Privacy Policy

Last Updated: December 20, 2025

This Privacy Policy explains how BTC Tools (the “Service”, “we”, “us”) processes information when you use our non-custodial Bitcoin utility website.

Operator name (for privacy notices): BTC Tools Operator
Privacy contact: support@btc-tools.xyz

1. Non-Custodial Notice

• We do not request or access private keys, seed phrases, or wallet passwords.
• We do not custody or control your digital assets.
• If you use a wallet (browser extension, mobile wallet, hardware wallet, etc.), signing typically occurs in your wallet software.

2. Important Notice About Public Blockchain Data and URLs

2.1 Public blockchain data

Bitcoin transaction data is public and immutable on the blockchain. We cannot modify or delete blockchain records.

2.2 URLs may contain blockchain identifiers

The Service is designed such that Bitcoin addresses and/or transaction IDs (TXIDs) may appear in page URLs.

This means:

• The full URL (including address/TXID) may be processed by systems necessary to deliver the page (e.g., your browser, network infrastructure, and our hosting/security providers).
• When your browser interacts with third parties (ads, APIs, external links, wallet software, etc.), those third parties may receive referrer information which could include the full URL (and therefore address/TXID), depending on browser behavior and configuration.
• If you share a link, anyone with the link can view the address/TXID contained in it.

If you are not comfortable with addresses/TXIDs appearing in URLs, you should not use the Service.

3. Information We Process (Categories)

We do not require user registration for basic use. However, the following categories of information may be processed when you use the Service.

3.1 Technical and network data

• IP address
• Browser type, user agent, operating system
• Request metadata (including requested path/URL, which may contain address/TXID)
• Performance and reliability signals (e.g., load timing, error rates, etc.)

3.2 Blockchain identifiers and related inputs

Depending on how you use the Service, we may process:

• Bitcoin addresses, TXIDs, and other public on-chain identifiers
• Public on-chain data derived from those identifiers
• Inputs you provide for tool functionality (e.g., transaction data/PSBT/hex, fee parameters, recipient address, etc.)

3.3 Wallet connection and wallet-provided data (if you choose to connect)

If you use wallet-related features, wallet software (e.g., browser extensions, etc.) may make available to the Service:

• Public address(es) and/or public key material (depending on wallet behavior and permissions you approve)
• Message signatures (if you approve signing)
• Transaction/PSBT data you ask the wallet to sign or broadcast
• Connection state (connected/disconnected) in your session

We do not receive your private keys or seed phrases.

3.4 Diagnostics and error reports (may include blockchain identifiers)

If the Service encounters errors, diagnostic data may include:

• Error messages, stack traces, runtime context
• Page route and full URL (which may contain address/TXID)
• In some cases, values present at the time of the error (which may include wallet addresses, TXIDs, or other inputs)

4. How We Use Information

We may use the categories of information above to:

• Provide, operate, and secure the Service (including abuse prevention and reliability)
• Debug, maintain, and improve functionality
• Fetch and display blockchain-related information needed for tool outputs
• Provide optional features you choose to use (including wallet-based flows, etc.)
• Display advertising to support the Service
• Maintain operational records needed to run the Service (e.g., status/entitlement flags, anti-abuse signals, accounting/anti-fraud records, etc.)

5. Legal Bases (EU/EEA/UK – if applicable)

Where the GDPR applies, we rely on one or more of the following legal bases depending on context:

• Legitimate interests: for security, abuse prevention, service reliability, and basic operation.
• Contract / steps at your request: to provide optional features or outputs you request through the Service.
• Consent: where required by applicable law (for example, if certain technologies require consent in a given jurisdiction).

6. Sharing and Third-Party Processing

We use third parties and infrastructure services to operate the Service. These third parties may process information under their own terms/policies, or under contractual arrangements depending on the service type.

6.1 Hosting, security, and analytics providers

We use infrastructure providers for hosting, content delivery, security, and site analytics (e.g., Cloudflare, etc.). These providers may process:

• IP address and network metadata
• Request URLs/paths (which may contain address/TXID)
• Security/performance telemetry and analytics

6.2 Error monitoring providers

We use error monitoring services (e.g., Sentry, etc.) to capture and analyze failures. We may configure such services to reduce collection of certain identifiers, but:

• error events may still contain URLs and application context, which may include wallet addresses and TXIDs;
• providers may also process network-level metadata as part of providing their service.

