Privacy Policy

Scope

This Privacy Policy applies to the Crypto Outcomes mobile application for Android and its companion website at outcomes0020.com. It describes the information collected, how it is used, with whom it is shared, how it is retained, and the choices available to users. The policy does not cover third-party websites that may be reached from links inside the app or on the website; those services operate under their own privacy policies.

Crypto Outcomes (referred to as "we", "us", or "our") is the operator of the app and the website.

Information Collection

The app collects a limited amount of information automatically, and may also collect information that the user voluntarily provides through the support form on the website.

Automatic Collection

The following information is collected automatically when the app is launched:

• Anonymous Installation Identifier. A random string is generated on the device the first time the app is launched. The identifier is unique to the installation, is not linked to any personal account, name, email address, or device account, and is reset when the user clears the app's data or uninstalls the app.
• Device Language and Region. The device's language and region setting is read in order to display the app in the appropriate language and to deliver localized push notifications.
• Advertising Identifier. The Google Advertising ID assigned to the device is read for the purpose of mobile install attribution. The advertising identifier is a resettable, user-controllable identifier provided by the device's operating system.
• Attribution Data. Information about how the app installation was acquired is collected, including the install source, the marketing campaign name (where applicable), and the Play Store install referrer. This data is used to measure marketing performance.
• Push Notification Subscription Identifier. When the app registers for push notifications, a unique subscription identifier is generated for the device. The identifier is used solely to deliver push notifications to the device.
• Device Telemetry (collected by third-party services). The third-party services described below collect baseline device information as part of their standard operation. This typically includes the device model, operating system version, app version, carrier, timezone, and an approximate country derived from the device's IP address. The device's IP address is processed in transit but is not stored by us.

Information You Provide

The website's contact page includes a support form. Use of the form is optional. When the form is submitted, the following information may be provided:

• Name
• Email address
• Subject line and the body of the message
• An optional file attachment — image, PDF, or plain text file (maximum 10 MB)

This information is submitted only when the user chooses to send a message.

Built-in Browser

The app includes a built-in browser used to display this Privacy Policy and the Support page directly inside the app. The built-in browser does not collect additional information beyond what is described in the Automatic Collection section above. Like a standard web browser, it supports cookies (including third-party cookies set by websites loaded inside it) and local storage. These are standard browser features handled on the device. Clearing the app's data through the device settings clears the built-in browser's cookies and local storage as well.

On-Device Storage

The app stores the following information locally on the device. This information is not transmitted to our servers:

• The user's watchlist of coins and the user's chosen ordering
• Saved outcomes and saved news articles
• Configured alerts and their trigger history
• App preferences (default chart period, alerting on/off, onboarding completion state, theme, etc.)
• Cached market data, news content, and the cached splash screen image, used to keep the app responsive offline

This data is stored in the app's private storage area, which is isolated by the Android operating system from other apps. It is removed when the user clears app data or uninstalls the app.

Information Not Collected

The app does not collect or request access to: location, contacts, calendar, photos or media outside of an attachment that the user explicitly selects, microphone, camera (the app does not request the camera permission; the support form's "take a photo" option is provided by the device's own camera app and operates outside of this app), health or fitness data, body sensors, phone state, or financial information. There is no account creation, no login, and no email or phone-number capture.

Use of Information

The information described above is used for the following purposes:

• To operate the app. The anonymous identifier allows the app to be associated with a single installation. The device language enables localized content. Locally stored data (watchlists, alerts, preferences) makes the app functional.
• To deliver push notifications. The subscription identifier and the language tag allow the push notification service to deliver alerts to the correct device in the correct language.
• To measure mobile install attribution and marketing performance. The advertising identifier and attribution data are used to determine how users discover the app and to evaluate the effectiveness of marketing activities.
• To respond to support requests. Information submitted through the contact form is used solely to reply to the inquiry and to investigate the issue reported.
• To comply with legal obligations. Information may be processed where required by applicable law or by valid legal process.

Third-Party Services

The app uses the following third-party services. Each third party processes data under its own privacy policy.

AppsFlyer (Mobile Attribution)

AppsFlyer is used to measure mobile install attribution and marketing-campaign performance. The following information is shared with AppsFlyer: the Google Advertising ID, an AppsFlyer-generated installation identifier, the install referrer, the install source and campaign name, the anonymous installation identifier described above, and standard device data collected by the AppsFlyer SDK (including IP address, device model, operating system version, and app version).

