Privacy Policy — Satoshi: Cloud BTC Miner

Effective date: 2026-05-12
Last updated: 2026-05-12

This Privacy Policy explains how TECHN, UAB (the "Company", "we", "us", or "our") collects, uses, shares, and protects information when you use the Satoshi: Cloud BTC Miner mobile application for iOS (the "App" or "Service").

By downloading, installing, accessing, or using the App, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the App.

0. Definitions and Scope

This Privacy Policy applies to information processed by the Company in connection with the App, including when you: (a) install or use our iOS application, or (b) contact our support team. It does not apply to third-party sites, services, wallets, exchanges, app stores, or advertising partners that process data under their own privacy policies.

"Personal data" (or "personal information") means information that identifies, relates to, describes, or could reasonably be linked to an individual, as defined under the EU General Data Protection Regulation (Regulation (EU) 2016/679, the "GDPR") and the Lithuanian Law on Legal Protection of Personal Data. "Processing" means collecting, using, storing, sharing, or otherwise handling information.

The App is distributed exclusively on Apple's App Store and is available only on iOS devices. References in this Policy to platform-level controls (App Tracking Transparency, advertising identifiers, push notifications, etc.) refer to features provided by Apple iOS.

1. Data Controller

The data controller for your personal data is:

TECHN, UAB
Studentų g. 67
LT-51392 Kaunas
Republic of Lithuania
Email: privacy@techn.app

For general support inquiries, please contact support@techn.app. For privacy-specific requests (data access, deletion, objection, etc.), please use the privacy@techn.app address.

2. Information We Collect

2.1 Information you provide to us

Account and login information. When you create or connect an account, we collect identifiers such as your email address, your chosen display name (if provided), and information from your sign-in provider:

• If you sign in with Apple, we receive a unique Apple identity token, your email address (which may be Apple's private relay email if you choose to hide your real email), and optionally your name if you grant the corresponding scope.
• If you sign in with Google, we receive your Google account identifier and email address.
• If you sign up with email and password, we collect your email address and a salted password hash (never the plain password).

Support communications. If you contact us by email or through any in-app support channel, we collect your email address, the content of your message, and any other information you choose to provide so we can respond and troubleshoot.

Withdrawal details. If you request a Bitcoin withdrawal, we collect the destination Bitcoin address or Lightning destination you provide, the withdrawal amount, network metadata (chain, address format), timestamps, status, and identifiers needed to process the withdrawal through our Bitcoin payment processor.

Referral information. If you participate in our referral features, we process referral codes you generate and codes you apply, the resulting relationships between accounts, and reward events associated with referrals. We do not access your device contacts list and we do not require you to upload contacts to participate.

We do not collect government-issued identity documents, photographs, biometric data, or perform identity verification ("KYC") within the App. Any compliance verification that may be required in connection with Bitcoin withdrawals is performed externally by our Bitcoin payment processor under its own policies.

2.2 Information collected automatically

When you use the App, certain information is collected automatically:

Device and technical data. Device model, iOS version, device language, time zone, IP address, App version, and device or App identifiers. This includes the iOS Advertising Identifier (IDFA), which is accessed only if you grant tracking permission through the iOS App Tracking Transparency prompt (see Section 8.2). Without your tracking permission, IDFA is not shared with our advertising partners.

Usage data. App interactions such as screens viewed, buttons tapped, session timestamps, performance metrics, crash and diagnostic data, hashrate plan selections, rewarded-ad views, free trial activations, and other in-app events that help us understand how the App is used.

Log data. In case of errors or crashes, we may capture log data, which can include device information, IP address, and technical details about the state of the App at the time of the error.

Approximate location. We may infer an approximate location (city or country) from your IP address for security, fraud prevention, analytics, and regional content purposes. The App does not request or collect precise GPS location.

2.3 Information from third-party services

The App integrates with third-party services for authentication, payments, advertising, and platform operations. These providers may collect and process information in accordance with their own privacy policies. Specifically:

We do not control how these third parties process your data and we encourage you to review their respective privacy policies, which are linked from the App's Settings → Legal screen.

