GDPR Notice

stavahub.com is committed to protecting your privacy and ensuring full transparency regarding how personal data is handled. This GDPR Notice explains how we process personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679 – “GDPR”).

stavahub.com operates under a privacy-focused model: no KYC, no unnecessary data collection, and no sale of personal data to third parties. We process only the minimum data required to operate our platform securely and efficiently.

1. Data Controller

The data controller responsible for processing your personal data is:
Website: https://www.stavahub.com

2. Principles of Data Processing

stavahub.com adheres to the following GDPR principles:

  • Minimal data collection – We collect only what is strictly necessary to provide core platform functionality.

  • No KYC – We do not request identity documents, personal identification numbers, or biometric data.

  • No data selling – We do not sell, rent, or trade personal data to third parties.

  • Purpose limitation – Data is used only for the purposes stated in this notice.

  • User responsibility – Users are fully responsible for managing their own wallets, private keys, account credentials, and security choices.

  • Transparency – We clearly inform users about what data is collected and why.

3. Categories of Personal Data We Process

3.1. Data You Provide Voluntarily

  • Email address (for account creation, notifications, and service communication)

  • Wallet address (required to receive rewards or conduct platform interactions)

  • Optional contact preferences

We do not request or process:

  • Identity documents

  • Residential addresses

  • National ID numbers

  • Biometric data

  • Photographs or videos

  • Financial data outside of wallet interactions

3.2. Data Collected Automatically (Technical Data)

To maintain platform functionality, security, and performance, we collect limited technical data such as:

  • IP address

  • Browser type and version

  • Operating system

  • Device information

  • Access logs (pages visited, timestamps, technical events)

  • Cookies that are strictly necessary for functionality

Analytics or advertising cookies are disabled by default and used only with explicit consent.

4. Data Storage and Retention

We retain personal data only for as long as necessary to fulfill the purposes listed above:

  • Account-related data: retained while your account is active.

  • Technical logs: retained for short, security-focused periods.

  • Email communication data: retained until you unsubscribe or request deletion.

When data is no longer needed, it is securely deleted or anonymized.

5. Data Sharing and Transfers

5.1. Third-Party Service Providers

We may share limited data with trusted service providers that support platform functionality, such as hosting providers or security infrastructure vendors. These providers act strictly as data processors under GDPR and cannot use your information for their own purposes.

5.2. No Sale of Data

stavahub.com does not sell, rent, or trade personal data to any third parties.

5.3. International Transfers

If data is transferred outside the European Economic Area, such transfers will rely on GDPR-approved safeguards such as Standard Contractual Clauses or equivalent protections.

6. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

  1. Right of access – Obtain information about the data we hold.

  2. Right to rectification – Correct inaccurate or incomplete data.

  3. Right to erasure – Request deletion of your data (“right to be forgotten”).

  4. Right to restriction – Limit the processing of your data in certain circumstances.

  5. Right to object – Object to processing based on legitimate interest.

  6. Right to data portability – Receive your data in a structured, machine-readable format.

  7. Right to withdraw consent – Withdraw consent at any time when processing is based on consent.

  8. Right to lodge a complaint – Contact your local Data Protection Authority if you believe your rights have been violated.

7. Security Measures

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encryption

  • Secure servers and hosting environments

  • Access controls and authentication

  • Internal security policies and audits

  • Monitoring and intrusion-detection measures

In case of a data breach that may impact your rights, we will notify you and the relevant authorities within GDPR-compliant timelines.

8. Updates to This GDPR Notice

This notice may be updated periodically to reflect changes in our data practices. The updated version will always include the “Last updated” date at the top of this page.