Privacy Policy

CoinsOnCards ("we", "us", "our") operates the website coinsoncards.com (the "Site"). This Privacy Policy explains what personal data we collect when you use the Site, how we use it, who we share it with, and the rights you have over it.

For privacy questions or requests, contact us at privacy@coinsoncards.com.

We collect only what is necessary to operate and improve the Site:

• Usage data — pages viewed, referring URL, device type, browser, approximate location (country/region from IP), timestamps. Collected via cookies and analytics tools.
• Newsletter data — if you sign up, your email address and the date you subscribed.
• Contact data — if you email us, the contents of your message and your email address.
• Advertising identifiers — cookies and similar identifiers used by Google and other advertising partners to measure and serve ads, where you have consented.

We do not knowingly collect data from children under 16 and the Site is not directed at children.

• To operate, maintain and secure the Site.
• To measure traffic and improve content and performance.
• To send the newsletter you opted into, and only that.
• To respond to your messages and support requests.
• To measure and, where applicable, serve advertising (including via Google Ads and Google Analytics) based on consent.
• To comply with legal obligations and enforce our Terms.

• Consent — for non-essential cookies, advertising and the newsletter.
• Legitimate interests — for site security, fraud prevention and aggregate analytics that do not identify you.
• Legal obligation — to comply with applicable law.

You can withdraw consent at any time using the cookie banner or by unsubscribing from the newsletter.

We use three categories of cookies:

• Strictly necessary — required to load the Site, remember your country selection and respect your cookie choices. Always on.
• Analytics — Google Analytics 4 to understand aggregated traffic. Set only with consent.
• Advertising — Google Ads and remarketing tags to measure ad performance and, where enabled, show relevant ads. Set only with consent.

You can change or revoke cookie consent at any time via the cookie banner. Most browsers also let you block or delete cookies in settings.

We use Google services including Google Analytics 4, Google Ads, and Google's remarketing and conversion tags. With your consent, Google may set cookies and process identifiers to:

• measure visits to the Site that originate from Google Ads,
• show CoinsOnCards ads on Google properties and partner sites you visit,
• build and use audience lists for remarketing.

We use Google Consent Mode v2 to communicate your consent choices to Google. You can opt out of personalised Google ads at Google My Ad Center and opt out of Google Analytics with the Google Analytics Opt-out Browser Add-on.

Google's own privacy policy is available at policies.google.com/privacy.

We never sell personal data. We share limited data only with:

• Hosting and infrastructure providers that run the Site.
• Analytics and advertising providers listed above, subject to consent.
• Email delivery providers for the newsletter.
• Authorities where required by law, court order or to protect rights and safety.

Our service providers may process data outside your country, including in the United States. Where required, transfers are covered by Standard Contractual Clauses or other safeguards approved under GDPR / UK GDPR.

Analytics data is retained for up to 14 months. Newsletter subscriptions are kept until you unsubscribe. Support emails are retained for up to 24 months. Backups follow a rolling 30-day cycle.

Depending on where you live, you have the right to:

• access the personal data we hold about you;
• correct inaccurate data;
• delete your data ("right to be forgotten");
• restrict or object to processing;
• data portability;
• withdraw consent at any time;
• lodge a complaint with your data protection authority.

California residents have additional rights under the CCPA/CPRA including the right to know, delete and opt out of "sharing" of personal information. We do not sell personal information. To exercise any right, email privacy@coinsoncards.com.

We apply industry-standard technical and organisational measures including TLS in transit, access controls and least-privilege principles. No system is perfectly secure; if you believe your data has been compromised, contact us immediately.

We may update this Privacy Policy from time to time. Material changes will be highlighted on the Site. The "Effective" date at the top reflects the latest version.

CoinsOnCards — privacy enquiries: privacy@coinsoncards.com. See also our Terms.