Privacy Policy

Last updated: March 30, 2026

1. Information We Collect

We collect the minimum information necessary to provide the Service:

• Account info: Name, email address, and password (hashed)
• Exchange API keys: Trade-only keys you provide, stored encrypted (Fernet encryption)
• Trading data: Trade logs, P&L records, and bot status generated during operation
• Usage data: Dashboard access logs, feature usage, and error reports
• Payment info: Processed by our payment provider (Stripe/Whop). We do not store credit card numbers.

2. How We Use Your Information

• To operate the trading bot on your behalf
• To display your trading data on your dashboard
• To send Telegram alerts and email notifications
• To process payments and manage subscriptions
• To improve the Service and fix bugs
• To communicate service updates and changes

3. API Key Security

Your exchange API keys are encrypted at rest using Fernet symmetric encryption. Keys are decrypted only in memory when needed to execute trades. We strongly recommend creating API keys with trade-only permissions and no withdrawal access.

4. Data Sharing

We do not sell, rent, or share your personal information with third parties, except:

• Payment processors: Stripe/Whop receive payment information necessary to process transactions
• Legal requirements: If required by law, regulation, or legal process
• Aggregated data: We may share anonymized, aggregated statistics (e.g., total trades executed across all users) that cannot identify individual users

5. Data Retention

Your data is retained while your account is active. Upon account deletion:

• API keys are immediately deleted
• Personal information is deleted within 30 days
• Trading logs are anonymized and may be retained for system improvement
• Payment records are retained as required by tax/accounting regulations

6. Your Rights

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and data
• Export your trading data
• Opt out of non-essential communications

7. Cookies

Our dashboard uses session cookies for authentication. We do not use tracking cookies or third-party analytics on the trading dashboard. The marketing landing page may use minimal analytics to measure traffic sources.

8. Security

We implement industry-standard security measures including:

• Fernet encryption for API keys at rest
• Password hashing (bcrypt)
• HTTPS/TLS for all connections
• Per-user isolation (separate bot processes)
• Append-only audit logging

9. Children

The Service is not intended for anyone under 18. We do not knowingly collect data from minors.

10. Changes

We may update this policy. Material changes will be communicated via email or dashboard notification.

11. Contact

For privacy-related inquiries, contact jojostar0992@gmail.com.