CapySMS

Privacy Policy

Last Updated: January 3, 2025

1. Introduction

CapySMS ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SMS verification service ("Service").

By using our Service, you consent to the data practices described in this policy. If you do not agree with these practices, please do not use our Service.

We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA).

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Password (stored in encrypted/hashed form)
  • Account preferences and settings

2.2 Technical and Log Data

We automatically collect certain information for security, fraud prevention, and service improvement:

  • IP Addresses: Registration IP and login IPs
  • Timestamps: Date and time of all account activities
  • Device Information: Browser type, operating system, device identifiers
  • Session Data: Session tokens, login duration, activity logs
  • Referral Data: How you arrived at our Service

2.3 Transaction Data

When you make purchases, we collect:

  • Cryptocurrency wallet addresses
  • Transaction IDs and amounts
  • Purchase history and service usage records
  • Phone numbers requested and verification status

2.4 Communications

If you contact us, we may retain:

  • Support tickets and correspondence
  • Feedback and survey responses

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Provision

  • To create and manage your account
  • To process transactions and provide phone verification services
  • To communicate with you about your account and services

3.2 Security and Fraud Prevention

  • To detect, prevent, and investigate fraud, abuse, and security threats
  • To enforce our Terms of Service and Acceptable Use Policy
  • To implement rate limiting and other protective measures
  • To verify user identity and prevent unauthorized access

3.3 Legal Compliance

  • To comply with applicable laws, regulations, and legal processes
  • To respond to lawful requests from authorities
  • To protect our legal rights and interests

3.4 Service Improvement

  • To analyze usage patterns and improve our Service
  • To develop new features and services
  • To conduct internal research and analytics

4. Legal Basis for Processing (GDPR)

For users in the EEA, we process personal data under the following legal bases:

  • Contract Performance: Processing necessary to provide our Service to you
  • Legitimate Interests: Processing for fraud prevention, security, and service improvement, where these interests are not overridden by your rights
  • Legal Obligation: Processing required to comply with applicable laws
  • Consent: Where you have given explicit consent for specific processing activities

5. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing or commercial purposes.

5.2 Service Providers

We may share limited data with trusted third-party service providers who assist us in operating our Service:

  • Payment processors (cryptocurrency exchanges, Mollie if applicable)
  • Hosting and infrastructure providers
  • Security and fraud prevention services

These providers are bound by confidentiality agreements and may only use your data as necessary to perform services on our behalf.

5.3 Legal Requirements

We may disclose your information to authorities if:

  • Required by law, regulation, court order, or legal process
  • Necessary to respond to lawful requests from government agencies or law enforcement
  • Necessary to protect our rights, property, or safety, or those of others
  • Necessary to investigate suspected violations of our Terms

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

6. Data Retention

We retain your personal data for as long as necessary to:

  • Provide our Service to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Maintain security and prevent fraud

Specific retention periods:

  • Account data: Retained while your account is active, plus a reasonable period after deletion
  • Transaction records: Retained for a minimum of 7 years for legal and tax compliance
  • Security logs: Retained for up to 2 years for fraud prevention and security purposes

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure password hashing algorithms
  • Access controls and authentication mechanisms
  • Regular security assessments
  • Monitoring for suspicious activities

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

8.1 GDPR Rights (EEA Users)

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw previously given consent

8.2 Exercising Your Rights

To exercise any of these rights, please contact us at dlabseu@gmail.com. We will respond to your request within 30 days.

Note: Certain rights may be limited where we have legal obligations to retain data or legitimate interests that override your request.

8.3 Right to Complain

If you believe we have violated your privacy rights, you have the right to lodge a complaint with your local data protection authority.

9. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Essential Cookies: Necessary for Service functionality (authentication, security)
  • Analytics: To understand how users interact with our Service

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. When transferring data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by relevant authorities
  • Other lawful transfer mechanisms

11. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

For significant changes, we may notify you via email or through our Service.

13. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

Privacy Inquiries: dlabseu@gmail.com

General Support: dlabseu@gmail.com

Website: https://capysms.com

For GDPR-related requests, we aim to respond within 30 days.

← Back to HomeTerms of Service →