2.4 In-App Purchases and billing

Payments for hashrate plans are processed exclusively by Apple's In-App Purchase system. The App does not access or store your payment card details, billing address, or any other Apple ID payment information. From Apple, we receive transaction metadata such as product identifiers, original transaction identifiers, purchase and renewal timestamps, and entitlement status (whether a purchase is active, refunded, or revoked). Auto-renewable subscriptions generate server-to-server status notifications from Apple, which we process to keep your plan status accurate.

2.5 Information we generate or derive

We may create or derive information from other data we collect, including:

• Risk and fraud-prevention signals (e.g., multi-account detection patterns)
• Aggregated and anonymized usage statistics
• Internal reward and entitlement counters (e.g., daily streak status, active plan state, free-trial cooldown timers)
• Internal ledger entries reflecting your in-app rewards balance and withdrawal history

These derived records are part of how we operate the Service and are stored alongside your account record.

3. How We Use Your Information

We use the information we collect for the following purposes:

To provide and operate the App. Setting up and maintaining your account, providing access to in-app features, running our software-based rewards system (see Section 12), calculating in-app Bitcoin rewards according to our internal rules, processing withdrawal requests, applying loyalty and continuity mechanics (streaks, multipliers), and managing the referral program.

To improve and optimize the Service. Analyzing aggregated usage and performance, troubleshooting issues, monitoring stability, and developing new features.

To show ads and measure their performance. Including rewarded video ads that, when watched, grant temporary in-app boosts. Advertising partners may use device identifiers and contextual information to deliver and measure ads, subject to your App Tracking Transparency choice (see Section 8.2).

To communicate with you. Sending operational notices about the Service (for example, withdrawal status, subscription renewal reminders, security alerts), responding to support requests, and informing you about material changes to our policies or terms.

To prevent fraud and abuse. Detecting suspicious activity, enforcing our Terms of Use, preventing multi-account abuse and referral fraud, protecting account integrity, and complying with our and our payment processor's anti-fraud obligations.

Legal and compliance purposes. Complying with applicable laws and regulations, responding to lawful requests from competent authorities, and establishing, exercising, or defending our legal rights.

Aggregated and anonymized analytics. We may aggregate or anonymize information so it can no longer reasonably identify you, and use such information for product analytics, security, and reporting.

4. Legal Bases for Processing (GDPR Article 6)

As a controller established in Lithuania, we process personal data on one or more of the following legal bases under Article 6(1) of the GDPR:

• Performance of a contract (Art. 6(1)(b)) — to provide the App and its features at your request, including account management, hashrate plan activation, withdrawal processing, and customer support.
• Legitimate interests (Art. 6(1)(f)) — to improve the Service, prevent fraud and abuse, ensure information security, conduct aggregated analytics, and protect our rights, where these interests are not overridden by your rights and freedoms. You have the right to object to processing based on legitimate interests (see Section 8.1).
• Consent (Art. 6(1)(a)) — for cross-app tracking via the iOS App Tracking Transparency prompt and for any optional analytics or advertising technologies that require consent under applicable law. You can withdraw consent at any time through iOS Settings → Privacy & Security → Tracking, or through any in-app privacy controls we provide. Withdrawal of consent does not affect the lawfulness of processing before the withdrawal.
• Compliance with a legal obligation (Art. 6(1)(c)) — to comply with applicable laws, including accounting, tax, anti-money-laundering, and consumer-protection obligations under Lithuanian and European Union law.

For specific processing activities, the operative legal basis is identified in the corresponding row of our internal data processing register, which we make available to supervisory authorities upon request.

5. How We Share Your Information

We share your information with the following categories of recipients:

Service providers. Hosting and cloud-infrastructure providers, transactional email tools, advertising and mediation networks, security vendors, payment-processing providers, and app-store providers that help us operate the Service. These providers are bound by written agreements that restrict processing to purposes consistent with this Privacy Policy, applicable law, and our written instructions.

