Privacy Policy

Last updated: 13 June 2025

1. About Us

2. What Personal Data We Collect

  • Basic & contact data
    • Name, e-mail address
    • Provided when you subscribe to our newsletter or fill out a Webflow form
  • On-chain identifiers
    • Bitcoin or Citrea wallet addresses you voluntarily submit (e.g., bug-bounty or points campaigns)
  • Online identifiers
    • IP address, device IDs, cookie IDs, and X (Twitter) Handles for points campaigns.
    • Captured by Google Analytics 4 (GA4) via Google Tag Manager (GTM)
  • Usage & behavioral data
    • Pages viewed, clicks, scroll depth, referring URL
    • Logged by GA4 via GTM
  • Communication data
    • Contents of messages you send us (Discord, X/Twitter, e-mail)

You are under no legal obligation to provide this data, but certain features (e.g., newsletter delivery or cookie-dependent services) will not work without it.

3. How We Collect Data

  • Direct interactions — forms, newsletter sign-up, social media messages
  • Automatic tracking — cookies, pixels, similar technologies
  • Service-provider reports — aggregated analytics from GA4
  • Public sources — public blockchain activity you share with us

4. Why We Process Data & Legal Bases

  • Operate, secure, and improve the Website
    • Legal basis: Legitimate interest (Art. 6 (1)(f) GDPR)
  • Send newsletters and product updates
    • Legal basis: Consent (Art. 6 (1)(a)) — can be withdrawn any time
  • Analyse site usage (GA4)
    • Legal basis:
      • Consent for non-essential cookies
      • Legitimate interest for purely functional cookies
  • Respond to enquiries and provide support
    • Legal basis: Contract or pre-contract steps (Art. 6 (1)(b))
  • Comply with legal obligations
    • Legal basis: Legal obligation (Art. 6 (1)(c))

5. Newsletter

  • When you join our “Stay up to date” form:
    • We store your e-mail address.
    • Periodic updates are sent via mail.
    • Each e-mail contains a one-click Unsubscribe link.
    • Open rates and link clicks are measured (web beacons) to improve content.

6. Cookies & Similar Technologies

Our banner lets you Reject All, Accept All, or customize the following categories:

  • Functionality (essential; up to 12 months)
    • Stores choices like language or cookie-consent state
  • Analytics Storage (requires consent; 1 day – 13 months)
    • Helps us understand how visitors use the site
  • Ad Storage / Ad User Data / Ad Personalisation (requires consent; up to 13 months)
    • Used only if we run advertising campaigns in future
  • Personalization Storage (requires consent; up to 13 months)
    • Remembers preferences to tailor content
  • Security Storage (essential; up to 12 months)
    • Detects and prevents abuse or bugs

You can delete or block cookies via your browser settings at any time.

7. Google Tag Manager (GTM) & Google Analytics 4 (GA4)

  • GTM
    • Purely a container; does not set its own cookies.
  • GA4 (IP-anonymization enabled)
    • Collects: IP address, device info, referrer URL, pages viewed, button clicks.
    • Main cookies:
      • _ga (13 months) — distinguishes users
      • _ga_<ID> (13 months) — stores session state
      • _gid (1 day) — counts page views
    • Data may be processed on Google LLC servers in the USA under EU Standard Contractual Clauses.
    • Opt-out options:
      • Refuse “Analytics” cookies in our banner.
      • Install Google’s browser add-on (https://tools.google.com/dlpage/gaoptout).

8. Social Media & External Links

  • We maintain pages on: X (Twitter), GitHub, Discord.
  • When you visit those platforms, their own privacy policies apply.
  • Our Website also links to Citrea and other third-party sites; we are not responsible for their content or privacy practices.

9. Data Sharing & International Transfers

We share personal data only with:

  • Hosting & CDN: Cloudflare (USA → EU/US)
  • Analytics: Google LLC (USA)
  • Security & Monitoring: Cloudflare, Sentry

Transfers outside the EEA/Switzerland rely on EU Standard Contractual Clauses or adequacy decisions.

10. Retention

  • We keep personal data only as long as necessary for the purposes listed above.
  • Once no longer needed, data is deleted or fully anonymized.
  • Newsletter addresses are erased immediately upon unsubscribe.

11. Security

  • Encryption in transit and at rest
  • Role-based access controls
  • Regular penetration testing and monitoring
  • No internet transmission is 100 % secure; please protect your own devices.

12. Your Rights

  • Access, rectification, erasure, restriction, and portability
  • Withdraw consent at any time (future processing only)
  • Object to processing based on legitimate interest
  • Lodge a complaint with a supervisory authority

To exercise any right, contact [email protected]. We may request verification.

California (CCPA/CPRA) — You may know, delete, correct, and opt-out of “sharing”/“selling” personal info. We do not sell personal data.

13. Children

  • The Website is not intended for children under 16.
  • If you believe we have data from a child, contact us and we will delete it.

14. Changes to This Policy

  • We may update this Policy periodically.
  • The “Last updated” date shows the current version.
  • Significant changes will be announced via the Website or e-mail where possible.

15. Contact


E-mail: [email protected]

Join the newsletter
Stay up to date with everything Nectra.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Company logo

About us

Nectra's nUSD is the first stablecoin backed purely by Bitcoin and its values, making it possible to spend in fiat, while saving Bitcoin.

Follow us

Twitter logoInstagram logoYouTube logo
Product
App
Borrow
Leverage
Earn
Build
Docs
GitHub
Help
Support
Terms of ServicePrivacy Policy