Privacy Policy

Last updated: December 31, 2025

1. Introduction

Nakamoto.be ("we," "us," or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website, our services, and our tools, including the CryptoLegacy Scanner.

As an association de fait based in Uccle, Belgium, we comply with the General Data Protection Regulation (GDPR) and Belgian data protection laws.

2. Data Controller

Data Controller: Nakamoto.be Association de fait Based in Uccle, Belgium Email: [email protected]

3. Information We Collect

3.1 Information You Provide Directly

• Contact information (name, email address)
• Information provided during meetup registrations
• Comments or messages you send to us
• Newsletter subscription data

3.2 Information Collected Automatically

When you visit our website, we may collect:

• IP address and location data
• Browser type and version
• Operating system
• Pages visited and time spent on our site
• Referring website
• Device information

3.3 Information from Third Parties

• Information from meetup platforms (if you register through external services)
• Social media information (if you interact with us on social platforms)

3.4 Information Processed via CryptoLegacy Scanner (Google User Data)

When you use our CryptoLegacy Scanner tool, we process specific data accessed via the Google Gmail API:

• Scope: We access your Gmail data in "Read-Only" mode (gmail.readonly).
• Data Accessed: We analyze email headers, sender addresses, subject lines, and metadata to identify interactions with cryptocurrency platforms.
• Volatile Processing: This data is processed in volatile memory or locally on your device to generate the audit report. We do not store, save, or retain the content of your emails on our servers.

4. Legal Basis for Processing

We process your personal data based on:

• Consent: When you voluntarily provide information, subscribe to services, or authorize the CryptoLegacy Scanner via OAuth.
• Legitimate Interest: For website analytics and improving our services.
• Contract Performance: When providing requested services or information.

5. How We Use Your Information

We use your personal data to:

• Provide information about Bitcoin inheritance
• Organize and communicate about meetups
• Send newsletters (with your consent)
• Improve our website and services
• Respond to your inquiries
• Comply with legal obligations
• Generate Audit Reports: Specifically for CryptoLegacy Scanner users, to list identified digital asset platforms.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

6.1 Service Providers

Third-party services that help us operate our website and services:

• Website hosting providers
• Email service providers
• Analytics services (e.g., Google Analytics)

6.2 Legal Requirements

We may disclose your information if required by law or to:

• Comply with legal process
• Protect our rights or property
• Ensure user safety
• Prevent fraud or illegal activities

6.3 No Sharing of Google User Data

Notwithstanding the above, data obtained via the Google Gmail API (for CryptoLegacy Scanner) is never shared with third parties, advertising platforms, or data brokers. It is used solely for the user-facing feature of generating the report.

7. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Adequacy decisions by the European Commission
• Standard Contractual Clauses
• Binding Corporate Rules

8. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Contact information: Until you request deletion or unsubscribe
• Website analytics: 26 months maximum
• Meetup information: 2 years after the last meetup attendance
• Legal compliance: As required by applicable laws
• CryptoLegacy Scanner Data: Zero Retention. Data accessed via the Gmail API is discarded immediately after the audit session is closed or the report is generated. We do not store this data on our servers.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

9.1 Access

Right to know what personal data we have about you

9.2 Rectification

Right to correct inaccurate or incomplete data

9.3 Erasure ("Right to be Forgotten")

Right to request deletion of your personal data

9.4 Restriction of Processing

Right to limit how we use your data

9.5 Data Portability

Right to receive your data in a portable format

9.6 Objection

Right to object to processing based on legitimate interests

9.7 Withdrawal of Consent

Right to withdraw consent at any time (where processing is based on consent)

10. How to Exercise Your Rights

To exercise any of these rights, contact us at:

• Email: [email protected]
• Subject line: "Data Protection Request"

We will respond to your request within 30 days.

11. Cookies and Tracking Technologies

11.1 Essential Cookies

Necessary for website functionality

11.2 Analytics Cookies

Help us understand how visitors use our site (with your consent)

11.3 Marketing Cookies

Used for newsletter and communication purposes (with your consent)

You can manage cookie preferences through your browser settings.

12. Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption of data in transit and at rest
• Regular security assessments
• Access controls and authentication
• Staff training on data protection

13. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children under 16.

14. Data Breach Notification

In case of a personal data breach that poses a risk to your rights and freedoms, we will:

• Notify the Belgian Data Protection Authority within 72 hours
• Inform affected individuals without undue delay
• Take immediate measures to contain the breach

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on our website with an updated "Last updated" date. Significant changes will be communicated via email to registered users.

16. Contact Information

For questions about this Privacy Policy or our data practices:

Data Protection Contact: Nakamoto.be Email: [email protected] Subject: Privacy Policy Inquiry

Belgian Data Protection Authority: Website: www.autoriteprotectiondonnees.be Email: [email protected]

---

17. Google API Services Compliance (CryptoLegacy Scanner)

CryptoLegacy Scanner's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically regarding your Google User Data:

1. Limited Use: We only use the gmail.readonly scope to scan for specific sender signatures related to digital assets. We do not use this data for any other purpose.
2. No Transfer: We do not transfer your data to others unless necessary to provide or improve these user-facing features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets.
3. No Advertising: We do not use or transfer your Google User Data for serving advertisements, including retargeting, personalized, or interest-based advertising.
4. No Human Interaction: We do not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the app's internal operations and even then only when the data have been aggregated and anonymized.

---

This Privacy Policy is available in English. In case of conflicts between translations, the English version shall prevail.