Advertising partners. When you view or interact with advertisements in the App, certain information (such as your device identifier when you have granted App Tracking Transparency permission, or contextual information about the ad placement) may be shared with our ad networks and their downstream partners, in accordance with Apple's platform rules and your tracking choices.

Bitcoin payment processor. When you initiate a withdrawal, we transmit the destination Bitcoin address or Lightning destination, the amount, and the relevant transaction metadata to our Bitcoin payment processor, which executes the settlement on the relevant blockchain network on your behalf. The payment processor operates as an independent service under its own privacy policy and applies its own compliance and fraud-prevention controls.

Public blockchain networks. When a withdrawal is settled, the resulting transaction is broadcast to a public blockchain (Bitcoin mainnet or, for Lightning Network withdrawals, the Lightning Network's underlying settlement layer). Information recorded on a public blockchain — including the destination address, the amount, and the timestamp — is publicly visible by design and cannot be deleted, modified, or revoked by us once recorded. Section 12 explains this in more detail.

Professional advisers and authorities. Where necessary, we may share information with our legal, tax, or other professional advisors, or with regulators, courts, or law-enforcement authorities where we are legally required to do so or where it is necessary to protect our rights or the rights of others.

Business transfers. In the event of a merger, acquisition, corporate reorganization, or sale of assets, your information may be transferred as part of that transaction. We will require the recipient to honor the commitments made in this Privacy Policy or notify you of any material changes.

We do not sell personal information for monetary consideration. Certain jurisdictions (for example, the United States under CCPA/CPRA, when applicable in future versions of the Service) may treat some disclosures for advertising or analytics purposes as a "sale" or "sharing" under their definitions. Where such laws apply, we will honor your rights and choices accordingly.

6. International Data Transfers

We and our service providers may store and process your information in countries outside Lithuania and the European Economic Area, including in jurisdictions that may not provide the same level of data protection as the EEA.

Where personal data is transferred outside the EEA, we rely on appropriate safeguards under Articles 44–49 of the GDPR. These safeguards typically include the European Commission's Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) with the recipient, supplemented by additional technical and organizational measures where required following the Schrems II ruling. A copy of the safeguards in place for a specific transfer can be requested at privacy@techn.app.

7. Data Retention

We retain personal data only for as long as reasonably necessary to provide the Service, comply with our legal obligations, resolve disputes, enforce our agreements, and protect our legal rights.

In general:

• Account and usage data are retained while your account is active and for a reasonable period afterward to handle disputes and refund windows.
• In-App Purchase and withdrawal records are retained for the period required by applicable accounting, tax, and anti-money-laundering law, which is typically up to ten (10) years under Lithuanian and EU financial-recordkeeping rules. After this period, such records are securely deleted or anonymized.
• Support communications are retained for as long as needed to manage your requests and for audit and troubleshooting purposes, typically up to three (3) years after closure of the request.
• Diagnostic and log data are retained for a limited operational period, typically up to ninety (90) days, then deleted.
• Backups. Personal data may persist in encrypted backups for a limited additional period (typically up to thirty (30) days) until those backups are rotated and overwritten, after which deletion becomes complete.

When data is no longer needed for any active purpose and no legal-retention obligation applies, we delete it or irreversibly anonymize it.

8. Your Rights and Choices

8.1 Your rights under the GDPR

If your personal data is processed by us, you have the following rights under the GDPR:

• Right of access (Art. 15) — to obtain confirmation of whether we process your personal data and to receive a copy of the data, together with the information required by Article 15.

• Right to rectification (Art. 16) — to request correction of inaccurate or incomplete personal data.

• Right to erasure (Art. 17) — to request deletion of your personal data in the circumstances set out in Article 17. You can also delete your account directly from within the App at any time via Settings → Account → Delete Account, which triggers an automated hard-deletion of personal identifiers and a cascade across related records (financial and audit records are retained in anonymized form as described in Section 7).

