We collect your email (for account & alerts) and the Bitcoin addresses you tell us to watch.

No private keys. Ever.

We log service usage (e.g., login, API calls) to keep systems secure and reliable.

You can delete addresses or close your account at any time.

1. 1. Account Information:Email address, hashed password or OAuth identifier, and optional display name.
2. 2. Watched Blockchain Data:Bitcoin addresses and/or extended public keys (xpub/xpub‑like). These are required to monitor transactions.
3. 3. Alert Preferences:Mempool vs. confirmation alerts, confirmation depth, notification frequency.
4. 4. Usage & Log Data:IP address (short‑term for security/rate limiting), device/browser info, timestamps, API usage metrics.
5. 5. Cookies & Local Storage:Session tokens, preference flags (e.g., dark mode, language).

Send you email alerts when monitored addresses receive or send BTC.
Authenticate and secure your account.
Provide dashboards, address histories, and transaction details.
Detect abuse, spam, or API misuse.
Improve performance & product features (aggregated/anonymous analytics where possible).

1. 1. Contract:We process data to deliver the services you request (monitoring & alerts).
2. 2. Legitimate Interests:Security, fraud prevention, product improvement.
3. 3. Consent:Email marketing (if you opt in separately).

Watched addresses: retained until you remove them or close your account.
Email & account: retained while account active; deleted or anonymized within 30 days of confirmed closure (backups may persist for up to 90 days).
Logs: typically 30–180 days unless required for security or legal reasons.

Depending on your location, you may have rights to access, correct, export, or delete your data; object to processing; or withdraw consent. Contact us to exercise these rights.

Your information may be processed in countries other than where you reside. We use safeguards (e.g., standard contractual clauses) when transferring personal data across borders where legally required.

We use encryption in transit (HTTPS), segmented infrastructure, rate limiting, and least‑privilege access. No storage of private keys—ever.

21Clock is not intended for use by children under 16. If we learn we collected data from a minor without consent, we will delete it.

We may update this Privacy Policy from time to time. Material changes will be announced via email or in‑app notice. The date at the top shows the latest revision.

Privacy Requests
21Clock
Email: privacy@21clock.com