Privacy Policy
Last updated: January 2026. No KYC SWAP is designed to know as little about you as possible. This policy explains what minimal data we use to route your swap and the much larger category of data we deliberately never collect.
1. Our Core Principle: Collect Nothing You Don't Need
Every privacy breach in crypto history has one thing in common: the exchange stored data it did not need for the core function of the service. No KYC SWAP was architected from day one around a different principle — if a piece of data is not strictly necessary to execute a swap from your sending wallet to your destination address, we do not collect it. This applies to USDT, BTC, ETH, XMR, USDC, and every other asset on our platform.
This document describes what the swap engine actually needs to function, what we refuse to touch under any circumstances, and how our technical infrastructure is structured to keep your activity private.
2. Data We Never Collect
No KYC SWAP does not request, process, store, or share any of the following under any circumstances:
- Your legal name, aliases, or any personal identifier
- Email addresses, phone numbers, or physical mailing addresses
- Government-issued identification (passports, driver's licences, national ID cards)
- Biometric data, facial recognition scans, or liveness check results
- Geographic location data, home addresses, or postal codes
- Browser fingerprints, device identifiers, or cross-site tracking profiles
- Third-party advertising or behavioral tracking cookies
- Persistent user account data, login histories, or trade histories linked to individuals
3. Data the Swap Engine Requires
To route a swap from your source asset to your destination wallet, our automated engine holds the following data in a temporary PHP session state for the duration of the order:
- One-time deposit address: A freshly generated wallet address created exclusively to receive your incoming funds for this specific order.
- Destination address: The external wallet address you entered to receive the converted funds.
- Asset pair and amount: The trading pair and volume — for example, 500 USDT-TRC20 to XMR.
- Order timestamp: Used solely to enforce the 30-minute rate lock.
- Session Order ID: A randomly generated reference code (e.g., ORD-7X9P2L) that tracks the mechanical progress of your swap through our routing engine.
None of this data contains any personal identifier. Once your browser session ends, the connection between this session data and your device is permanently severed.
4. Server Infrastructure Logs
Our servers generate standard operational logs that include HTTP request paths, timestamps, and IP addresses. These exist to defend against DDoS attacks and maintain platform availability. They are not aggregated into user profiles, are not tied to order session data, and are routinely purged. We strongly recommend using a VPN or Tor to prevent your IP from appearing in these logs at all.
5. Third-Party Services
No KYC SWAP operates in an isolated environment. The only external services that touch any part of the swap process are:
- Market price APIs (e.g., KuCoin): Used exclusively to fetch live exchange rates. No user data, order IDs, or wallet addresses are transmitted to these endpoints.
- QR code renderer (api.qrserver.com): Generates the visual QR code of your deposit address. The API receives only the alphanumeric deposit address string — nothing else.
- Google Fonts: CDN delivery for typography.
We do not use Google Analytics, Meta Pixel, Mixpanel, Hotjar, or any other behavioral analytics tool. No advertising network has any presence on our platform.
6. Cookies
We use exactly one cookie: the PHP session identifier. This server-side cookie holds your active order state so the page works correctly if you refresh during a swap. It contains no personal data and is automatically deleted when you close your browser. There are no tracking cookies, advertising cookies, or persistent cookies of any kind on No KYC SWAP.
7. Data Retention
Order session data is inherently short-lived. Upon swap completion and session termination, the data exits active storage. We do not build historical transaction ledgers, we do not maintain records linking multiple swaps to a single user, and we cannot produce a "transaction history" for any individual because none exists in our system.
8. What We Can and Cannot Share With Authorities
No KYC SWAP does not sell or share user data for commercial purposes. If we receive a legally binding order from an authorized body, our compliance is naturally constrained by what we actually possess. We can provide order session metadata (timestamps, asset pairs, blockchain addresses) for active or recently active sessions. We cannot provide names, email addresses, IP histories, or user profiles because our system never stores them.
9. Security
All traffic between your browser and our exchange is encrypted via HTTPS/TLS. Deposit addresses are never reused — every order receives a unique address generated at the time of creation. Private keys for routing wallets are managed in isolated server environments that are not accessible from the public-facing application layer.
10. Age Requirement
No KYC SWAP is intended for adults making independent financial decisions. Use of the platform is restricted to individuals aged 18 or older. We do not knowingly collect or process data belonging to minors.
11. Policy Changes
We may update this policy as our platform evolves. Changes take effect when published to this page. Continued use of No KYC SWAP after an update constitutes acceptance of the revised terms.
12. Privacy Questions
For questions about our data architecture or privacy practices, contact us at support@nokycswap.net.