Privacy Policy

Last updated: June 2, 2026

This Privacy Policy explains how AllenHark ("AllenHark", "we", "us", or "our") collects, uses, stores, shares, and protects personal information when you visit allenhark.com and any subdomain (the "Site"), purchase or use our infrastructure and trading-system services (the "Services"), or otherwise communicate with us.

We act as a data controller for personal data we collect directly from you, and as a data processor for personal data you submit through the Services on behalf of your own end users. This policy is designed to satisfy the GDPR (EU/UK), the CAN-SPAM Act (US), CASL (Canada), the CCPA/CPRA (California), and the acceptable-use requirements of our email-delivery providers, including the Mailgun / Sinch Acceptable Use Policy.

1. Information We Collect

We collect the following categories of personal data:

  • Identity & contact data — name, email address, Discord/Telegram handle, billing address, company name. Provided when you create an account, request a quote, subscribe to a list, or contact support.
  • Payment data — transaction identifiers, wallet addresses, last-four card digits. Card numbers and bank credentials are processed by our payment partners and are never stored on AllenHark systems.
  • Account & service data — subscription tier, region, API keys you generate, service usage metrics, configuration you store with us.
  • Technical data — IP address, user agent, device identifiers, timestamps, referrer, server logs, and similar diagnostic data.
  • Communications data — emails, chat messages, and support tickets you send us; engagement signals from marketing email you receive from us (opens and clicks, see Section 5).
  • Consent records — the form, time, IP address, and double-opt-in confirmation that establish your consent to receive marketing email or other electronic communications (see Section 4).

We do not knowingly collect special-category data (race, religion, health, biometric, etc.). Please do not submit such data to us.

2. How We Collect It

  • Directly from you — when you fill in forms, create an account, subscribe to a newsletter, complete a purchase, or contact us.
  • Automatically — through cookies, server logs, and similar technologies as you interact with the Site or Services (see Section 8).
  • From third parties — payment processors, OAuth identity providers (e.g. Discord, Google), and analytics or fraud-prevention vendors acting on our behalf.

We never purchase, rent, scrape, or otherwise acquire third-party mailing lists. Every recipient of AllenHark marketing email is on our list because they personally provided their address to us with express, recorded consent.

3. Legal Bases for Processing

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

  • Contract — to provide the Services you have purchased, process payments, and provide support.
  • Consent — for marketing email and other electronic communications, non-essential cookies, and any other consent-based processing. You may withdraw consent at any time without affecting prior lawful processing.
  • Legitimate interests — operating, securing, and improving the Services; preventing fraud and abuse; analytics on aggregated data; pursuing legal claims. We balance these interests against your rights.
  • Legal obligation — tax, accounting, sanctions screening, and lawful requests from public authorities.

4. Email Communications, Consent & Unsubscribe

AllenHark distinguishes between two categories of email:

  • Transactional email — account notifications, verification codes, password resets, billing receipts, expiry reminders, incident notices, and similar messages necessary to deliver the Services you have purchased or requested. These are sent on the basis of contract and cannot be opted out of without closing your account.
  • Marketing email — product announcements, newsletters, educational content, and promotional offers. These are sent only to recipients who have given express, prior, unmarked-by-default consent through a single or double opt-in (e.g. the subscription form in our footer, or a checkbox during checkout that you affirmatively ticked).

Proof of consent. For every marketing subscriber we retain a consent record containing the source form, timestamp, IP address, and (where applicable) the double-opt-in confirmation. We retain this record for as long as you remain subscribed and for a reasonable period afterwards so that we can respond to any abuse complaint, audit, or regulator inquiry.

Unsubscribe rights. Every marketing email we send contains a clearly visible, one-click unsubscribe link. Honoring unsubscribe requests is automatic and immediate. You can also email p•••••yallenhark.com with the subject line "Unsubscribe" and we will remove you within 10 business days (and typically much sooner). After you unsubscribe we keep a suppression record (your email address marked "do not contact") so that we cannot accidentally re-add you in the future; you may request deletion of that suppression record under Section 11.

Sender identification. All AllenHark email is sent from an @allenhark.com or @allenhark.network address. The "From", "To", and "Reply-To" headers accurately identify AllenHark, and our sending domain is authenticated with SPF, DKIM, and DMARC.

Prohibited content. We do not, and will not, use the Services to send unsolicited bulk email, phishing, malware, deceptive or fraudulent content, content that violates the Mailgun Acceptable Use Policy or any applicable anti-spam law, or to assist anyone else in doing so.

5. Email Open & Click Tracking

Marketing email we send to you may contain a single-pixel tracking image and links that pass through our redirect service before reaching the destination. This allows us to measure open and click engagement, suppress further sends to recipients who are not engaging, and detect deliverability problems. Engagement signals are stored against your subscriber record and are deleted when you unsubscribe or request deletion. Transactional email contains tracking only where strictly necessary to deliver the message (e.g. verification links).

