODR platform: ec.europa.eu/consumers/odr (online dispute resolution for EU consumers — alongside [email protected]).

"We believe privacy is a fundamental right. That's why we built this platform to minimize data collection, avoid profiling you, and keep site telemetry as limited and transparent as possible. Bitcoin is about financial freedom. Your data freedom matters just as much."

𝕏 @YouBuyBitcoin