Privacy Policy
Last updated: 8 April 2026
Short version: We collect the minimum we need to deliver overlay alerts, process payments, and improve the Service. We don't sell your data. We use trusted processors (Stripe for payments, Brevo for email, Telegram for delivery). You can request deletion at any time.
Contents
1. Who we are
Profitmaxxer ("we", "us", "our") is operated by Daniel Smith from New Zealand. The Service is available at profitmaxxer.com.
2. What data we collect
2.1 Account data
- Email address (required for sign-up)
- Telegram user ID (when you link the bot)
- Access code (issued by us)
- Optional: name, country, time zone (if you choose to provide them)
2.2 Subscription & payment data
- Subscription tier and status
- Stripe customer ID and subscription ID (for card payments)
- Crypto wallet addresses (if you pay by BTC/USDT — used to verify the transaction only)
- We do not store full credit card numbers — Stripe handles all card data and is PCI-DSS compliant.
2.3 Usage data
- Filter preferences (buy-in range, sites, etc.)
- Notification history (which alerts were sent to you)
- Bot command history (for support and abuse prevention)
2.4 Web analytics & advertising data
- Pages visited on profitmaxxer.com
- Referring URL (where you came from)
- Approximate location (country, region, city — derived from IP)
- Device type, browser, screen size
- UTM parameters (utm_source, utm_medium, utm_campaign, utm_content, utm_term)
- Click identifiers (fbclid, gclid, ttclid, twclid) when you arrive from an ad
- Scroll depth and time on page
- Conversion events (sign-up, trial start, paid)
3. Why we collect it
We collect data to:
- Deliver overlay and late-reg alerts to your Telegram
- Process subscription payments and issue refunds
- Send service emails (welcome, receipts, account updates)
- Prevent fraud, abuse, and account sharing
- Measure marketing performance so we know which channels work
- Improve the Service based on aggregate usage patterns
4. Legal basis (GDPR / UK GDPR)
- Contract: processing required to deliver the Service you subscribed to.
- Legitimate interest: measuring marketing performance, preventing abuse, improving the product.
- Consent: non-essential cookies and advertising pixels (you may opt out — see below).
- Legal obligation: tax and accounting records.
5. Third-party processors
We use the following sub-processors, all of which have their own privacy policies:
- Stripe — payment processing. stripe.com/privacy
- Brevo (formerly Sendinblue) — transactional and marketing email. brevo.com/legal/privacypolicy
- Telegram — alert delivery. telegram.org/privacy
- Cloudflare — DNS, CDN, DDoS protection. cloudflare.com/privacypolicy
- Hetzner — server hosting (Germany). hetzner.com/legal/privacy-policy
- Meta — advertising pixel for retargeting. facebook.com/privacy/policy
- Google — Google Analytics 4 for site analytics. policies.google.com/privacy
- TikTok — advertising pixel for retargeting. tiktok.com/legal/page/global/privacy-policy
6. Cookies & tracking pixels
We use cookies and similar technologies to:
- Keep you signed in
- Remember your preferences
- Measure traffic via Google Analytics 4
- Run advertising via Meta Pixel and TikTok Pixel (retargeting visitors who didn't sign up)
You can opt out of advertising cookies at any time via your browser settings or the opt-out tools at optout.aboutads.info and youronlinechoices.eu.
7. How long we keep data
- Account data: while your account is active + 12 months after deletion (for fraud prevention)
- Payment records: 7 years (legal requirement for tax)
- Web analytics data: 14 months
- Marketing pixel data: 90 days from last visit
8. Your rights
If you are in the EU, UK, California, or another jurisdiction with data protection laws, you have the right to:
- Access the data we hold about you
- Correct inaccurate data
- Request deletion of your data ("right to be forgotten")
- Object to processing for marketing purposes
- Request data portability (we'll send you a JSON export)
- Lodge a complaint with your local data protection authority
To exercise any of these rights, email [email protected] with the subject line "Data request". We'll respond within 30 days.
9. Children
The Service is not directed at children. We do not knowingly collect data from anyone under 18. If you believe a child has provided us with personal information, contact us and we will delete it.
10. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date reflects the most recent version. Material changes will be communicated via email or the Telegram bot.
11. Contact
Privacy questions or data requests: [email protected]
Profitmaxxer — operated by Daniel Smith, New Zealand.