Privacy
Our no-log policy, in plain English.
XMRgate is built around a single principle: we shouldn't see things we don't need. This page documents exactly what we store, what we don't, and the measures that keep it that way.
What we never store
- Customer or payer IP addresses
- Browser fingerprints or device info
- Session tokens or cookies beyond auth
- Personal identifying information of payers
- Wallet clustering or address graph data
What we do store (minimal)
- Merchant ID
- Coin type
- Amount received
- Timestamp
- On-chain TX hash (public by nature)
How we enforce it
Invoice auto-expiry
Invoices expire 30 minutes after creation by default. Merchants can tune this per integration.
Hashed API keys
Keys are stored as bcrypt hashes. We cannot recover a plaintext key — even with full DB access.
Zero analytics
No Google Analytics, Segment, Mixpanel, or any third-party tracking on the dashboard or marketing site.
Tor hidden service
A .onion mirror of the API and dashboard. Merchants are encouraged to operate behind Tor or a VPN.
EU jurisdiction
Hosted in Hetzner Finland / Germany. Strong privacy laws, no blanket data-retention mandates for this category.
Payout address separation
Buyer deposit addresses, platform balances and merchant payout addresses are tracked separately for clearer accounting.
An honest caveat about public chains
Bitcoin, Ethereum, Litecoin and stablecoins on those networks are permissionless and public. Anyone can inspect them. Our "no-log" promise covers XMRgate's own infrastructure — it does not change the public nature of those blockchains. Monero, by contrast, is private end-to-end. We make this distinction explicit in our Terms of Service.
Apply for access