Privacy Policy

Overview

ahamirror is a behavioral finance tool that helps crypto traders audit their trading impulses. We are committed to protecting your privacy. This policy explains how we handle data in compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

Zero Retention Policy

ahamirror operates on a strict Zero Retention principle. When you submit text for an impulse audit:

• Your input text is processed in memory only and is never written to any database or server storage.
• No user input is persisted to our database (Cloudflare D1) or any other server-side storage.
• Once the audit response is returned, your input text is discarded from server memory.
• We cannot retrieve, replay, or reconstruct any text you have submitted.

Data We Collect

No Personally Identifiable Information (PII)

We do not collect, store, or process any personally identifiable information. This includes but is not limited to: names, email addresses, phone numbers, IP addresses, or precise geolocation data.

Anonymous Analytics

We use Cloudflare Web Analytics exclusively for anonymous traffic statistics. Cloudflare Web Analytics does not use cookies, does not track individual users, and does not collect PII. It provides only aggregate page view and visitor counts.

Anonymous Conversion Data

We record anonymous, aggregate conversion events (e.g., which template was shown, whether a button was clicked) to improve our template quality. These events contain only template IDs and aggregate metrics — never any information linkable to an individual.

Local Browser Storage

We store a minimal anonymous session in your browser's localStorage. This includes: a random session ID (UUID), audit history counts (bias types only, not your input text), visit count, and a pricing tier assignment. This data never leaves your browser and is never uploaded to any server. Clearing your browser data removes it entirely.

Legal Basis for Data Processing

Under GDPR Article 6, our legal basis for processing is:

• Legitimate interest (Art. 6(1)(f)): Processing anonymous, aggregate conversion data to improve our service quality. This processing is minimal, does not involve PII, and poses no risk to data subjects.
• Consent (Art. 6(1)(a)): For Cloudflare Web Analytics, we inform users via a consent banner on first visit. Users may dismiss the banner to acknowledge.
• Contract performance (Art. 6(1)(b)): Processing your input text in memory to deliver the audit result you requested. This data is not stored.

Your Rights (GDPR Data Subject Rights)

Under GDPR, you have the following rights:

• Right of access (Art. 15): You may request a copy of any personal data we hold about you. Since we collect no PII and store no user input, there is no personal data to provide.
• Right to erasure (Art. 17): You may request deletion of your personal data. Since we store no personal data server-side, there is nothing to delete. You can clear your browser localStorage at any time to remove local session data.
• Right to data portability (Art. 20): You may request your data in a portable format. As we hold no personal data, this right is satisfied by default.
• Right to object (Art. 21): You may object to data processing. You can disable JavaScript or use a browser extension to block Cloudflare Web Analytics if you wish.
• Right to restriction (Art. 18): You may request restriction of processing. Since we process no personal data, this is inherently satisfied.

Data Retention

• User input text: Not retained. Processed in memory only, discarded immediately after response.
• Local session data: Stored in your browser's localStorage only. Cleared when you clear browser data. Never uploaded to any server.
• Anonymous conversion metrics: Retained as aggregate statistics (template performance data) with no link to individuals.
• Cloudflare Web Analytics: Managed by Cloudflare under their privacy policy. No cookies, no PII.

Third-Party Services

• Cloudflare Web Analytics: Anonymous traffic statistics only. No cookies, no tracking pixels, no PII collection.
• Cloudflare Pages & Workers: Hosting and serverless compute. Subject to Cloudflare's privacy policy.
• No other third-party analytics: We do not use Google Analytics, Facebook Pixel, Hotjar, or any other third-party tracking service.

Crypto Payments

Payments are processed via USDC on the Base blockchain. We interact with your wallet only to complete the payment transaction. No payment credentials or wallet information is stored locally or on our servers after the transaction completes. Blockchain transactions are public by nature of the Base network.

Security

All data is transmitted over HTTPS exclusively. HTTP connections are automatically redirected to HTTPS via Cloudflare. We do not support plaintext HTTP connections.

Contact

For privacy-related inquiries or to exercise your data subject rights, contact us at: privacy@ahamirror.com