Privacy Policy

Last updated: March 1, 2026

JUAN does not sell, rent, or share your personal data with advertisers or data brokers. We collect only what is needed to make the extension work.

Overview

JUAN ("we", "our", "us") is a Chrome extension that helps you track cryptocurrency prices and manage a personal portfolio. This policy explains what information we collect, how we use it, and the choices you have.

JUAN's core features — portfolio tracking, price viewing, and sparkline charts — work without an account. Signing in with Google unlocks additional features like cloud sync, referral rewards, and governance.

Information We Collect

Account Information

When you sign in with Google, we receive and store:

  • Name — your Google profile display name
  • Email address — used as your account identifier
  • Google ID — a unique identifier from Google's OAuth service

We do not access your Google password, contacts, files, or any other Google account data. We request only the openid, email, and profile OAuth scopes.

Portfolio Data

When you add coins to your portfolio, we store:

  • Coin selections — which cryptocurrencies you track (e.g., BTC, ETH)
  • Holdings amounts — quantities you choose to enter (optional)
  • Display preferences — sort order, sparkline visibility, holdings visibility

For signed-in users, portfolio data is synced to our server so it persists across devices. For guest users, it is stored locally in your browser only.

X (Twitter) Account Linking

If you link your X (formerly Twitter) account in Settings, we store:

  • X user ID and username — used to identify your account on X
  • OAuth tokens — access and refresh tokens for X API access (stored on the server)
  • Last scan timestamps — when your X posts were last checked for $JUAN cashtag activity

X OAuth tokens are used solely for scanning your public posts for $JUAN mentions to award engagement points. You can unlink your X account at any time in Settings, which removes all stored X data.

Telegram Account Linking

If you verify your Telegram account via our bot (@JUAN_coin_bot), we store:

  • Telegram user ID and username — used to identify you in group chats
  • Telegram avatar — downloaded periodically to compare with your JUAN PFP for PFP-sync rewards. Only a perceptual hash is stored for comparison.

Telegram linking is used for community engagement rewards, PFP verification bonuses, and FUD detection. Contact support to unlink.

Solana Wallet Address

If you choose to enter a Solana wallet address in Settings, we store it on our server. This is used solely for distributing any future on-chain rewards or airdrops. We never initiate transactions from your wallet — we only store the public address you provide.

Profile Pictures (PFP)

If you upload a profile picture in Settings, we store:

  • Image data — your uploaded PNG image (2048×2048), stored on our server
  • Perceptual hash — used to compare against your Telegram avatar for PFP-sync rewards
  • Upload timestamp — when you uploaded your PFP

Your PFP is visible to other signed-in users across JUAN (chat, rankings, etc.). You can remove your PFP at any time in Settings.

Community Chat Messages

When you participate in the community chat room, we store:

  • Message text — the content of your chat messages
  • Your user ID — associated with each message
  • Timestamps — when each message was sent

Chat messages are visible to all signed-in users. You can delete your own messages at any time. Admins may remove messages that violate community guidelines.

Usage Events

We log certain in-app actions to power the rewards and points system:

  • Daily logins — one event per day when you open JUAN
  • Coin additions — when you add a coin to your portfolio
  • Detail views — when you open a coin's detail page
  • Referrals — when someone signs up using your referral link
  • Telegram engagement — messages in the JUAN Telegram group (public content only)
  • X engagement — public posts containing $JUAN from your linked X account
  • PFP sync — when your Telegram avatar matches your uploaded PFP

These events are tied to your user account and used to calculate reward points. They are not shared with third parties.

Referral Data

When you generate a referral link, we create a unique referral code tied to your account. We track:

  • Click counts — how many times your referral link is clicked (with timestamps)
  • Sign-up attribution — which new users signed up via your link

Referral clicks are logged via a cookie (juan_ref) on juancoin.cash, which the extension reads during sign-up to attribute the referral.