AppsFlyer Privacy Policy: https://www.appsflyer.com/legal/privacy-policy/

OneSignal (Push Notifications)

OneSignal is used to deliver push notifications. The following information is shared with OneSignal: the OneSignal subscription identifier generated for the device, the device push token used by the operating system to route notifications, a language tag derived from the device's language setting, and standard device data collected by the OneSignal SDK (including device model, operating system version, app version, carrier, timezone, and an approximate country derived from the IP address).

OneSignal Privacy Policy: https://onesignal.com/privacy_policy

Public Market Data Sources

The app retrieves market and news data from public APIs (CoinGecko, CoinDesk Data, and Alternative.me). These requests are made directly from the device to the respective service. No identifier is sent with these requests; the device's IP address is exposed by the underlying network connection, as is the case with any internet request. The privacy practices of these services are governed by their own policies:

• CoinGecko Privacy Policy
• CoinDesk Privacy Policy
• Alternative.me Privacy Policy

Data Sharing and Disclosure

Personal information is not sold, rented, or traded. Information is shared only with the third-party service providers listed in the section above, and only to the extent required for those services to operate. Information may also be disclosed where disclosure is required by applicable law, valid legal process (such as a court order or subpoena), or where necessary to protect the rights, property, or safety of users or the public.

Data Retention

Data is retained as follows:

• Anonymous installation identifier and on-device data. Retained on the device until the user clears app data or uninstalls the app.
• Advertising identifier. Managed by the device operating system. The user can reset it at any time through device settings.
• Attribution data and AppsFlyer installation identifier. Retained by AppsFlyer in accordance with AppsFlyer's privacy policy.
• OneSignal subscription identifier and push token. Retained by OneSignal for the lifetime of the app installation, or until the user revokes notification permission and uninstalls the app.
• Built-in browser cookies and local storage. Subject to the standard expiration rules of the websites that set them, and removed when the user clears app data.
• Support correspondence. Retained until the request is resolved and for a reasonable follow-up period (typically up to 12 months), after which it is deleted, unless retention is required by law.

Data Security

All network requests made by the app and the website use encryption in transit (HTTPS/TLS). Data stored on the device resides in the app's private storage area, which is isolated by the Android operating system. Reasonable administrative, technical, and physical safeguards are in place to protect information processed by us. No method of transmission or storage is fully secure; we minimize risk by collecting as little information as is reasonably necessary.

User Rights and Choices

The following controls are available:

• Reset the advertising identifier. The Google Advertising ID can be reset, and ad personalization can be disabled, in Android Settings → Google → Ads.
• Revoke notification permission. Push notifications can be disabled at any time in Android Settings → Apps → Crypto Outcomes → Notifications, or by toggling alerts off inside the app's Settings screen. On Android 13 and later, the user is asked for notification permission at runtime and may decline.
• Clear local data. Uninstalling the app, or going to Android Settings → Apps → Crypto Outcomes → Storage → Clear storage, removes the anonymous identifier, all locally stored watchlists, alerts, cached content, and the built-in browser's cookies and local storage. The "Delete all data" option inside the app's Settings screen achieves the same effect for in-app data without uninstalling.
• Access, correction, deletion, and other data-subject rights. Users may submit a request through the contact form on the website. Requests will be answered within 30 days. Users in the European Economic Area, the United Kingdom, California, or other jurisdictions with formal data-subject rights may also have the right to object to or restrict processing, the right to data portability, and the right to lodge a complaint with their local data-protection authority.

Children's Privacy

Crypto Outcomes is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If a parent or guardian believes that a child has provided personal information through the app or the contact form, they should contact us using the contact form, and the information will be deleted.

Changes to This Policy

This policy may be updated from time to time. When it is updated, the "Last Updated" date at the top of this page will be revised. Material changes will also be brought to users' attention from within the app. Continued use of the app or the website after a change has been posted constitutes acceptance of the updated policy.

Contact

Questions, requests, and concerns regarding this Privacy Policy should be submitted through the contact form on outcomes0020.com. To prioritize a privacy-related request, the subject line should include the word "privacy". Responses are generally provided within 1–2 business days. Formal data-subject requests are answered within 30 days.