Privacy Policy
March 20, 2026 · Last Updated: 20/03/2026 · Version 1.1
1. Introduction
1.1 Overview
This Privacy Policy describes how StratWise.ai ("StratWise", "we", "us", "our") collects, uses, stores, shares, and protects your personal information when you access or use our automated cryptocurrency trading platform, website, mobile applications, APIs, and related services (collectively, the "Service").
1.2 Acceptance
By using the Service, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein. If you do not agree with this Privacy Policy, you must not use the Service.
1.3 Scope
This Privacy Policy applies to all users of the Service, including visitors to our website, registered users, and those who connect their exchange accounts to our Platform.
1.4 Updates
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and sending email notification. Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy.
2. Information We Collect
2.1 Information You Provide Directly
2.1.1 Account Registration Information
- Full name
- Email address
- Phone number (optional)
- Password (encrypted)
- Date of birth
- Country of residence
- Preferred language
- Profile picture (optional)
2.1.2 Identity Verification Information (KYC)
When required for compliance purposes, we may collect:
- Government-issued ID documents (passport, driver's license, national ID)
- Proof of address (utility bills, bank statements)
- Facial verification photographs
- Tax identification numbers
- Beneficial ownership information
2.1.3 Payment Information
- Payment method details (credit/debit card information is processed by third-party payment processors)
- Billing address
- Transaction history
- Invoice details
2.1.4 Communication Data
- Customer support inquiries and correspondence
- Feedback and survey responses
- Email and chat communications
- Phone call recordings (with your consent)
2.2 Information Collected Automatically
2.2.1 Technical and Device Information
- IP address
- Browser type and version
- Operating system and device type
- Device identifiers (UDID, advertising ID)
- Screen resolution and display settings
- Time zone and language preferences
- Mobile network information
2.2.2 Usage Data
- Login and logout times
- Pages visited and features used
- Click patterns and navigation paths
- Time spent on pages
- Search queries
- Feature preferences and settings
- Error logs and crash reports
2.2.3 Location Data
- Approximate geographic location based on IP address
- Precise location data (only if you grant permission on mobile devices)
2.2.4 Cookies and Tracking Technologies
We use cookies, web beacons, pixels, and similar technologies to:
- Maintain user sessions
- Remember preferences and settings
- Analyze usage patterns
- Provide personalized content
- Prevent fraud and enhance security
2.3 Trading and Financial Information
2.3.1 Exchange API Data
When you connect your exchange account, we collect:
- API keys (encrypted and stored securely)
- Exchange account identifiers
- Available balances and positions
- Open and closed order history
- Transaction and trade data
- Deposit and withdrawal records (for analysis, not execution)
2.3.2 Trading Activity Data
- Active and historical trading strategies
- Bot configurations and settings
- Performance metrics and statistics
- Risk parameters and limits
- Profit and loss data
- Asset allocations
2.3.3 Market Data
We collect aggregated market data to improve our AI algorithms:
- Price data from connected exchanges
- Order book depth
- Trading volume
- Market sentiment indicators
- News and social media sentiment
2.4 Information from Third-Party Sources
2.4.1 Cryptocurrency Exchanges
We receive data from exchanges when you connect your account via API, including account balances, trading history, and order execution data.
2.4.2 Identity Verification Services
We use third-party KYC/AML service providers who may share verification results and risk assessments with us.
2.4.3 Analytics Providers
We may receive aggregated or de-identified data from analytics services about how users interact with our Service.
2.4.4 Social Media and Single Sign-On
If you choose to register or log in using social media accounts (e.g., Google, Apple), we receive basic profile information as permitted by the platform.
