· Privacy Policy ← Home

Privacy Policy

Last updated: 2026-04-23 · Effective: 2026-04-23

CASH.BOT ("we", "us", "our") respects your privacy. This policy explains what personal information we collect, why we collect it, who we share it with, and how you can exercise your rights under GDPR, CCPA/CPRA, and other applicable privacy laws.

1. Who We Are

CASH.BOT is operated as a sole proprietorship in the United States. For privacy questions, contact privacy@cash.bot or write to the postal address at the end of this policy.

2. Information We Collect

2.1 Information you give us

2.2 Information collected automatically

2.3 Information from third parties

3. How We Use Your Information

4. Legal Bases (GDPR, UK GDPR)

Where GDPR applies, we rely on: (a) performance of a contract with you (to deliver the service you signed up for); (b) legitimate interests (to secure our systems, prevent fraud, improve the product); (c) your consent (for marketing email and non-essential cookies, where required); and (d) legal obligation (tax records, court orders).

5. Sharing & Sub-processors

We never sell your personal information. We share data only with vendors who process it on our behalf ("sub-processors") or when required by law.

Sub-processorPurposeData
AnthropicAI model (Claude)Prompts + attached content you send
OpenAI / OpenRouterAI model fallbackPrompts + attached content you send
RailwayApplication hostingAll data processed by the service
CloudflareCDN, DDoS protection, DNSIP, user-agent, request metadata
StripeCard paymentsCard details, billing address, email
PayPalPayPal paymentsName, email, transaction amount
ResendTransactional emailEmail address, message body
VultrOptional customer VPS (if you BYO key)Nothing — keys are yours

We also disclose information when compelled by a subpoena, court order, or government request; and to protect rights, safety, or property.

6. International Transfers

We operate in the United States. If you use CASH.BOT from the EEA, UK, or Switzerland, your data is transferred to, and stored in, the US. We rely on Standard Contractual Clauses (SCCs) with sub-processors that support them.

7. How Long We Keep Data

8. Your Rights

Depending on where you live, you have the right to:

To exercise a right, email privacy@cash.bot from the address on your account; we respond within 30 days (45 days for CCPA requests that require extension).

9. California Residents (CCPA / CPRA)

In the past 12 months we have collected the categories of personal information listed in Section 2, for the purposes listed in Section 3, from the sources listed in Section 2. We have not sold or shared personal information for cross-context behavioural advertising. California residents have the rights described in Section 8, plus the right to non-discrimination for exercising those rights.

10. Children

CASH.BOT is not for users under 13. We do not knowingly collect personal information from children under 13 (COPPA). If we learn we have collected such data, we delete it. If you believe a child under 13 has given us data, email privacy@cash.bot. Some features (e.g. the social casino at casino.cash.bot) require users to be 18 or older.

11. Security

We use TLS in transit, encryption at rest for sensitive fields (BYOK keys, session tokens), WAL-mode SQLite with nightly snapshots, rate-limiting, and tiered access controls. No system is perfectly secure; if a breach affects your data we will notify you without undue delay as required by law.

12. Do Not Track

We do not respond to browser "Do Not Track" signals because there is no industry consensus on how to interpret them. You can disable non-essential cookies in your browser; doing so will not affect essential session/auth functionality.

13. Changes to this Policy

If we make material changes, we will update the "Last updated" date at the top and, where required by law, notify you by email or in-product notice at least 7 days before the change takes effect.

Contact
Email: privacy@cash.bot
Support: cash.bot/support
Postal: CASH.BOT — mail the above address for the current postal contact.