The Company collects and processes only such data as is necessary to operate and provide the Services, including:
- Account, wallet, and contact information
- Technical, transaction, and usage data
- API credentials or API connection details provided by the user for the purpose of enabling Strategy Following for the user
The Company:
- does not collect private keys
- does not have withdrawal rights
- does not access or custody user funds
- does not sell personal data or share personal data for marketing or unrelated third-party purposes
API credentials are processed under the principle of least privilege (trade-only access, no withdrawals) and are used exclusively to execute the Services as instructed by the user. API credentials may be encrypted, stored, or transmitted securely to technical infrastructure, cloud service providers, or execution-related third parties strictly for service operation.
The Company implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse. Personal data is retained only for as long as necessary to provide the Services or to comply with applicable legal obligations.
Users may revoke API access or request deletion of associated data at any time, subject to applicable law and operational requirements.