Last updated: March 24, 2026
Account data: Name, email address, and hashed password when you register.
Exchange API keys: Encrypted with AES-256-GCM before storage. We never store your keys in plaintext.
Trading data: Trade history, portfolio balances, and execution logs generated by the Platform.
Technical data: IP address, browser type, and cookie consent preference.
We use your data to: provide the trading service, execute trades on your exchange, track portfolio performance, send notifications (if enabled), and improve the Platform.
We protect your data with: AES-256-GCM encryption for exchange credentials, bcrypt password hashing, HTTPS-only connections, HTTP-only secure cookies, and restricted file permissions on our servers.
We do not sell or share your personal data with third parties. Your exchange API keys are only used to communicate with your chosen exchange (Binance, Bitget) for trade execution.
We use a session cookie (httpOnly, secure) for authentication. We use localStorage for cookie consent preference and chart display settings. No third-party tracking cookies are used.
Account data is retained as long as your account is active. Trading history and execution logs are retained indefinitely for audit purposes. You may request deletion of your account and associated data by contacting us.
You have the right to: access your personal data, correct inaccurate data, request deletion of your data, disconnect your exchange keys at any time, and disable all notifications.
For privacy inquiries, contact us at privacy@medusaedge.com.