Privacy Policy

Last updated: February 2, 2026

Privacy at a Glance

  • 🔒 Your API keys are encrypted with AES-256-GCM
  • 🚫 We never access your exchange withdrawal functions
  • 📊 We collect minimal data needed to provide the service
  • 🌍 GDPR compliant - you can request your data or deletion
  • 🤝 We never sell your data to third parties

1. Information We Collect

1.1 Account Information

  • Email address (required for account creation)
  • Name (optional)
  • Password (hashed, never stored in plain text)
  • OAuth data if you sign in with Google/GitHub/Apple

1.2 Exchange API Keys

  • Exchange API keys and secrets you provide
  • These are encrypted using AES-256-GCM before storage
  • Decryption keys are stored separately from encrypted data
  • We recommend keys with NO withdrawal permissions

1.3 Trading Data

  • Trades executed by your agents
  • Agent configurations and strategies
  • Performance metrics and analytics

1.4 Technical Data

  • IP address
  • Browser type and version
  • Device information
  • Usage logs and error reports

2. How We Use Your Information

  • Provide Service: Execute trades, manage agents, display analytics
  • Billing: Process payments and manage subscriptions
  • Communication: Send important service updates and security alerts
  • Improvement: Analyze usage patterns to improve the platform
  • Security: Detect and prevent fraudulent activity

3. Data Sharing

✓ We never sell your data

We share data only with:

  • Exchanges: Your API keys are used to execute trades on your behalf
  • Payment Processors: Stripe and AsterPay process payments (they have their own privacy policies)
  • Infrastructure: Supabase (database), Hetzner (hosting) under strict data processing agreements
  • Legal: When required by law or to protect our rights

4. Data Security

🔐 Security Measures

  • • AES-256-GCM encryption for API keys
  • • bcrypt hashing for passwords
  • • HTTPS/TLS for all communications
  • • Regular security audits
  • • Row Level Security in database
  • • Webhook signature verification

While we implement industry-standard security measures, no system is 100% secure. We recommend using unique, strong passwords and API keys with minimal permissions.

5. Data Retention

  • Active accounts: Data retained while your account is active
  • Closed accounts: Personal data deleted within 30 days
  • API keys: Deleted immediately when you remove them or close your account
  • Trade history: Retained for 3 years for tax/compliance purposes
  • Logs: System logs retained for 90 days

6. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a machine-readable format
  • Object: Object to processing of your data
  • Withdraw consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@tradeagent247.com

7. Cookies

We use minimal cookies for:

  • Authentication: Session cookies to keep you logged in
  • Preferences: Remember your settings (theme, language)
  • Analytics: Anonymous usage statistics to improve the service

You can disable cookies in your browser, but some features may not work correctly.

8. Children's Privacy

TradeAgent 24/7 is not intended for users under 18 years of age. We do not knowingly collect data from minors. If you believe we have collected data from a minor, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email and/or a notice on our website. Continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

For questions about this Privacy Policy or your data:

Privacy Officer: privacy@tradeagent247.com

General: support@tradeagent247.com