• Right to restriction of processing (Art. 18) — to request that we restrict processing in the circumstances set out in Article 18.

• Right to data portability (Art. 20) — to receive personal data you provided to us in a structured, commonly used, and machine-readable format, and to transmit it to another controller where technically feasible.

• Right to object (Art. 21) — to object to processing based on legitimate interests, including any direct-marketing-related processing.

• Right to withdraw consent (Art. 7(3)) — where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing before the withdrawal.

• Right not to be subject to automated decision-making (Art. 22) — see Section 13 for our use of automated systems.

• Right to lodge a complaint with a supervisory authority. The supervisory authority in Lithuania is:

  Valstybinė duomenų apsaugos inspekcija (State Data Protection Inspectorate)
  L. Sapiegos g. 17, 10312 Vilnius, Lithuania
  Website: https://vdai.lrv.lt
  Email: ada@ada.lt

To exercise your rights, please contact us at privacy@techn.app. We may need to verify your identity before fulfilling your request. We will respond within one (1) month of receipt of your request, with a possible extension of up to two further months for complex requests, as permitted by Article 12(3) of the GDPR.

8.2 Tracking, advertising and analytics choices

App Tracking Transparency (iOS). On first launch, iOS displays an App Tracking Transparency ("ATT") prompt asking whether you allow tracking across other companies' apps and websites for advertising purposes.

• If you grant tracking permission: your iOS Advertising Identifier (IDFA) becomes available to our advertising partner (Google AdMob); ad-interaction events may be shared with advertising partners; you may see more relevant advertisements.
• If you deny tracking permission: the IDFA is not shared; cross-app ad-interaction tracking does not occur; you may still see advertisements, but they will not be personalized based on cross-app activity.

You can change your tracking preference at any time via iOS Settings → Privacy & Security → Tracking on your device, or via iOS Settings → Satoshi: Cloud BTC Miner → Allow Tracking.

Personalized advertising. You can also limit ad personalization at the iOS device level via Settings → Privacy & Security → Apple Advertising.

8.3 Children's privacy

The App is not directed to, and is not intended for use by, individuals under the age of thirteen (13). We do not knowingly collect personal data from individuals under thirteen. If we become aware that we have collected personal data from a person under thirteen, we will promptly delete such data.

If you are a parent or legal guardian and believe a person under thirteen has provided personal data to us, please contact privacy@techn.app so we can take appropriate action.

In Lithuania, the digital-consent age under Article 8 of the GDPR is fourteen (14). For individuals between thirteen and fourteen who reside in Lithuania, processing of personal data based on consent requires authorization by a holder of parental responsibility.

8.4 Account deletion

You can delete your account at any time from within the App, via Settings → Account → Delete Account. Account deletion performs an immediate hard-deletion of your personal identifiers (email, name, authentication credentials, push tokens, device identifiers) and a cascade across associated records (active hashrate plans, daily-streak state, referral relationships, push-notification preferences).

Financial records associated with In-App Purchases and Bitcoin withdrawals are retained in anonymized form, as described in Section 7, for the period required by applicable accounting and anti-money-laundering law. Active auto-renewable subscriptions are not cancelled automatically by account deletion — you must separately cancel them through your Apple ID Settings → Subscriptions to stop billing.

9. Security

We use commercially reasonable technical and organizational measures designed to protect your information from unauthorized access, loss, misuse, or alteration. These measures include encryption of data in transit (TLS), encryption of authentication credentials at rest, access controls and least-privilege principles, isolated production environments, and routine logging and monitoring.

However, no method of transmission over the Internet or method of electronic storage is one-hundred-percent secure. We cannot guarantee absolute security of your information. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Valstybinė duomenų apsaugos inspekcija within seventy-two (72) hours where required by Article 33 of the GDPR, and will notify you directly where required by Article 34.

10. Cookies and Similar Technologies

The App is a native iOS application and does not use browser cookies. We do not operate a public marketing website that sets cookies on visitors.

