Only your email (to deliver the code) and, for physical cards, your shipping address. No banking data, no advertising trackers.

Near-anonymous. We only need your email. However, public blockchains (Bitcoin, Ethereum) are traceable: anyone watching your wallet can see you paid us. For maximum anonymity, use Lightning Network or a never-doxed wallet.

From €1,000 per transaction or €5,000 cumulative monthly, we request a simple identity verification (ID + selfie) via Sumsub. Imposed by European anti-money laundering regulations.

TLS 1.3 encryption in transit, encryption at rest for card codes, European infrastructure (Postgres in Germany, frontend worldwide), admin access protected by 2FA + IP allow-list.

Received funds are automatically moved to cold wallet under MPC custody with a specialized partner. Already-delivered card codes are deleted within 7 days. Minimal personal data limits breach impact.

Orders: 18 months (for support). Invoices: 5 years (accounting obligation). Card codes: deleted after delivery confirmation. Tracking cookies: none.

Yes. Email [email protected], we delete your data within 30 days, except for accounting data the law requires us to keep for 5 years.