Stablecoin Hub

Privacy Policy

Last updated: May 2026

1. Introduction

StablecoinHub (“we,” “us,” or “our”) operates stablecoin.website, an educational platform covering stablecoins and Central Bank Digital Currencies (CBDCs) with a focus on the SAMA regulatory domain. This Privacy Policy explains exactly what personal data we collect, why we collect it, and how it is handled. We collect only what is necessary to operate the platform.

2. Information We Collect

2.1 Information You Provide When Registering

  • Email address — used to verify your account and send transactional emails (e.g. email confirmation, password reset). We do not send marketing or newsletter emails.
  • Username — a public display name (3–30 characters, alphanumeric). Shown on your comments and community posts.
  • Password — hashed and managed by Supabase Auth. We never see or store your plaintext password.

2.2 Profile Information (Optional)

  • Bio — a short text description you may add to your profile.
  • Avatar URL — a link to a profile image you choose to provide.

Profile fields are entirely optional. You can use the platform without filling them in.

2.3 Content You Create

  • Comments — text you post on news articles, learning articles, or community discussion threads. Comments are publicly visible.
  • Comment likes — a record of which comments you have liked (visible only as an aggregate count).
  • Bookmarks — articles or learning content you save. Visible only to you.
  • Discussion suggestions — topic ideas you submit to the community board. Visible to you and our admin team pending review.
  • Inbox messages — messages you send to the admin team through our built-in contact system. These are stored and visible only to you and our admins.

2.4 Automatically Collected Analytics Data

We run our own first-party, privacy-respecting analytics. When you visit a page we record:

  • Page path — e.g. /news/article-slug.
  • Referrer URL — the page you came from, if your browser sends one.
  • Anonymous visitor ID — a 16-character hash derived from your IP address and browser user-agent using SHA-256. Your raw IP address and user-agent string are never stored; only the resulting hash is saved, and it cannot be reversed to identify you.
  • Timestamp — when the page view occurred.

We do not use third-party analytics services (e.g. Google Analytics). All analytics data lives in our own database and is used solely to understand which content is most useful to our readers.

2.5 Session Cookies

We use session cookies set by Supabase to keep you logged in. These are strictly necessary for authentication and cannot be disabled while you are signed in. We do not use advertising cookies, cross-site tracking cookies, or any cookie that persists beyond your session for analytics purposes.

3. How We Use Your Information

  • To create and manage your account and verify your identity.
  • To display your username and comments publicly on the platform.
  • To send transactional emails: email verification and password reset only.
  • To measure which pages and content are most visited (using anonymized analytics).
  • To enable communication between you and the admin team via the inbox system.
  • To review community discussion suggestions before publishing.
  • To enforce our Terms of Use and moderate content where necessary.

We do not use your data for advertising, profiling, or automated decision-making.

4. Data Sharing

We do not sell, rent, or share your personal data with third parties for commercial purposes. Your data is shared only with the infrastructure providers required to run the platform:

  • Supabase — our database and authentication provider. All user data, content, and analytics are stored on Supabase servers under a data processing agreement. Supabase is SOC 2 Type II certified.
  • Vercel — our hosting and serverless compute provider. Handles HTTP requests and serves the application. Request logs (including IP addresses) are retained by Vercel for a limited period per their standard practices.

No other third-party services receive your personal data. We do not integrate advertising networks, social media tracking pixels, or external analytics platforms.

5. Data Retention

  • Account data — retained for as long as your account exists. Deleted within 30 days of an account deletion request.
  • Comments — when deleted by you, your comment body is removed but a placeholder may remain in threaded discussions to preserve context. When deleted by an admin, the comment is fully hidden.
  • Bookmarks and likes — deleted immediately when you remove them, or when your account is deleted.
  • Inbox messages — retained until you or the admin deletes the conversation.
  • Analytics page views — retained for internal reporting purposes. Anonymous visitor IDs cannot be linked back to you.

6. Your Rights

Regardless of your location, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — update your email, username, bio, or avatar via your account settings at any time.
  • Deletion — request deletion of your account and associated personal data. We will process the request within 30 days.
  • Objection — object to any processing of your data that goes beyond what is strictly necessary to operate the service.

If you are in the European Economic Area (EEA) or UK, these rights are additionally protected under the GDPR and UK GDPR respectively.

7. Account Deletion

To delete your account and all associated personal data, please contact us through our messaging system or use your account settings page. We will confirm receipt and complete deletion within 30 days. Anonymized comment placeholders (e.g. “[deleted]”) may be retained to preserve discussion thread context.

8. Security

Passwords are hashed using industry-standard algorithms by Supabase Auth and are never accessible to us. All data in transit is encrypted via TLS. Database access is protected by Row Level Security (RLS) policies, meaning each user can only access their own data.

9. Children

StablecoinHub is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has registered, please contact us and we will promptly delete the account.

10. Changes to This Policy

If we make material changes to this policy we will update the “Last updated” date at the top of this page. Continued use of the platform after changes are posted constitutes acceptance of the revised policy.

11. Contact

For privacy-related questions, data access requests, or deletion requests, please send us a message through our contact system. Registered users can also use the inbox to message the admin team directly.