Privacy Policy

We collect information you provide directly, including:

• Account details such as email address, profile details, and authentication settings.
• Strategy names, blueprint configurations, prompts, preferences, API keys, and settings.
• Support messages, feedback, survey responses, and other communications.
• Billing and subscription details handled by our payment or billing providers.

We use Better Auth and related authentication infrastructure to manage sessions, email OTP, passkeys, API keys, multi-factor authentication, and account security. We collect technical data needed to verify identity, prevent abuse, investigate suspicious activity, and protect the Service.

If you create or connect a wallet, use trading features, or run a blueprint that interacts with market venues, we process information needed to operate those features, such as wallet addresses, venue identifiers, positions, orders, fills, balances, transaction hashes, and strategy execution history.

When you use the Service, we and our providers may collect:

• Device, browser, IP address, approximate location, and user-agent information.
• Usage events, page views, feature interactions, performance metrics, and referrers.
• Logs, request metadata, error reports, traces, and security events.

We use PostHog for product analytics and session replay, and Better Stack for logs, metrics, traces, and error reporting. These tools help us understand product behavior, diagnose defects, monitor reliability, and improve the Service.

We use information to:

• Provide, secure, maintain, and improve the Service.
• Authenticate users, prevent fraud, and enforce our Terms.
• Run automations, execute user instructions, and display portfolio or strategy state.
• Provide support, send service communications, and respond to requests.
• Analyze usage, debug incidents, and develop new features.
• Comply with legal, tax, accounting, sanctions, and regulatory obligations.

We may disclose information if required by law, to protect rights and safety, to investigate abuse, in connection with a financing or corporate transaction, or with your direction or consent.

We keep information for as long as needed to provide the Service, comply with law, resolve disputes, maintain security, enforce agreements, and preserve audit records. Retention periods vary by data type and legal requirement.

You may request account deletion or access to personal information, subject to identity verification and legal exceptions. Some records, such as security logs, billing records, backups, and blockchain data, may be retained where required or technically unavoidable.

We use administrative, technical, and organizational safeguards designed to protect information. No system is perfectly secure, and we cannot guarantee that unauthorized access, loss, misuse, or disclosure will never occur.

We may process and store information in the United States, Ireland, and other countries where we or our providers operate. Those locations may have data-protection laws different from your jurisdiction.

To exercise privacy rights or ask questions about this Policy, contact us at support@carboncopy.inc.