GDPR

GDPR Compliance Statement

Crypto Fortress News is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This page outlines how we handle your personal data, your rights under GDPR, and our compliance with Google AdSense requirements.

🇪🇺 EU Users Notice

If you are located in the European Union (EU) or European Economic Area (EEA), this section applies specifically to you. We process your personal data in compliance with GDPR requirements and obtain necessary consents for advertising and analytics purposes.

1. Data Controller Information

Data Controller: Crypto Fortress News
Website: https://cryptofortress.app
Contact Email: privacy@cryptofortress.app
Data Protection Officer: dpo@cryptofortress.app

2. Legal Basis for Data Processing

We process your personal data based on the following legal grounds under GDPR:

Processing Purpose Legal Basis Description
Google AdSense Advertising Consent (Art. 6(1)(a)) Explicit consent for personalized advertising and cookie placement
Google Analytics Consent (Art. 6(1)(a)) Consent for website analytics and performance tracking
Website Operation Legitimate Interest (Art. 6(1)(f)) Essential cookies and basic functionality
Newsletter Subscription Consent (Art. 6(1)(a)) Explicit opt-in consent for email communications
Legal Compliance Legal Obligation (Art. 6(1)(c)) Compliance with applicable laws and regulations

3. Google AdSense and GDPR Compliance

Google Consent Mode V2 Implementation

We have implemented Google Consent Mode V2 to ensure compliant data collection:

  • Analytics Storage: Controls Google Analytics data collection
  • Ads Storage: Controls advertising cookie storage and usage
  • Ad User Data: Controls sharing of user data for advertising purposes
  • Ad Personalization: Controls personalized advertising features

Opt-Out Options for EU Users

You can opt out of personalized advertising through:

4. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

🔍 Right to Access (Art. 15)

Request information about what personal data we process and obtain a copy of your data.

✏️ Right to Rectification (Art. 16)

Request correction of inaccurate or incomplete personal data.

🗑️ Right to Erasure (Art. 17)

Request deletion of your personal data under certain circumstances.

⏸️ Right to Restrict Processing (Art. 18)

Request limitation of processing your personal data in specific situations.

📦 Right to Data Portability (Art. 20)

Receive your personal data in a structured, machine-readable format.

❌ Right to Object (Art. 21)

Object to processing based on legitimate interests or direct marketing.

Automated Decision Making

We do not engage in automated decision-making or profiling that would significantly affect you under Article 22 of GDPR.

5. Data Collection and Processing

Personal Data We Collect

  • Directly Provided: Name, email address, contact information (forms, subscriptions)
  • Automatically Collected: IP address, browser type, device information, pages visited
  • Cookies: Google AdSense cookies, Google Analytics cookies, functional cookies
  • Advertising Data: Ad interaction data, targeting preferences, behavioral data

Purpose of Processing

  • Serving personalized advertisements through Google AdSense
  • Website analytics and performance improvement
  • Responding to user inquiries and providing customer support
  • Sending newsletters and updates (with consent)
  • Ensuring website security and preventing fraud

6. Data Sharing and International Transfers

Third-Party Data Sharing

We share your data with the following categories of recipients:

  • Google (AdSense & Analytics): For advertising and analytics purposes
  • Advertising Partners: Third-party ad networks and vendors
  • Service Providers: Technical service providers and hosting companies
  • Legal Authorities: When required by law or legal process

International Data Transfers

Data Transfer Safeguards:

When we transfer your data outside the EU/EEA (particularly to the United States for Google services), we ensure appropriate safeguards are in place:

  • Google's compliance with EU-US Data Privacy Framework
  • Standard Contractual Clauses (SCCs) where applicable
  • Adequacy decisions by the European Commission
  • Additional technical and organizational measures

7. Data Retention

We retain your personal data for the following periods:

  • Google AdSense Data: As per Google's data retention policies (typically 26 months)
  • Google Analytics Data: 26 months (configurable, can be shorter)
  • Contact Form Data: 3 years or until you request deletion
  • Newsletter Subscriptions: Until you unsubscribe or request deletion
  • Website Logs: 12 months for security purposes

8. Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

  • SSL/TLS encryption for data transmission
  • Access controls and authentication mechanisms
  • Regular security updates and patches
  • Data minimization practices
  • Staff training on data protection
  • Incident response procedures

9. Consent Management

10. Children's Privacy (Under 16)

Our website is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.

11. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have not complied with GDPR requirements. You can contact:

  • Your local data protection authority in the EU/EEA
  • The supervisory authority in the country where you reside
  • The supervisory authority where the alleged infringement occurred

Example EU Supervisory Authorities:

12. Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. We will:

  • Post updates on this page with a revised date
  • Notify users of significant changes through our website
  • Obtain new consent where required by law
  • Provide at least 30 days notice for material changes

13. Contact Us - Exercise Your Rights

📧 Data Protection Contacts

To exercise your GDPR rights or for data protection inquiries:

Primary Contact:
Email: privacy@cryptofortress.app
Subject Line: "GDPR Request - [Your Right]"

Data Protection Officer:
Email: dpo@cryptofortress.app

Contact Form:
https://cryptofortress.app/Contact

Response Time: We will respond to your request within 30 days (may be extended to 60 days for complex requests).

Required Information for Requests:

  • Full name and contact information
  • Specific right you wish to exercise
  • Description of your request
  • Proof of identity (when required)
Last updated: July 24, 2025
GDPR Compliance Effective: May 25, 2018
Advertise here