6.3 Advertising providers

We display ads using third-party ad services (e.g., A-Ads via embedded iframe, etc.).

• When ads load, the ad provider may receive IP address and device/browser information.
• Depending on browser behavior, the ad provider may also receive referrer information.
• Based on our current integration tests for our current ad setup, we did not observe Set-Cookie response headers being set during ad rendering, but we cannot guarantee this will always remain the case.
• If you click an ad, you may be redirected to third-party destinations that may use cookies or similar technologies under their own policies.

6.4 Third-party blockchain data services (browser-to-third-party requests)

The Service may rely on third-party blockchain data providers and APIs (e.g., mempool.space, UniSat APIs, etc.). Due to our architecture, some requests may be made directly from your browser to those providers.

As a result, those providers may receive:

• the queried address/TXID (and related identifiers),
• your IP address,
• your user agent,
• and potentially referrer information (depending on browser behavior and settings).

We do not control what those providers store or how long they retain it.

6.5 Wallet software providers

Wallets/extensions are independent software you install and control (e.g., OKX Wallet, UniSat Wallet, etc.). Wallet providers may have their own telemetry and network requests and may process information under their own policies. We do not control their data practices.

6.6 Our own services (backend, APIs, indexers, etc.)

We may operate our own backend services, APIs, and indexers to support the Service. These systems may process:

• IP address, request metadata, and URLs/paths (which may include address/TXID),
• operational records necessary to provide the Service and prevent abuse,
• feature-related inputs you submit (if any).

7. Cookies, Local Storage, and Similar Technologies

We may use minimal client-side storage (e.g., Local Storage and/or necessary cookies) to:

• remember preferences (theme, language, etc.),
• maintain basic state needed for features you use (e.g., UI state, status flags, etc.).

Third parties (ads, blockchain APIs, wallet software, external sites, etc.) may use their own cookies or similar technologies under their own policies.

8. Data Retention

We aim not to retain information longer than reasonably necessary.

• Our systems: We retain logs and operational records for security, reliability, debugging, and service operation for the minimum period we consider necessary, then delete or aggregate them where feasible.
• Third parties: Providers (hosting/security/analytics, error monitoring, ads, blockchain APIs, wallets, etc.) may retain data according to their own policies and configurations, which we do not control.

Because URLs may contain address/TXID and errors may include address/TXID, some records (including third-party records) may contain blockchain identifiers.

9. Region-Specific Notices and Rights

9.1 EU/EEA/UK (GDPR)

If you are in the EU/EEA/UK, you may have rights such as access, rectification, erasure, restriction, portability, objection, and the right to lodge a complaint with a supervisory authority. We will respond to requests where feasible, taking into account practical limitations described in Section 9.5.

9.2 United States (California – CCPA/CPRA)

We provide this notice to describe categories of information collected, purposes, and disclosures.

• No sale / sharing (in general): We do not intentionally sell personal information for money. We do not intentionally share personal information for cross-context behavioral advertising as defined by CPRA based on our current setup. If this changes, we will update this Policy and implement applicable opt-out mechanisms.
• Global Privacy Control (GPC): If your browser sends a GPC signal, we will treat it as an opt-out preference to the extent applicable.
• California residents may have rights such as the right to know, delete, correct, and opt out of sale/sharing where applicable.

9.3 Singapore (PDPA)

For PDPA inquiries, the privacy contact in this Policy serves as our data protection contact point.

9.4 Mainland China

This Service is not intended for, nor directed at, residents of Mainland China. If you access the Service from Mainland China, you do so on your own initiative and you are responsible for complying with local laws and regulations. We do not promote or solicit use of the Service in Mainland China.

9.5 Practical limitations for rights requests

We do not operate user accounts and blockchain identifiers may appear in multiple systems (including third parties). We may not be able to identify or delete all records related to a particular address/TXID, especially where stored by third parties. We will respond to requests regarding information under our direct control where feasible.

To submit a request: support@btc-tools.xyz

10. Security

We use reasonable security measures such as TLS/HTTPS and edge protections. No method of transmission or storage is 100% secure.

11. International Use

The Service is accessible globally. Providers and systems involved in operating the Service may process data in multiple countries.

12. Changes to This Policy

We may update this Policy from time to time. The “Last Updated” date indicates the most recent revision.

13. Contact

Privacy questions and requests: support@btc-tools.xyz

This document is provided for informational purposes and does not constitute legal advice. For advice on your specific situation, consult qualified counsel in your jurisdiction.