Introduction
Welcome to Drill.meme ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our cryptocurrency token analysis platform.
By using Drill.meme, you agree to the collection and use of information in accordance with this policy.
**Important**: Drill.meme is a read-only analysis tool. We never have access to your cryptocurrency wallets, private keys, seed phrases, or funds. We cannot see your wallet addresses or trading activity.
Information We Collect
1. Information You Provide Directly
- **Email address**: Required for account creation and authentication
- **Name**: Optional, for account personalization
- **Payment information**: Credit card details are processed securely through our payment processor (we never see or store your full card number)
- **Support communications**: Messages you send to our support team
- **Preferences**: Dashboard settings, notification preferences, and favorite tokens
2. Information Collected Automatically
- **Usage data**: Pages visited, features used, tokens viewed, time spent on platform
- **Device information**: Browser type and version, operating system, device type
- **Log data**: IP address, access times, referring URLs
- **Analytics data**: Aggregated usage patterns and feature interactions
- **Performance data**: Error logs, crash reports (anonymized)
3. Information We Do NOT Collect
- **Cryptocurrency wallet addresses**: We never ask for or store your wallet addresses
- **Private keys or seed phrases**: We have no access to your cryptocurrency accounts
- **Trading activity**: We cannot see your transactions or holdings
- **Passwords for other services**: We only manage your Drill.meme account credentials
- **Blockchain transaction data**: We do not monitor or record your on-chain activity
- **Personal identification documents**: No KYC verification required
How We Use Your Information
We use the information we collect for the following purposes:
- **Service Provision**: To provide and maintain the token analysis platform, including real-time alerts and historical data
- **Account Management**: To create and manage your account, process authentication, and handle subscription billing
- **Personalization**: To save your preferences, favorite tokens, and customize your dashboard experience
- **Payment Processing**: To process subscription payments through our payment processor
- **Communication**: To send service-related notifications, security alerts, and support responses
- **Analytics**: To understand how users interact with the platform and improve our services
- **Security**: To detect and prevent fraud, unauthorized access, and abuse of our services
- **Legal Compliance**: To comply with legal obligations, enforce our Terms of Service, and protect our rights
We do not use your data for cryptocurrency trading, market manipulation, or targeted advertising of third-party products.
Data Storage and Security
Where We Store Data
- **User account data**: Stored in Firebase Firestore (Google Cloud Platform, EU region)
- **Authentication credentials**: Managed by Firebase Authentication with industry-standard encryption
- **Payment information**: Stored by our payment processor (PCI-DSS compliant), not on our servers
- **Analytics data**: Anonymized and aggregated usage data stored by our analytics provider
Security Measures
- **Encryption in transit**: All data transmissions use TLS/SSL encryption (HTTPS)
- **Encryption at rest**: Sensitive data is encrypted using AES-256 encryption
- **Access controls**: Strict authentication and authorization for internal systems
- **Regular security audits**: Periodic vulnerability assessments and penetration testing
- **Secure password storage**: Passwords are hashed using bcrypt with salt
- **Firewall protection**: Network-level security to prevent unauthorized access
- **Automatic backups**: Regular encrypted backups to prevent data loss
Data Security Commitment
While we implement industry-standard security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but will notify you promptly of any data breach affecting your personal information, as required by law.
Data Sharing and Third Parties
**We do not sell, trade, or rent your personal information to third parties.** We may share your information only in the following limited circumstances:
- **Payment Processing**: Our payment processor handles subscription payments. They have access to your payment information but not your cryptocurrency activity.
- **Cloud Infrastructure**: Google Cloud Platform hosts our database and authentication services. They do not have access to unencrypted personal data. See Google Cloud Privacy Policy.
- **Analytics Services**: We use analytics tools to understand platform usage. All data is anonymized and aggregated.
- **Legal Requirements**: When required by law, court order, or government investigation
- **Protection of Rights**: To protect our rights, property, safety, or the rights of users
- **Business Transfers**: In connection with a merger, acquisition, or sale of assets (you will be notified)
- **With Your Consent**: When you explicitly agree to share information for a specific purpose
All third-party service providers are contractually obligated to protect your data and use it only for specified purposes.
Your Rights and Choices
You have the following rights regarding your personal data:
- **Access**: Request a copy of your personal data we hold
- **Correction**: Update or correct inaccurate information in your account settings
- **Deletion**: Request deletion of your personal data ("right to be forgotten")
- **Portability**: Receive your data in a machine-readable format (JSON)
- **Opt-out**: Unsubscribe from marketing emails (we don
- **Restrict Processing**: Limit how we use your data in certain circumstances
- **Object**: Object to certain types of data processing
- **Withdraw Consent**: Revoke previously given consent at any time
To exercise any of these rights, please contact us at contact@drill.meme. We will respond within 30 days.
Note: Deleting your account will permanently remove your personal data, preferences, and favorite tokens. This action cannot be undone.
GDPR and CCPA Compliance
For European Users (GDPR)
If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR). Our legal basis for processing your data includes: (1) consent you provide, (2) necessity to fulfill our contract with you, (3) legitimate business interests, and (4) legal obligations. You have the right to lodge a complaint with your local data protection authority.
For California Residents (CCPA)
California residents have specific rights under the California Consumer Privacy Act (CCPA):
- **Right to Know**: Request disclosure of what personal information we collect, use, and share
- **Right to Delete**: Request deletion of your personal information
- **Right to Opt-Out**: Opt-out of the sale of personal information (we do not sell your data)
- **Right to Non-Discrimination**: We will not discriminate against you for exercising your rights
To exercise your CCPA rights, contact us at contact@drill.meme. We will verify your identity before processing requests.
Children's Privacy
Drill.meme is not intended for users under the age of 18. Cryptocurrency trading involves financial risk and requires legal adulthood.
We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at contact@drill.meme. We will promptly delete such information from our systems.
Data Retention
We retain your personal information only as long as necessary to provide our services and fulfill the purposes outlined in this policy:
- **Active accounts**: Data retained while your account is active
- **Deleted accounts**: Personal data deleted within 30 days of account deletion
- **Usage analytics**: Anonymized and aggregated after 90 days
- **Support communications**: Retained for up to 2 years for quality assurance
- **Payment records**: Retained for 7 years as required by tax and financial regulations
- **Legal records**: Retained as required by applicable law
After the retention period, data is securely deleted or anonymized beyond recovery.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of any material changes by:
- Posting the updated Privacy Policy on this page
- Updating the "Last updated" date at the top of this policy
- Sending an email notification to your registered email address
- Displaying a prominent notice on the platform for significant changes
Your continued use of Drill.meme after changes become effective constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Data Protection Officer
Email: contact@drill.meme
Company: Drill.meme
Address: 60 rue François 1er, Paris, 75008, France
SIREN: 949990386
We will respond to all privacy-related inquiries within 30 days as required by GDPR and CCPA.
Acceptance of This Policy
By creating an account and using Drill.meme, you signify your acceptance of this Privacy Policy. If you do not agree to this policy, please do not use our service.
Your continued use of the platform following the posting of changes to this policy will be deemed your acceptance of those changes.