Privacy Policy

Last Updated: November 7, 2025

1. Introduction

Short the Long ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy complies with the EU General Data Protection Regulation (GDPR).

2. Data Controller

Short the Long is the data controller responsible for your personal data.

3. Data We Collect

We collect and process the following personal data:

• Email address: To send service access links and communications
• Solana wallet address: To verify payment and prevent duplicate subscriptions
• Transaction signature: Blockchain proof of payment
• Payment amount and pricing data: SOL amount, USD/EUR value at time of payment
• Subscription date: When you subscribed
• IP address (temporary): For rate limiting admin login attempts (not stored long-term)

4. Legal Basis for Processing

We process your data based on:

• Contract performance: To provide the Service you purchased
• Consent: You explicitly consent when checking the GDPR checkbox
• Legitimate interests: Fraud prevention and service security

5. How We Use Your Data

Your data is used to:

• Send your Telegram group invite link
• Verify payment and prevent duplicate subscriptions
• Maintain subscriber records for accounting and legal compliance
• Prevent fraud and abuse
• Comply with legal obligations

6. Data Security

Your data is encrypted using AES-256 encryption and stored securely on our servers. We implement industry-standard security measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal data.

7. Data Retention

We retain your personal data for:

• Active subscriptions: Duration of your lifetime access
• After termination: Up to 7 years for accounting and legal compliance (EU tax law requirements)
• IP addresses: Deleted after 24 hours (only used for rate limiting)

8. Data Sharing

We do not sell or share your personal data with third parties, except:

• Telegram: Your email is not shared; you join via invite link
• Email service (Brevo): To send your invite link
• Legal obligations: If required by law or court order

9. Your GDPR Rights

Under GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure ("Right to be forgotten"): Request deletion of your data (subject to legal retention requirements)
• Restriction: Limit how we process your data
• Data portability: Receive your data in a structured format
• Object: Object to processing based on legitimate interests
• Withdraw consent: Withdraw consent at any time (does not affect prior processing)

10. Exercising Your Rights

To exercise your GDPR rights, contact us via Telegram support. We will respond within 30 days.

11. Cookies

We use minimal cookies for essential functionality only (session storage for admin login). No tracking or advertising cookies are used.

12. International Transfers

Your data is stored within the EU. If transferred outside the EU, we ensure adequate safeguards are in place.

13. Children's Privacy

Our Service is not intended for individuals under 18. We do not knowingly collect data from children.

14. Changes to This Policy

We may update this Privacy Policy. Continued use of the Service constitutes acceptance of the updated policy.

15. Supervisory Authority

You have the right to lodge a complaint with your local EU Data Protection Authority if you believe your data protection rights have been violated.

16. Contact

For privacy-related questions or to exercise your rights, contact us via Telegram support.

← Back to Home