6. How We Use Your Information

  • To provide, operate, secure, and improve the Services;
  • To process payments and manage subscriptions, renewals, and refunds;
  • To send transactional email and, with your consent, marketing email;
  • To provide support and respond to your requests;
  • To prevent fraud, abuse, and violations of our Terms of Service, including sanctions screening where required by law;
  • To comply with legal, regulatory, and tax obligations;
  • To carry out aggregated, non-identifying analytics on Site and Service use.

7. Service Providers & Sub-Processors

We share personal data only with vendors who help us deliver the Services, under written contracts that restrict them to the purposes we authorize and require appropriate security measures. The principal categories are:

  • Email delivery — Sinch / Mailgun (EU region) for transactional and marketing email, including delivery, bounce handling, and engagement metrics.
  • Payment processing — card and crypto payment processors that handle your payment instrument directly.
  • Cloud hosting & infrastructure — data-center and bare-metal providers that host the Services in the regions we offer.
  • Analytics & error monitoring — privacy-respecting analytics and crash-reporting vendors used to improve the Site and the Services.
  • Identity providers — Discord, Google, and similar OAuth providers, only when you choose to sign in through them.
  • Professional advisors — auditors, lawyers, and accountants under confidentiality obligations.
  • Public authorities — where disclosure is compelled by law or necessary to protect rights, property, or safety.

We do not sell or rent personal data, and we do not share personal data with advertising networks for cross-context behavioural advertising.

8. Cookies & Similar Technologies

We use cookies and similar storage to keep you signed in, remember preferences, secure the Site against CSRF, and measure aggregate usage. Strictly necessary cookies are set without consent because the Site cannot function without them. Optional analytics cookies are set only with your consent. You can withdraw consent at any time through your browser settings or any cookie banner provided on the Site.

9. International Transfers

AllenHark operates infrastructure in multiple regions (including the United States, the European Union, and Asia-Pacific) and uses vendors based in those regions. When personal data is transferred outside the EEA or the UK, we rely on appropriate safeguards under Articles 45–46 GDPR — typically the European Commission's Standard Contractual Clauses, the UK's International Data Transfer Addendum, and, where applicable, adequacy decisions. You may request a copy of these safeguards by writing to p•••••yallenhark.com.

10. Data Retention

  • Account data — for the lifetime of your account, plus up to 36 months after account closure for tax, accounting, and dispute-resolution purposes.
  • Marketing-consent records — for as long as you are subscribed, plus up to 24 months after unsubscribe so that we can demonstrate the lawful basis of every send if challenged.
  • Suppression list — indefinitely, so that an unsubscribed address is never re-mailed.
  • Server and security logs — typically up to 90 days, longer where needed for investigation of an incident.
  • Email delivery logs — as required by our delivery providers, typically 30 days.

When a retention period expires we delete or anonymize the relevant data.

11. Your Rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you;
  • Correct inaccurate or incomplete data;
  • Request deletion of your data (subject to legal, contractual, or legitimate-interest exceptions);
  • Restrict or object to certain processing;
  • Receive your data in a portable, machine-readable format;
  • Withdraw consent at any time;
  • Opt out of any "sale" or "sharing" of personal data under California law (we do not sell or share personal data as those terms are defined, but you may still exercise this right);
  • Not be discriminated against for exercising any of these rights;
  • Lodge a complaint with your local supervisory authority (e.g. your national data-protection authority in the EU/UK, or the California Privacy Protection Agency).

To exercise any right, email p•••••yallenhark.com. We will respond within 30 days (or such shorter period as the law requires) and may verify your identity before acting on the request.

12. Data Security

We protect personal data with TLS in transit, encryption at rest for sensitive fields, principle-of-least-privilege access controls, audit logging, regular dependency patching, and isolated production environments. No security control is perfect; if you believe an account has been compromised, contact s••••••yallenhark.com immediately.

13. Children

The Services are not directed to, and we do not knowingly collect personal data from, anyone under the age of 16 (or under 13 in the United States). If you believe a child has provided us with personal data, contact p•••••yallenhark.com and we will delete it.

14. Abuse Reports & Complaints

If you believe an AllenHark email was sent without your consent, or otherwise violates this policy or the Mailgun Acceptable Use Policy, please report it to a•••eallenhark.com. We investigate every report, will provide you with our consent record on request, and will suppress the address from all further sends.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be announced by email to active subscribers and by a notice on the Site at least 30 days before they take effect.

16. Contact Us

Data controller. AllenHark is a business company organized under the laws of the British Virgin Islands and is the controller of the personal data described in this policy.

AllenHark — Privacy Office
Email: p•••••yallenhark.com
Abuse: a•••eallenhark.com
Security: s••••••yallenhark.com

See also our Terms of Service.