Privacy Policy
Effective Date: February 26, 2026
AutoXAU ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our Service.
1. Information We Collect
1.1 Account Information
- Registration Data: Username, email address, password (hashed)
- Profile Information: Subscription tier, payment history, preferences
- Authentication Data: OAuth tokens (Google Sign-In), session tokens
1.2 Trading Data
- Broker API Credentials: API keys, secrets, passphrases (encrypted)
- Trading Activity: Positions, trades, P&L, strategies used
- Risk Settings: Leverage limits, position sizes, trading hours
1.3 Usage Data
- IP addresses, browser type, device information
- Pages visited, features used, time spent on the platform
- Error logs and diagnostic data
1.4 Payment Information
- Processed by Stripe (credit cards) or NOWPayments (crypto)
- We do not store full credit card numbers—only transaction IDs and payment status
2. How We Use Your Information
We use your data to:
- Provide the Service: Generate signals, execute trades, manage your account
- Improve Performance: Train ML models, detect bugs, optimize algorithms
- Communicate: Send notifications, alerts, support responses, and marketing (opt-out available)
- Security: Prevent fraud, abuse, and unauthorized access
- Compliance: Meet legal obligations and enforce our Terms of Service
3. Data Sharing and Disclosure
We do not sell your personal data. We may share data with:
- Broker APIs: Your encrypted API keys are used to execute trades on your behalf
- Payment Processors: Stripe, NOWPayments, and crypto gateways process transactions
- Service Providers: Cloud hosting (AWS, DigitalOcean), email (SendGrid), analytics
- Legal Requirements: If required by law or to protect our rights
4. Data Security
We implement industry-standard security measures:
- Encryption: API keys encrypted at rest (AES-256), HTTPS/TLS for data in transit
- Access Controls: Limited employee access, role-based permissions
- Password Security: Passwords hashed with SHA-256 (recommended: upgrade to bcrypt/Argon2)
- CAPTCHA Protection: hCaptcha prevents automated abuse
However, no system is 100% secure. Use strong passwords and enable two-factor authentication if available.
5. Data Retention
- Account Data: Retained while your account is active
- Trading History: Stored indefinitely for analytics and compliance
- Logs: Retained for 90 days unless needed for investigations
- Deleted Accounts: Personal data anonymized or deleted within 30 days
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access: Request a copy of your personal data
- Correction: Update inaccurate information via dashboard settings
- Deletion: Request account deletion (may not apply to archived trading records)
- Portability: Export your data in machine-readable format
- Objection: Opt out of marketing emails (unsubscribe link provided)
To exercise these rights, contact us at privacy@autoxau.com.
7. Cookies and Tracking
We use cookies for:
- Authentication: Session tokens to keep you logged in
- Analytics: Usage patterns to improve the Service (Google Analytics optional)
- Preferences: Remember your settings (theme, notification preferences)
You can disable cookies in your browser, but this may limit functionality.
8. Third-Party Services
Our platform integrates with:
- Google OAuth: Sign-in via Google (governed by Google's Privacy Policy)
- Stripe: Payment processing (see Stripe's Privacy Policy)
- Broker APIs: Bybit, Binance, OKX, etc. (subject to their policies)
We are not responsible for third-party privacy practices.
9. International Data Transfers
Your data may be processed in Singapore or other jurisdictions where our servers or service providers operate. By using the Service, you consent to these transfers.
10. Children's Privacy
AutoXAU is not intended for users under 18. We do not knowingly collect data from minors. If we discover such data, we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or dashboard notification. The "Effective Date" at the top reflects the latest version.
12. Contact Us
For privacy questions or data requests, contact:
Email: privacy@autoxau.com
Support: support@autoxau.com
Website: https://autoxau.com
13. GDPR Compliance (EU Users)
If you are in the European Union:
- We process your data based on consent, contract performance, or legitimate interests
- You have the right to lodge a complaint with your local data protection authority
- You may request data portability or object to automated decision-making
14. CCPA Compliance (California Users)
California residents have additional rights under the CCPA:
- Right to know what personal data is collected
- Right to request deletion of personal data
- Right to opt out of data "sales" (we do not sell data)
- Right to non-discrimination for exercising CCPA rights