2.5 Information We Do NOT Collect
We do not collect or have access to:
- Your exchange account withdrawal passwords or permissions
- Credit card CVV codes (processed by payment providers)
- Private keys or seed phrases to cryptocurrency wallets
- Passwords for your exchange accounts
3. How We Use Your Information
3.1 Providing and Maintaining the Service
- Create and manage your account
- Authenticate your identity and prevent unauthorized access
- Connect to cryptocurrency exchanges via API
- Execute automated trading strategies
- Process transactions and calculate performance fees
- Provide customer support
- Send service-related notifications and updates
3.2 Improving and Developing the Service
- Analyze usage patterns to improve user experience
- Train and optimize AI algorithms and machine learning models
- Develop new features and functionalities
- Conduct research and analysis
- Test and monitor Service performance
- Debug and fix technical issues
3.3 Security and Fraud Prevention
- Detect and prevent fraudulent activities
- Monitor for suspicious or unusual trading patterns
- Protect against security threats and vulnerabilities
- Enforce our Terms of Service
- Comply with legal and regulatory requirements
- Respond to legal requests and prevent harm
3.4 Communication and Marketing
- Send account-related emails and notifications
- Provide trading performance reports
- Share product updates and new features
- Send promotional materials and offers (with your consent)
- Conduct surveys and request feedback
- Respond to your inquiries and requests
3.5 Legal and Compliance
- Comply with applicable laws and regulations
- Respond to subpoenas, court orders, and legal processes
- Enforce our Terms of Service and other policies
- Protect our rights, property, and safety
- Prevent money laundering and terrorist financing
- Fulfill tax reporting obligations
3.6 Analytics and Aggregated Data
- Create aggregated, anonymized statistics
- Generate market insights and trends
- Benchmark trading performance
- Conduct business analysis
- Share aggregated data with partners (no personal identification)
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data based on the following legal grounds:
4.1 Contractual Necessity
Processing is necessary to perform our contract with you (Terms of Service), including:
- Account creation and management
- Executing automated trading
- Processing payments
- Providing customer support
4.2 Legitimate Interests
Processing is necessary for our legitimate business interests, such as:
- Improving and developing the Service
- Preventing fraud and enhancing security
- Analytics and business intelligence
- Direct marketing (with opt-out options)
4.3 Legal Obligations
Processing is required to comply with legal obligations, including:
- KYC/AML compliance
- Tax reporting
- Responding to legal requests
- Regulatory requirements
4.4 Consent
For certain processing activities, we obtain your explicit consent, such as:
- Marketing communications
- Precise location tracking
- Cookies and tracking technologies (where required)
You may withdraw consent at any time, though this may affect your ability to use certain features.
5. How We Share Your Information
5.1 We Do Not Sell Your Personal Information
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
5.2 Service Providers and Business Partners
We share information with trusted third-party service providers who assist us in operating the Service:
5.2.1 Cloud Infrastructure Providers
- Hosting and storage services (e.g., AWS, Google Cloud, Azure)
- Database management
- Content delivery networks (CDN)
5.2.2 Payment Processors
- Credit card processing services
- Cryptocurrency payment gateways
- Billing and invoicing systems
5.2.3 Identity Verification Services
- KYC/AML compliance providers
- Identity verification and fraud detection services
5.2.4 Analytics and Monitoring Services
- Website analytics (e.g., Google Analytics)
- Application performance monitoring
- Error tracking and logging services
5.2.5 Customer Support Tools
- Helpdesk and ticketing systems
- Live chat providers
- Email communication platforms
5.2.6 Marketing and Communication Services
- Email marketing platforms
- Push notification services
- SMS providers
All service providers are contractually obligated to:
- Use your information only for specified purposes
- Maintain appropriate security measures
- Comply with applicable data protection laws
5.3 Cryptocurrency Exchanges
We share API keys and trading instructions with connected exchanges to execute your automated trading strategies. Exchanges have their own privacy policies governing their use of your information.
5.4 Legal and Regulatory Authorities
We may disclose your information to:
- Law enforcement agencies in response to valid legal requests
- Regulatory bodies and government authorities
- Courts and legal counsel in connection with legal proceedings
- Tax authorities for compliance purposes
5.5 Business Transfers
In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity, subject to the same privacy protections.
5.6 With Your Consent
We may share your information with third parties when you provide explicit consent, such as:
- Participating in partner promotions
- Connecting third-party applications
- Sharing referral information
5.7 Aggregated and De-identified Data
We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with:
- Research partners
- Industry analysts
- The public (e.g., in reports or publications)
6. Data Retention
6.1 Retention Periods
We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
6.2 Specific Retention Periods
- Account Information — Retained while your account is active and for 7 years after account closure for legal and compliance purposes
- Trading Data — Retained for 7 years for regulatory compliance and tax purposes
- Communication Records — Retained for 5 years
- Technical Logs — Retained for 12-24 months
- Marketing Data — Retained until you unsubscribe or opt-out
6.3 Deletion of Data
When retention periods expire, we securely delete or anonymize your personal information. You may request deletion of your account and associated data, subject to legal retention requirements.
6.4 Backup Data
Deleted data may persist in backup systems for up to 90 days before being permanently removed.
7. Data Security
7.1 Security Measures
We implement industry-standard technical and organizational measures to protect your personal information:
7.1.1 Encryption
- Data in transit encrypted using TLS 1.3 or higher
- Data at rest encrypted using AES-256 encryption
- API keys encrypted with separate encryption keys
- Password hashing using bcrypt or Argon2
7.1.2 Access Controls
- Role-based access control (RBAC)
- Multi-factor authentication (MFA) for employee access
- Principle of least privilege
- Regular access reviews and audits
7.1.3 Network Security
- Firewall protection
- Intrusion detection and prevention systems (IDS/IPS)
- Regular vulnerability scanning and penetration testing
- DDoS protection
- Secure API endpoints
7.1.4 Application Security
- Secure coding practices
- Regular security audits and code reviews
- Third-party security assessments
- Bug bounty program
- Secure software development lifecycle (SDLC)
7.1.5 Operational Security
- Security awareness training for employees
- Incident response procedures
- Data breach notification protocols
- Regular security monitoring and logging
- Separate production and development environments
7.2 Your Security Responsibilities
You are responsible for:
- Choosing a strong, unique password
- Enabling two-factor authentication (2FA)
- Keeping your account credentials confidential
- Securing your email account
- Using secure networks when accessing the Service
- Immediately reporting suspected security breaches
7.3 Limitations
While we implement robust security measures, no system is completely secure. We cannot guarantee absolute security of your information. You use the Service at your own risk.
