Last updated: March 2026
We collect: Google account info (name, email, avatar) for authentication; phone number (optional, for alerts); exchange preference; trading strategy configurations; usage analytics (page views, clicks, feature usage); and IP address for security.
API keys are encrypted with AES-256 using Fernet encryption before storage. Keys are only decrypted at runtime to execute trades. We never store keys in plain text and never request withdrawal permissions.
Your data is used to: provide the trading service; improve platform features; send trade alerts (if opted in); analyze platform usage for product improvement; and comply with legal requirements.
We do not sell your data. We share data only with: Google (for OAuth); your connected exchange (API keys for trading); payment processors (for subscriptions); and law enforcement (if legally required).
Data is stored on AWS servers in Mumbai (ap-south-1). We use PostgreSQL with encrypted connections. Backups are encrypted at rest.
You can: view your data anytime in the dashboard; delete your account and all associated data by contacting us; revoke exchange API keys from your exchange at any time; and opt out of analytics tracking.
We use localStorage (not cookies) to store authentication tokens and user preferences. No third-party tracking cookies are used.
For privacy concerns, email bishalchakraborty@crypalgo.com