KryptoBOSS Policy
DE EN

Privacy Policy

This policy explains how personal data is processed in connection with Nexus Hub / KryptoBOSS internal tools (social publishing, analytics, and membership/payment administration).

1. Data Controller

Controller under applicable data protection law:

KryptoBOSS
Email: kontakt@krypto-boss.de

2. Processing Purposes

  • Publishing and managing social content (for example upload, scheduling, and status tracking).
  • Operating internal analytics functions for performance and quality monitoring.
  • Managing membership and payment flows where required for service delivery.
  • Technical operations, troubleshooting, and abuse prevention.

3. Data Categories

  • Account/profile information (for example platform IDs, usernames, account status).
  • Content data (uploaded videos/files plus titles, descriptions, tags, schedules).
  • Technical data (for example status records, event logs, timestamps, API errors).
  • Payment and membership data from Whop (for example membership status, invoices, payments, refunds), as necessary.
  • Social analytics data (for example views, impressions, reach), when enabled and available.

4. Data Sources

Data originates from user input and official APIs, especially Meta/Instagram, YouTube, and Whop.

5. Retention and Deletion

  • Uploads are stored temporarily and removed after successful transfer or after a defined TTL.
  • Logs/events are minimized and retained only for a limited period (reference: up to 180 days).
  • Data is deleted or anonymized when no longer required, unless legal retention obligations apply.

6. Data Sharing

Data is shared only where required to provide requested functions (for example uploads or insights through platform APIs). Personal data is not sold.

7. International Transfers

Global platform services may process data in third countries (including the United States). Where required, transfers are based on suitable safeguards such as Standard Contractual Clauses or applicable platform terms.

8. Legal Bases

  • Art. 6(1)(b) GDPR for service performance.
  • Art. 6(1)(f) GDPR for legitimate interests (secure and efficient operations).
  • Art. 6(1)(a) GDPR where consent is required.

9. Security Measures

  • Access restrictions and role-based permissions (least privilege).
  • Secure handling of secrets and API tokens.
  • Webhook signature validation and integrity checks.
  • Encryption at rest where supported by the infrastructure.

10. No Cookies / No Tracking

This website does not use cookies, analytics trackers, or external tracking scripts.

11. Data Subject Rights

You may request access, rectification, deletion, restriction, objection, and data portability as provided by law. Contact: kontakt@krypto-boss.de.

GDPR requests are handled centrally via: kontakt@krypto-boss.de.

12. Updates

This policy may be updated when legal requirements, technical systems, or processing activities change.

Last updated: February 26, 2026