Privacy Policy

Last updated: March 2026

1. Information We Collect

We collect the following information when you create an account and use the Service:

  • Account information: username, email address, full name, and phone number (optional)
  • Authentication data: hashed passwords and two-factor authentication secrets
  • Alpaca API keys: encrypted at rest using AES-128 Fernet encryption
  • Billing information: processed and stored by Stripe — we do not store card numbers
  • Usage data: login timestamps, IP addresses, and audit logs for security purposes
2. How We Use Your Information

We use collected information to:

  • Operate and maintain your account and trading bot
  • Process subscription payments through Stripe
  • Send transactional emails (welcome, receipts, password resets, alerts)
  • Detect and prevent fraud and unauthorized access
  • Comply with legal obligations
3. Data Sharing

We do not sell, rent, or share your personal information with third parties, except:

  • Stripe — for payment processing
  • Alpaca — your API keys are used solely to place trades on your behalf
  • Legal requirements — if required by law or legal process
4. Data Security

We implement industry-standard security measures including TLS encryption in transit, AES encryption for API keys at rest, bcrypt password hashing, two-factor authentication, and access logging. However, no system is completely secure.

5. Data Retention

We retain your account data for as long as your account is active. You may request deletion of your account and associated data by contacting us. Audit logs may be retained for up to 12 months for security purposes.

6. Cookies & Sessions

We use a single session cookie for authentication. It is HTTP-only, secure, and expires after 8 hours of inactivity. We do not use advertising or tracking cookies.

7. Your Rights

You may access, update, or delete your personal information from the Settings page at any time. To delete your account or request a data export, contact us directly.

8. Contact

For privacy-related questions or requests, contact us at morleypbaker@gmail.com.

Terms of Service Back to Login