Privacy Policy
Last updated: January 2026. F-Change was designed so we would never need to know who you are. Whether you are swapping Bitcoin, Monero, Litecoin, XRP, USDT, or any other coin, this policy explains precisely what that means: what we collect to run your swap, what we categorically never collect, and why.
1. Our Privacy Commitment
F-Change was built around a single architectural principle: collect the absolute minimum data required to process a swap, and hold it for the shortest operationally feasible period. This applies equally to every Bitcoin swap, Ethereum swap, Litecoin swap, Monero swap, and every other private exchange on the platform. This is not marketing copy. It is a structural decision embedded in every layer of how this platform operates. We cannot be compelled to disclose, monetise, or breach data that was never gathered in the first place.
This Privacy Policy describes exactly what technical data we handle to execute your exchange, what we categorically never touch under any circumstances, how collected data is managed, and which third-party services interact with your information and precisely why.
2. Data We Never Collect — Under Any Circumstances
The following categories of personal data are never collected, stored, processed, or transmitted by F-Change at any stage of any exchange:
- Your full name, first name, surname, or any name-based identifier
- Email address or any other contact information of any kind
- Phone or mobile number
- Government-issued identity documents — passport, national identity card, driver's licence
- Facial recognition data, selfie photographs, or biometric identifiers
- Home address, postal code, city, or country of residence
- Persistent user profiles, accounts, usernames, or login credentials
- Cross-session tracking data or device fingerprints
- Advertising identifiers or third-party analytics cookies
- Social media profiles or linked external accounts
3. Data We Do Collect to Process Your Swap
To execute a cryptocurrency exchange on your behalf, we temporarily store the following technical data within your active PHP session:
- Deposit address: A unique, one-time address generated specifically for your order to receive your incoming funds.
- Destination wallet address: The address you provided where converted cryptocurrency is sent once the swap completes.
- Currency pair and amount: The two cryptocurrencies in your swap (for example BTC and XMR) and the transaction amount.
- Order timestamp: The date and time the order was created, used for rate-locking and expiry logic.
- Order ID: A randomly generated alphanumeric identifier (for example ORD-A3F7B2C1) used solely to track your swap status.
This data exists exclusively within your browser session for the operational duration of your exchange. It is not linked to any persistent user identity, external profile, or personal account — and it cannot be connected back to you as an individual by anyone, including us.
4. Server Logs
Our web server generates standard access logs that typically include IP addresses, HTTP request paths, timestamps, and user agent strings. These logs are used only for operational purposes: diagnosing errors, preventing abuse, and monitoring platform health. They are not processed for user profiling, not shared with any third party, and are deleted on a rolling basis as soon as operationally practical.
If network-level anonymity matters to you, we recommend using a VPN or the Tor network. Both are fully compatible with F-Change and are never blocked or throttled.
5. Third-Party Services
We use a small number of third-party services to operate the platform. Here is a complete disclosure of each:
- KuCoin API: Used to fetch live cryptocurrency exchange rates in real time. No personal data, wallet addresses, or order information is transmitted to KuCoin through this integration.
- QR Server (api.qrserver.com): Used to generate QR code images for deposit addresses displayed on your order page. The deposit address string is sent to this service for image generation only. No additional data is included in this request.
- Google Fonts: Used to serve web typography. Standard font resource requests are made to Google's CDN when pages load.
We do not use Google Analytics, Facebook Pixel, Hotjar, Mixpanel, Segment, or any other behavioural analytics, advertising, or user-tracking technology of any description.
6. Cookies
We use exactly one cookie: the PHP session cookie. This is a standard server-side session identifier that allows your browser to maintain the state of your active swap order across pages. It contains no personal information and expires automatically when you close your browser tab or window.
We do not use advertising cookies, tracking pixels, retargeting cookies, analytics cookies, or any persistent cookies of any description.
7. Data Retention
Swap session data exists only for the duration of your active browser session. When your session ends — whether you close the browser, the session times out, or the order completes — the session data is no longer accessible. We do not maintain a long-term database of completed orders linked to user identities. There is no archive of your transaction history on our systems.
8. Data Sharing and Disclosure
We do not sell your data. We do not rent your data. We do not share your data with third parties for marketing, advertising, analytics, or any commercial purpose of any kind.
In the event we receive a legally valid order, subpoena, or other compulsory legal process, we will comply to the extent legally required. Given the minimal data we collect and the session-based, non-persistent nature of order data, any such disclosure would be extremely limited in scope. By architecture, we simply do not retain the kind of comprehensive user data that most exchanges accumulate.
9. Security Measures
All connections to F-Change are encrypted via HTTPS/TLS. Every swap order uses a freshly generated, unique deposit address — addresses are never reused across orders or users. We do not store private keys or sensitive cryptographic material in our database. Session data is isolated per user by the PHP session management layer.
10. Minors
Our service is intended exclusively for individuals aged 18 and over. We do not knowingly collect any information from persons under the age of 18. If you are under 18, please do not use this service.
11. Policy Updates
We may update this Privacy Policy periodically as the service evolves or legal requirements change. All updates will be posted on this page with a revised effective date. Your continued use of the service following any update constitutes acceptance of the revised policy.
12. Contact
For privacy-related questions, concerns, or requests, please contact us at support@f-change.exchange.