8. International Data Transfers
8.1 Cross-Border Transfers
StratWise operates globally and may transfer your information to countries outside your country of residence, including countries that may have different data protection laws.
8.2 Transfer Mechanisms
For users in the EEA, UK, or Switzerland, we ensure appropriate safeguards for international transfers through:
- European Commission-approved Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
- Other legally recognized transfer mechanisms
8.3 Data Processing Locations
Your information may be processed in:
- European Union
- United States
- Other jurisdictions where our service providers operate
9. Your Privacy Rights
9.1 Rights for EEA, UK, and Swiss Users (GDPR)
You have the following rights regarding your personal data:
9.1.1 Right of Access
Request access to your personal data and obtain a copy of the information we hold about you.
9.1.2 Right to Rectification
Request correction of inaccurate or incomplete personal data.
9.1.3 Right to Erasure ("Right to be Forgotten")
Request deletion of your personal data, subject to legal retention requirements.
9.1.4 Right to Restriction of Processing
Request limitation of processing your personal data in certain circumstances.
9.1.5 Right to Data Portability
Receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
9.1.6 Right to Object
Object to processing of your personal data for direct marketing or based on legitimate interests.
9.1.7 Right to Withdraw Consent
Withdraw your consent at any time where processing is based on consent.
9.1.8 Right to Lodge a Complaint
Lodge a complaint with your local data protection authority if you believe your rights have been violated.
9.2 Rights for California Users (CCPA/CPRA)
California residents have additional rights:
9.2.1 Right to Know
Request information about the categories and specific pieces of personal information we collect, use, disclose, and sell.
9.2.2 Right to Delete
Request deletion of your personal information, subject to exceptions.
9.2.3 Right to Opt-Out of Sale
We do not sell personal information. If we ever do, you have the right to opt-out.
9.2.4 Right to Non-Discrimination
Not receive discriminatory treatment for exercising your privacy rights.
9.2.5 Right to Correct
Request correction of inaccurate personal information.
9.2.6 Right to Limit Use of Sensitive Personal Information
Limit the use of sensitive personal information (where applicable).
9.3 Rights for Other Jurisdictions
Users in other jurisdictions may have additional rights under local data protection laws. Please contact us to learn about your specific rights.
9.4 Exercising Your Rights
To exercise your privacy rights, please:
- Email us at: privacy@stratwise.ai
- Submit a request through the "Privacy Settings" section of your account
- Contact our Data Protection Officer (DPO) if applicable
We will respond to verified requests within the timeframes required by applicable law (typically 30-45 days).
9.5 Verification Process
To protect your privacy, we may require verification of your identity before processing rights requests. We may ask for additional information to confirm your identity.
10. Cookies and Tracking Technologies
10.1 Types of Cookies We Use
10.1.1 Strictly Necessary Cookies
Essential for the Service to function properly:
- Session management
- Authentication
- Security features
- Load balancing
10.1.2 Functional Cookies
Enhance functionality and personalization:
- Language preferences
- Theme settings
- User interface customizations
- Remember login status
10.1.3 Analytics Cookies
Help us understand how users interact with the Service:
- Google Analytics
- Mixpanel
- Amplitude
- Custom analytics tools
10.1.4 Marketing Cookies
Used for advertising and marketing purposes:
- Targeted advertising
- Conversion tracking
- Retargeting campaigns
- Social media integration
10.2 Third-Party Cookies
Our Service may include cookies from third-party service providers. We do not control these cookies and recommend reviewing their privacy policies.
10.3 Cookie Management
You can control cookies through:
- Browser settings (most browsers allow blocking or deleting cookies)
- Our cookie consent banner (where applicable)
- Privacy settings in your account
Note: Disabling certain cookies may limit your ability to use some features of the Service.
10.4 Do Not Track (DNT)
Some browsers include a "Do Not Track" feature. Currently, we do not respond to DNT signals as there is no universally accepted standard.
10.5 Mobile Tracking
Our mobile applications may use:
- Advertising identifiers (IDFA on iOS, GAID on Android)
- Mobile analytics SDKs
- Push notification tokens
You can opt-out of personalized advertising through your device settings.
