Privacy Policy
Last updated: January 2026. KYC Not was built so that we would never need to know who you are. This policy explains precisely what that means in practice — what we do collect, what we never collect, and why.
1. Our Privacy Commitment
KYC Not was designed from the ground up around a single architectural principle: collect the absolute minimum data required to process a swap, and retain it for the shortest time operationally feasible. This is not a slogan — it is a structural choice embedded in every layer of how this platform works. We cannot be compelled to disclose, breach, or monetise data that we never gathered in the first place.
This Privacy Policy describes with precision what technical data we do collect to execute your exchange, what we categorically do not collect under any circumstances, how collected data is handled, and which third-party services have any contact with your information and exactly why.
2. Data We Never Collect — Under Any Circumstances
The following categories of personal data are never collected, stored, processed, or transmitted by KYC Not at any stage of the swap process:
- Your full name, first name, surname, or any name identifier
- Email address or any other contact information
- Phone or mobile number
- Government-issued identity documents — passport, national ID card, driver's licence
- Facial recognition data, selfies, or biometric identifiers of any kind
- Home address, postal code, city, or country of residence
- Persistent user profiles, accounts, usernames, or login credentials
- Cross-session tracking data or device fingerprints
- Advertising identifiers or third-party analytics cookies
- Social media profiles or linked external accounts
3. Data We Do Collect to Process Your Swap
To execute a cryptocurrency exchange on your behalf, we temporarily store the following technical data within your active PHP session:
- Deposit address: A unique, one-time address generated specifically for your order to receive your incoming funds.
- Destination wallet address: The address you provided where your converted cryptocurrency is sent once the swap completes.
- Currency pair and amount: The two cryptocurrencies involved in your swap and the transaction amount.
- Order timestamp: The date and time the order was created, used for rate-locking and order expiry logic.
- Order ID: A randomly generated alphanumeric identifier (e.g. ORD-A3F7B2C1) used solely to track the status of your swap.
This data exists exclusively within your browser session for the operational duration of your exchange. It is not linked to any persistent user identity, external profile, or personal account — and it cannot be connected back to you as an individual by anyone, including us.
4. Server Logs
Our web server infrastructure generates standard access logs that typically include IP addresses, HTTP request paths, timestamps, and user agent strings. These logs are generated automatically and are used solely for operational purposes: diagnosing errors, preventing abuse, and monitoring platform health. They are not processed for user profiling, not shared with third parties, and are deleted on a rolling basis as soon as operationally practical.
If network-level anonymity is a priority for you, we recommend using a VPN or the Tor network when accessing our service. Both are fully compatible with KYC Not and are never restricted or throttled.
5. Third-Party Services
We use a small number of third-party services to operate the platform. Below is a complete disclosure of each:
- KuCoin API: Used to fetch live cryptocurrency exchange rates in real time. No personal data, wallet addresses, or order information is transmitted to KuCoin through this integration.
- QR Server (api.qrserver.com): Used to generate QR code images for deposit addresses shown on your order page. The deposit address string is sent to this service solely for QR code image generation. No additional data is included in this request.
- Google Fonts: Used to serve web typography. Standard font resource requests are made to Google's content delivery network when pages on our site are loaded.
We do not use Google Analytics, Facebook Pixel, Hotjar, Mixpanel, Segment, or any other behavioural analytics, advertising, or user-tracking technology of any kind.
6. Cookies
We use exactly one cookie: the PHP session cookie. This is a standard server-side session identifier that allows your browser to maintain the state of your active order across pages — so you can navigate between order creation and order status without losing your swap details. It contains no personal information whatsoever and expires automatically when you close your browser tab or window.
We do not use advertising cookies, tracking pixels, retargeting cookies, analytics cookies, or any persistent cookies of any description.
7. Data Retention
Order session data is stored only for the duration of your active browser session. When your session ends — whether you close the browser, the session times out, or the order completes — the session data is no longer accessible. We do not maintain a long-term database of completed orders linked to any user identity. There is no archive of your transaction history on our systems.
8. Data Sharing and Disclosure
We do not sell your data. We do not rent your data. We do not share your data with third parties for marketing, advertising, analytics, or any commercial purpose of any kind.
In the event we receive a legally valid order, subpoena, or other compulsory legal process requiring disclosure of information, we will comply to the extent legally required. Given the minimal data we collect and the session-based, non-persistent nature of order data, any such disclosure would be extremely limited in scope. By architecture, we simply do not retain the kind of comprehensive user data that most exchanges hold.
9. Security Measures
All connections to KYC Not are encrypted via HTTPS/TLS. Every order uses a freshly generated, unique deposit address — addresses are never reused across orders or users. We do not store private keys or sensitive cryptographic material in our database. Session data is isolated per-user by the PHP session management layer.
10. Minors
Our Service is intended exclusively for individuals aged 18 and over. We do not knowingly collect any information from persons under the age of 18. If you are under 18, please do not use this Service.
11. Policy Updates
We may update this Privacy Policy periodically as the service evolves or legal requirements change. All updates will be posted on this page with a revised effective date. Your continued use of the Service following any update constitutes acceptance of the revised policy.
12. Contact
For privacy-related questions, concerns, or requests, please contact us at support@kycnot.finance.