Within the App, the iOS platform provides equivalent identifiers and persistence mechanisms (advertising identifier, device identifiers, secure storage), which are subject to the controls described in Section 8.2. Where applicable under the EU ePrivacy Directive (2002/58/EC as amended) and Lithuanian law, we obtain your consent before accessing or storing information on your device for non-strictly-necessary purposes.

The static legal pages hosted at https://dev-api.techn.app/legal/privacy-policy and https://dev-api.techn.app/legal/terms-of-use (and any successor URLs) serve content only and do not set tracking cookies.

11. Third-Party Links

The App may contain links to external websites or services that are not operated by us, including links to Apple's legal documents, Google's privacy policy, our Bitcoin payment processor, and community channels. We are not responsible for the privacy practices or content of those third parties. We encourage you to review their privacy policies before providing personal information to them.

12. Software-Based Rewards System and Blockchain Transparency

The Service operates a software-based rewards system themed around Bitcoin mining. Terms used within the App — including, without limitation, "mining", "hashrate", "GH/s", "hashrate plans", "contracts", "free trial plan", "daily streak", "boosts", "multipliers", "rewards", "rewards balance", and similar terms — describe in-app mechanics used solely to calculate and display rewards under our internal rules.

These terms do not represent direct ownership of, or rights to:

• Any specific physical mining hardware;
• Any specific allocation of real-world Bitcoin network hashrate;
• Any specific share of Bitcoin block rewards;
• Any equity, security, investment, or financial instrument.

Rewards calculated by the Service are inherently variable and are not guaranteed. The Company makes no representation regarding any specific amount, frequency, or rate of rewards, and reserves the right to adjust the internal calculation methodology to reflect operational and economic conditions. Past displayed rewards are not indicative of future rewards.

Blockchain transparency. When you initiate a withdrawal, the resulting Bitcoin transaction is processed on a public blockchain network (Bitcoin mainnet, or for Lightning Network withdrawals, the Lightning Network and its underlying settlement layer). Information recorded on a public blockchain — including the destination address, the amount, and the timestamp — is publicly visible to anyone who examines the network. Once a transaction is recorded on a public blockchain, that record cannot be deleted, modified, or revoked by us, by you, or by any third party. This means that the right to erasure under Article 17 of the GDPR, as a practical matter, cannot extend to information that has been published to a public blockchain. We do not publish any personal data other than the destination address you provide and the standard transaction metadata required to settle the withdrawal.

13. Automated Decision-Making

We use automated systems to help detect fraud, abuse, and policy violations — for example, to identify suspicious sign-ups, multi-account abuse, referral fraud, and other behavior inconsistent with our Terms of Use.

These automated processes may result in protective actions such as limiting account features, requiring additional verification before withdrawal, suspending the account temporarily, or, in cases of confirmed abuse, terminating the account and forfeiting accumulated balances in accordance with our Terms of Use.

You have the right under Article 22 of the GDPR not to be subject to a decision based solely on automated processing that produces legal effects or similarly significantly affects you, except where such decision is necessary for the performance of a contract, authorized by law, or based on your explicit consent. Where such an automated decision affects you, you have the right to obtain human intervention, to express your point of view, and to contest the decision by contacting privacy@techn.app.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, where the changes are material, we will provide additional notice through the App or by email at least thirty (30) days before the changes take effect, where feasible.

Your continued use of the Service after a change takes effect constitutes your acknowledgment of the change. If you do not agree with a change, you may stop using the Service and delete your account as described in Section 8.4.

15. Contact Us

If you have any questions, requests, or complaints about this Privacy Policy or our data practices, please contact us:

• Privacy and data-protection requests: privacy@techn.app

• General support: support@techn.app

• Postal address:

  TECHN, UAB
  Studentų g. 67
  LT-51392 Kaunas
  Republic of Lithuania

You also have the right to lodge a complaint with the Lithuanian supervisory authority (Valstybinė duomenų apsaugos inspekcija) at any time. Contact details are provided in Section 8.1.