AutoXAU

Privacy Policy

Effective Date: February 26, 2026

AutoXAU ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our Service.

1. Information We Collect

1.1 Account Information

• Registration Data: Username, email address, password (hashed)
• Profile Information: Subscription tier, payment history, preferences
• Authentication Data: OAuth tokens (Google Sign-In), session tokens

1.2 Trading Data

• Broker API Credentials: API keys, secrets, passphrases (encrypted)
• Trading Activity: Positions, trades, P&L, strategies used
• Risk Settings: Leverage limits, position sizes, trading hours

1.3 Usage Data

• IP addresses, browser type, device information
• Pages visited, features used, time spent on the platform
• Error logs and diagnostic data

1.4 Payment Information

• Processed by Stripe (credit cards) or NOWPayments (crypto)
• We do not store full credit card numbers—only transaction IDs and payment status

2. How We Use Your Information

We use your data to:

• Provide the Service: Generate signals, execute trades, manage your account
• Improve Performance: Train ML models, detect bugs, optimize algorithms
• Communicate: Send notifications, alerts, support responses, and marketing (opt-out available)
• Security: Prevent fraud, abuse, and unauthorized access
• Compliance: Meet legal obligations and enforce our Terms of Service

3. Data Sharing and Disclosure

We do not sell your personal data. We may share data with:

• Broker APIs: Your encrypted API keys are used to execute trades on your behalf
• Payment Processors: Stripe, NOWPayments, and crypto gateways process transactions
• Service Providers: Cloud hosting (AWS, DigitalOcean), email (SendGrid), analytics
• Legal Requirements: If required by law or to protect our rights

4. Data Security

We implement industry-standard security measures:

• Encryption: API keys encrypted at rest (AES-256), HTTPS/TLS for data in transit
• Access Controls: Limited employee access, role-based permissions
• Password Security: Passwords hashed with SHA-256 (recommended: upgrade to bcrypt/Argon2)
• CAPTCHA Protection: hCaptcha prevents automated abuse

However, no system is 100% secure. Use strong passwords and enable two-factor authentication if available.

5. Data Retention

• Account Data: Retained while your account is active
• Trading History: Stored indefinitely for analytics and compliance
• Logs: Retained for 90 days unless needed for investigations
• Deleted Accounts: Personal data anonymized or deleted within 30 days

6. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access: Request a copy of your personal data
• Correction: Update inaccurate information via dashboard settings
• Deletion: Request account deletion (may not apply to archived trading records)
• Portability: Export your data in machine-readable format
• Objection: Opt out of marketing emails (unsubscribe link provided)

To exercise these rights, contact us at privacy@autoxau.com.

7. Cookies and Tracking

We use cookies for:

• Authentication: Session tokens to keep you logged in
• Analytics: Usage patterns to improve the Service (Google Analytics optional)
• Preferences: Remember your settings (theme, notification preferences)

You can disable cookies in your browser, but this may limit functionality.

8. Third-Party Services

Our platform integrates with:

• Google OAuth: Sign-in via Google (governed by Google's Privacy Policy)
• Stripe: Payment processing (see Stripe's Privacy Policy)
• Broker APIs: Bybit, Binance, OKX, etc. (subject to their policies)

We are not responsible for third-party privacy practices.

9. International Data Transfers

Your data may be processed in Singapore or other jurisdictions where our servers or service providers operate. By using the Service, you consent to these transfers.

10. Children's Privacy

AutoXAU is not intended for users under 18. We do not knowingly collect data from minors. If we discover such data, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or dashboard notification. The "Effective Date" at the top reflects the latest version.

12. Contact Us

For privacy questions or data requests, contact:

Email: privacy@autoxau.com
Support: support@autoxau.com
Website: https://autoxau.com

13. GDPR Compliance (EU Users)

If you are in the European Union:

• We process your data based on consent, contract performance, or legitimate interests
• You have the right to lodge a complaint with your local data protection authority
• You may request data portability or object to automated decision-making

14. CCPA Compliance (California Users)

California residents have additional rights under the CCPA:

• Right to know what personal data is collected
• Right to request deletion of personal data
• Right to opt out of data "sales" (we do not sell data)
• Right to non-discrimination for exercising CCPA rights