Privacy Policy
Last updated . This policy describes what CryptoRefCodes collects, why, how long we keep it, and your rights.
Who we are
CryptoRefCodes is an independent affiliate site operated by Artūras Pileckis (LinkedIn). For privacy inquiries, email hello@cryptorefcodes.com.
Data we collect
| Data | Purpose | Legal basis | Processor | Retention |
|---|---|---|---|---|
| Server access logs (IP, user-agent, referrer, request path, status) | Security, abuse detection, debugging | Legitimate interests | Hostinger VPS / Caddy (in-EU) | Up to 30 days |
Affiliate click logs (/go/binance/ timestamp, IP, UA, referrer, placement, intent, destination) | Affiliate attribution, debugging | Legitimate interests | Hostinger VPS | 30-90 days |
| GA4 event data (page views, calculator interactions, affiliate clicks) | Aggregated traffic analysis | Consent | Google Analytics 4 | 2 or 14 months (GA4 setting) |
| YouTube embed cookies (when video clicked-to-load) | Video playback | Consent | YouTube (we use youtube-nocookie.com) | Set by YouTube |
| Consent preference (accepted/denied) | Honor your analytics choice | Strictly necessary | localStorage in your browser | Until you clear or change |
| Geo banner dismissal | Don't re-show banner you've dismissed | Strictly necessary | First-party cookie geo_dismissed | 30 days |
| Email correspondence (if you write to us) | Reply to inquiries / corrections | Legitimate interests | Email provider | Up to 24 months unless legally required |
No accounts, no payments, no forms. CryptoRefCodes does not have user accounts, does not process payments, and does not host contact forms in the MVP. Contact happens via email, which has its own data handling above.
What /go/binance/ does
Every affiliate link on the site routes through our server endpoint at
/go/binance/. Before redirecting you to Binance, we may log the request
timestamp, IP address, user-agent, referrer, the placement (which CTA you clicked), the
intent (new signup or pre-KYC), and the outbound destination.
This logged data is used for: security (abuse detection on the redirect endpoint) and affiliate attribution debugging. We then redirect you (HTTP 302) to the Binance signup URL with whitelisted UTM parameters appended.
Binance may set their own cookies on their domain after you arrive there — that's governed by Binance's privacy policy, not ours.
What we don't receive from Binance
We do not receive: your password, KYC documents, wallet balances, trading history, or full account data. Depending on the Binance affiliate dashboard, we may receive limited referral/conversion metadata such as: signup status (verified/not), commission amount, country/region category, referral ID, and trading-volume tier (aggregated).
Consent Mode v2 implementation
We use Google Consent Mode v2 in basic mode, not advanced. This means:
- GA4 and YouTube embeds do not load until you accept the consent banner
- Default state for all consent categories is
denied - Granular consent: we only request analytics consent (no advertising cookies)
- YouTube embeds use the privacy-enhanced
youtube-nocookie.comdomain after click-to-load - Your consent state is stored in browser
localStorage - You can reopen the consent banner anytime via the "Privacy choices" link in the footer
Your rights
Under GDPR, UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), and the Australian Privacy Principles (where applicable), you may have rights to access, correct, or delete the data we hold about you. Note that Binance is a separate data controller; requests about your Binance data must go to Binance directly.
To exercise your rights, email hello@cryptorefcodes.com with the subject "Privacy request." You can also:
- Decline the consent banner (or clear
localStoragein your browser) to opt out of analytics anytime - Use a browser that respects the Global Privacy Control (GPC) signal — we honor GPC where implemented
- Lodge a complaint with your data protection authority (e.g., your country's data protection regulator)
CCPA-specific: We do not sell or share personal information for cross-context behavioral advertising.
Geo source
We use Caddy's MaxMind GeoIP2 module on our server to determine visitor country (for the geographic warning banner shown to US/UK/India/Netherlands visitors). Your IP address is used solely for country lookup; the result is passed to the page render but not stored beyond the access-log retention above.
We do not use Cloudflare, so no CF-IPCountry data is involved.
Children's privacy
CryptoRefCodes is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has accessed the site and shared personal data, contact us and we will delete it.
Changes to this policy
We may update this policy as the site evolves. When we do, we update the "Last updated" date at the top and log the change. Substantive changes will be noted in a brief changelog here:
- : initial policy published
Last updated · About · Disclosure · Terms · Contact