Legal Information

Privacy Policy & Legal Disclosures — Last updated: March 1, 2026

1. Privacy Policy

Numisma ("we", "us", "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, and safeguard your information when you visit numisma.in.

2. Information We Collect

2.1 Personal Information (Registered Users)

When you create an account, we may collect:

• Name — For display on your profile and collection pages
• Email Address — For account verification and password recovery
• Phone Number — For account identification (optional WhatsApp number)
• City & State — For display on your public collector profile
• Profile Photo — Optional, uploaded by you

2.2 Automatically Collected Information

When you visit Numisma, we automatically collect:

• IP Address — For analytics, security, and rate limiting
• Browser & Device Information — User agent string for analytics
• Pages Visited — Page URLs, titles, time on page, and referrer
• Session Data — Session duration, page count, and navigation patterns
• Approximate Location — Country, city, and region derived from IP address

2.3 Device Fingerprinting

For the image contribution feature, we use FingerprintJS to generate a device identifier. This is used solely to prevent abuse and enforce rate limits on anonymous image submissions. No personal data is associated with the fingerprint.

3. How We Use Your Information

• Service Operation — To provide and maintain the platform, manage user accounts, and enable collection features
• Analytics — To understand how visitors use our site, improve user experience, and monitor performance
• Security — To protect against unauthorized access, detect threats (SQL injection, XSS, bot attacks), and enforce rate limits
• Communication — To send password reset emails and important account notifications
• Community Features — To display your public collector profile and enable coin exchange features

4. Cookies & Local Storage

Numisma uses the following storage mechanisms:

• PHP Sessions — To maintain login state and user preferences (essential, session-duration)
• LocalStorage — To store your anonymous visitor ID for analytics tracking (ch_visitor_id)

We do not use third-party tracking cookies or advertising cookies.

5. Data Security

We implement multiple security measures to protect your data:

• Passwords are hashed using PHP's password_hash with the PASSWORD_DEFAULT algorithm — we never store plain-text passwords
• Security headers (X-Frame-Options, X-Content-Type-Options, X-XSS-Protection) are set on all pages
• Rate limiting prevents brute force attacks (120 requests/minute per IP)
• Threat detection scans for SQL injection, XSS, and path traversal attempts
• Sensitive files (.env, .sql, .git) are blocked from public access

6. Data Retention

• User Accounts — Retained until you request deletion or your account is deactivated
• Analytics Data — Session and page view data retained for trend analysis; aggregated into daily summaries
• Security Logs — Access logs and security events retained for threat analysis and incident response
• Search Logs — Search queries logged for improving search quality and analytics

7. Third-Party Services

We use the following third-party services:

• ip-api.com — Free IP geolocation service for approximate visitor location (no personal data shared)
• FingerprintJS — Client-side device fingerprinting for rate limiting image contributions
• Telegram Bot API — For the @NumismaAI_bot coin search service
• Google Fonts — Web fonts loaded from Google's CDN
• cdnjs (Cloudflare) — Font Awesome icons loaded from Cloudflare CDN

8. Your Rights

You have the right to:

• Access your personal data through your account settings
• Update or correct your profile information at any time
• Delete your profile photo from account settings
• Request account deletion by contacting us

9. Children's Privacy

Numisma is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can take appropriate action.

10. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with a revised date. Continued use of the platform after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or data requests, please contact us.

---

Disclaimer

Numisma is an informational platform. Coin prices, specifications, and historical data are provided for reference only and should not be considered professional appraisals or investment advice. We make every effort to ensure accuracy but cannot guarantee completeness. Users are encouraged to consult professional numismatists for valuation purposes.

Governing Law: These terms are governed by the laws of India. Any disputes shall be subject to the jurisdiction of courts in India.