Whale Me Up! LogoWhale Me Up!

Privacy Policy

Effective Date: August 1, 2025

This Privacy Policy describes how Whale Me Up! ("we," "us," or "our"), an application operated by Carlos Bustamante Bozzi, collects, uses, and shares information about you when you use our website, application, and services (collectively, the "Service").

Your privacy is important to us, and we are committed to protecting it. This policy will explain what data we collect and why, how we protect it, and the rights you have concerning your personal information.

1. Information We Collect

We collect information in a few different ways to provide and improve our Service. We have categorized this for clarity.

A. Information You Provide to Us Directly:

  • Account Information: When you register for a Whale Me Up! account, we collect your email address and a hashed password. If you sign up using Google OAuth, we receive your email address from Google to create your account; we do not receive or store your Google password.

B. Information We Collect Automatically When You Use the Service:

  • Widget Configurations: We store the data related to the widgets you create, such as the cryptocurrency pairs you are tracking, your alert thresholds, and other custom settings. This is essential for the Service to function.
  • Usage and Log Data: Like most web services, our servers automatically collect log data when you use the Service. This data includes your IP address, browser type, and the date and time of your requests. We use this information for security, debugging, and to prevent abuse of the Service.
  • Push Notification Tokens: If you grant the Service permission to send you push notifications, we will collect a unique, anonymous token associated with your device. We use this token solely to send you the alerts you have configured. You can revoke this permission at any time in your device or browser settings.
  • Usage Analytics: Our frontend application is hosted on Firebase (a Google service). This infrastructure may collect standard, non-personally identifiable analytics data, such as device type, operating system, and general user interactions with the application. This helps us understand how our Service is used so we can improve it.

C. Information for Anonymous Users:

  • If you use the Service without creating an account, we associate your widget configurations with a temporary, anonymous ID. This data is automatically deleted 72 hours after your last session.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Maintain the Service: To authenticate you, save your configurations, send you alerts, and ensure the core functionality of the application.
  • To Communicate With You: To send you essential transactional emails, such as password resets, account verification, and important notices about the Service. We will not send you marketing emails without your explicit consent.
  • To Improve Our Service: To analyze usage patterns, diagnose technical problems, and develop new features.
  • For Security and Safety: To monitor for and prevent fraudulent or malicious activity and to protect the integrity of our Service.

3. Data Sharing and Third-Party Services

We do not sell, rent, or trade your personal information with third parties for their marketing purposes. We only share data with a limited number of trusted third-party service providers who help us operate the Service.

Our third-party partners include:

  • Google: We use Google for OAuth authentication, allowing you to sign up and log in with your Google account. We also use Firebase for hosting our frontend application.
  • Brevo: We use Brevo to send all transactional emails.
  • Monterotondo (Italy): Our backend application and database are hosted on virtual machines we own at this location.

These third parties are contractually obligated to protect your data and are prohibited from using it for any purpose other than providing services to us.

4. Data Storage, Security, and Retention

  • Security: We implement industry-standard security measures to protect your information. This includes using HTTPS (SSL/TLS encryption) for all data transmitted between your device and our servers and hashing all user passwords before they are stored in our database.
  • Storage: Your data is processed and stored on secure servers located within the European Union.
  • Retention: We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected.
    • Account Data: Your email and widget configurations are retained as long as your account is active.
    • Account Deletion: If you choose to delete your account, we will initiate a 30-day grace period. During this time, you can restore your account by logging in. After 30 days, your account and all associated personal data will be permanently deleted from our systems.
    • Server Logs (IP Addresses): We retain server logs containing IP addresses for 90 days for security and diagnostic purposes, after which they are automatically deleted.

5. Your Data Rights

As a user, you have rights over your personal data. Given our operation within the EU, we honor the following rights inspired by the GDPR:

  • Right to Access: You have the right to request a copy of the personal information we hold about you.
  • Right to Rectification: You have the right to correct any inaccurate or incomplete personal information.
  • Right to Erasure (The "Right to be Forgotten"): You have the right to delete your account and personal data at any time through the settings in the application.

To exercise any of these rights, you can use the tools provided in your account settings or by contacting us directly at support@whalemeup.com.

6. Cookie Policy

We use cookies for essential purposes only. Cookies are small text files stored on your device. We use them for:

  • Session Management: To keep you logged in as you navigate the Service.
  • Authentication: To securely verify your identity when you log in.

By using our Service, you agree to the use of these essential cookies. We do not use cookies for tracking, advertising, or marketing purposes.

7. Children's Privacy

Our Service is not intended for or directed at individuals under the age of thirteen (13). We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it immediately.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you either by email or by posting a prominent notice within the Service before the change becomes effective. We encourage you to review this policy periodically.

9. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please do not hesitate to contact us at: support@whalemeup.com.