Privacy Policy

JUAN ("we", "our", "us") is a Chrome extension that helps you track cryptocurrency prices and manage a personal portfolio. This policy explains what information we collect, how we use it, and the choices you have.

JUAN's core features — portfolio tracking, price viewing, and sparkline charts — work without an account. Signing in with Google unlocks additional features like cloud sync, referral rewards, and governance.

Account Information

When you sign in with Google, we receive and store:

• Name — your Google profile display name
• Email address — used as your account identifier
• Google ID — a unique identifier from Google's OAuth service

We do not access your Google password, contacts, files, or any other Google account data. We request only the openid, email, and profile OAuth scopes.

Portfolio Data

When you add coins to your portfolio, we store:

• Coin selections — which cryptocurrencies you track (e.g., BTC, ETH)
• Holdings amounts — quantities you choose to enter (optional)
• Display preferences — sort order, sparkline visibility, holdings visibility

For signed-in users, portfolio data is synced to our server so it persists across devices. For guest users, it is stored locally in your browser only.

Solana Wallet Address

If you choose to enter a Solana wallet address in Settings, we store it on our server. This is used solely for distributing any future on-chain rewards or airdrops. We never initiate transactions from your wallet — we only store the public address you provide.

Usage Events

We log certain in-app actions to power the rewards and points system:

• Daily logins — one event per day when you open JUAN
• Coin additions — when you add a coin to your portfolio
• Detail views — when you open a coin's detail page
• Referrals — when someone signs up using your referral link

These events are tied to your user account and used to calculate reward points. They are not shared with third parties.

Referral Data

When you generate a referral link, we create a unique referral code tied to your account. We track:

• Click counts — how many times your referral link is clicked (with timestamps)
• Sign-up attribution — which new users signed up via your link

Referral clicks are logged via a cookie (juan_ref) on juancoin.cash, which the extension reads during sign-up to attribute the referral.

• We do not collect your browsing history or web activity
• We do not read or store the content of tweets or posts on X.com
• We do not track which tweets you view, like, or interact with
• We do not access your private keys, seed phrases, or exchange accounts
• We do not collect your IP address, device fingerprint, or precise location
• We do not use any third-party analytics or advertising trackers

JUAN stores the following data in your browser's local extension storage (chrome.storage.local):

This data is stored in plaintext within Chrome's extension storage. It is cleared when you log out or uninstall the extension.

JUAN connects to the following external services to function. No personal user data is sent to any of them.

Each of these services has its own privacy policy. We encourage you to review them if you have concerns about how those services handle requests.

JUAN injects a content script on X.com (formerly Twitter) to display live prices next to cryptocurrency cashtags (e.g., $BTC). This script:

• Reads the visible page to detect cashtag text
• Displays price tooltips using data already cached locally
• Does not send any page content, tweet data, or browsing activity to our servers or any third party
• Does not modify, delete, or interact with your X.com account in any way

Logging Out

When you log out of JUAN, all locally stored data (token, profile, portfolio cache, price data) is cleared from your browser. Your account data remains on our server so you can sign back in later.

Uninstalling

Removing the JUAN extension from Chrome deletes all local extension storage automatically. Server-side data associated with your account is retained unless you request deletion.

Requesting Data Deletion

To request complete deletion of your account and all associated data from our servers, contact us through the channels listed below. We will process deletion requests promptly.

We take reasonable measures to protect your data:

• Authentication uses industry-standard OAuth 2.0 with PKCE — we never see your Google password
• API requests are authenticated with JWT tokens that expire after 7 days
• Portfolio and account data are stored in a server-side database accessible only through authenticated endpoints
• Admin access to user data is protected by a server-side secret

No system is 100% secure. We do not store highly sensitive data like private keys, seed phrases, or exchange credentials.

JUAN is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

We may update this privacy policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. Continued use of JUAN after changes constitutes acceptance of the updated policy.

If you have questions about this privacy policy, want to request data deletion, or need to report a concern, you can reach us through:

• The JUAN community channels (linked in the extension's Settings)
• Our support page at JUAN Support & FAQ