CT Radar

CT Radar is a server-side feature that monitors public X posts from a curated watchlist of cryptocurrency influencer accounts. This feature:

  • Runs on our server — not on your device
  • Fetches public posts from X's public API using app-only credentials
  • Does not use your personal X account or OAuth tokens
  • Stores post text, timestamps, and tweet IDs for the watched accounts in our database

No personal user data is involved in CT Radar — it only reads public data from X accounts configured by administrators.

What We Don't Collect

  • We do not collect your browsing history or web activity
  • The X.com content script does not send page content, tweet data, or browsing activity to our servers or any third party
  • We do not track which tweets you view, like, or interact with
  • We do not access your private keys, seed phrases, or exchange accounts
  • We do not collect your IP address, device fingerprint, or precise location
  • We do not use any third-party analytics or advertising trackers

Data Stored Locally

JUAN stores the following data in your browser's local extension storage (chrome.storage.local):

Data Purpose
Authentication token (JWT) Keeps you signed in between sessions
User profile Your name and email for display
Portfolio cache Offline access to your coin list
Price cache Latest prices for quick popup loading
Chart cache Historical price data (30-min TTL)
Preferences Fear & Greed toggle, display settings

This data is stored in plaintext within Chrome's extension storage. It is cleared when you log out or uninstall the extension.

Third-Party Services

JUAN connects to the following external services to function. No personal user data is sent to any of them.

Service Data Sent Purpose
Google OAuth Authentication request Sign-in with Google
CoinGecko API Coin IDs only (no user info) — proxied through our backend Prices, charts, sparklines, coin search
DexScreener API Contract addresses only (no user info) — proxied through our backend Token prices and pair data for Solana/Base/other chains
Alternative.me None (public endpoint) Fear & Greed Index value
Google News RSS Search query only Cryptocurrency news headlines

Each of these services has its own privacy policy. We encourage you to review them if you have concerns about how those services handle requests.

X.com Integration

JUAN injects a content script on X.com (formerly Twitter) to display live prices next to cryptocurrency cashtags (e.g., $BTC). This script:

  • Reads the visible page to detect cashtag text
  • Displays price tooltips using data already cached locally
  • Does not send any page content, tweet data, or browsing activity to our servers or any third party
  • Does not modify, delete, or interact with your X.com account in any way

X Account Linking (Optional)

Separate from the content script, you may optionally link your X account in JUAN Settings via OAuth. This is a distinct process that:

  • Requires explicit user action — you must click "Link X Account" in Settings and authorize through X's OAuth dialog
  • Stores OAuth tokens server-side — used to scan your public posts for $JUAN mentions and award engagement points
  • Can be undone at any time — unlinking removes all stored X data from our servers

Data Retention & Deletion

Logging Out

When you log out of JUAN, all locally stored data (token, profile, portfolio cache, price data) is cleared from your browser. Your account data remains on our server so you can sign back in later.

Uninstalling

Removing the JUAN extension from Chrome deletes all local extension storage automatically. Server-side data associated with your account is retained unless you request deletion.

Requesting Data Deletion

To request complete deletion of your account and all associated data from our servers, contact us through the channels listed below. We will process deletion requests promptly.

Security

We take reasonable measures to protect your data:

  • Authentication uses industry-standard OAuth 2.0 with PKCE — we never see your Google password
  • API requests are authenticated with JWT tokens that expire after 7 days
  • Portfolio and account data are stored in a server-side database accessible only through authenticated endpoints
  • Admin access to user data is protected by a server-side secret

No system is 100% secure. We do not store highly sensitive data like private keys, seed phrases, or exchange credentials.

Children's Privacy

JUAN is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Changes to This Policy

We may update this privacy policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. Continued use of JUAN after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this privacy policy, want to request data deletion, or need to report a concern, you can reach us through:

  • The JUAN community channels (linked in the extension's Settings)
  • Our support page at JUAN Support & FAQ