11. Children's Privacy
11.1 Age Restriction
The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.
11.2 Parental Notice
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at legal@stratwise.ai.
11.3 Removal of Children's Data
If we discover that we have inadvertently collected personal information from a child under 18, we will delete that information promptly.
12. Specific Privacy Disclosures
12.1 AI and Machine Learning
Our AI algorithms process aggregated, de-identified data to:
- Predict market movements
- Optimize trading strategies
- Identify patterns and trends
- Improve algorithm performance
Individual trading data is used to train models but is anonymized and cannot be attributed to specific users in the models.
12.2 API Security
Exchange API keys are:
- Encrypted at rest and in transit
- Stored separately from other user data
- Never logged in plaintext
- Access-restricted to authorized systems only
- Used only for authorized trading activities
12.3 Trading Data Usage
Your trading performance data may be used in aggregate to:
- Calculate platform-wide statistics
- Generate performance benchmarks
- Improve AI algorithms
- Create anonymized case studies
Individual performance data is never publicly disclosed without your consent.
12.4 Communication Monitoring
Customer support communications (email, chat, phone) may be monitored and recorded for:
- Quality assurance
- Training purposes
- Compliance and legal requirements
- Fraud prevention
13. Changes to This Privacy Policy
13.1 Notification of Changes
We may update this Privacy Policy to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes by:
- Posting the updated policy on our website with a new "Last Updated" date
- Sending email notification to registered users
- Displaying a prominent notice on the Platform
- Requiring re-acceptance for significant changes
13.2 Review Recommendations
We encourage you to review this Privacy Policy periodically to stay informed about our data practices.
13.3 Continued Use
Your continued use of the Service after changes to this Privacy Policy constitutes acceptance of the updated terms.
14. Contact Us and Data Protection Officer
14.1 General Privacy Inquiries
For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: legal@stratwise.ai
Support: team@stratwise.ai
Website: https://stratwise.ai/privacy
Mail: [Physical Address]
14.2 Data Protection Officer (DPO)
For GDPR-related inquiries, you may contact our Data Protection Officer:
Email: legal@stratwise.ai
Subject Line: "GDPR Request" or "Data Protection Inquiry"
14.3 Response Time
We aim to respond to privacy inquiries within 5 business days and to formal rights requests within the legally required timeframe (typically 30-45 days).
14.4 Supervisory Authority
EEA, UK, and Swiss users have the right to lodge a complaint with their local data protection authority:
- EEA: Contact your national Data Protection Authority
- UK: Information Commissioner's Office (ICO) - https://ico.org.uk
- Switzerland: Federal Data Protection and Information Commissioner (FDPIC)
15. Specific Jurisdiction Disclosures
15.1 California Privacy Rights
California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact legal@stratwise.ai with "California Privacy Rights" in the subject line.
15.2 Nevada Privacy Rights
Nevada residents may opt-out of the sale of personal information. We do not sell personal information as defined under Nevada law. If you have questions, contact legal@stratwise.ai.
15.3 Brazilian Users (LGPD)
Brazilian users have rights under the Lei Geral de Proteção de Dados (LGPD). For LGPD-related requests, contact legal@stratwise.ai with "LGPD Request" in the subject line.
15.4 Australian Users
Australian users have rights under the Privacy Act 1988. For inquiries, contact legal@stratwise.ai with "Australian Privacy Inquiry" in the subject line.
Acknowledgment
BY USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR INFORMATION AS DESCRIBED HEREIN.
Last Updated: March 20, 2026
Version: 1.1
StratWise.ai - Committed to protecting your privacy while delivering powerful automated trading technology.
'%3e%3cpath%20d='M14.9999%200L0%208.7276V17.4975L14.9999%208.76995V0Z'%20fill='%231E30B6'/%3e%3cpath%20d='M14.9999%2017.4661V17.5018L7.54497%2021.8458L0%2017.5084V8.73845L7.52723%2013.1182L14.9965%2017.4643L14.9999%2017.4661Z'%20fill='%234258FF'/%3e%3cpath%20d='M7.5592%2021.8424L15.0003%2026.1722V26.2358L7.50419%2021.8742L7.5592%2021.8424Z'%20fill='%239CD3BC'/%3e%3cpath%20d='M14.9999%2017.4764L15.0137%2017.4843L14.9999%2017.4927L14.9965%2017.4946V17.4641L14.9999%2017.466V17.4764Z'%20fill='%234258FF'/%3e%3cpath%20d='M30.0003%208.72768L22.4966%2013.068L22.5005%2013.0836L15.0005%208.76999V0L30.0003%208.72768Z'%20fill='%234258FF'/%3e%3cpath%20d='M29.9995%2017.434V26.204L22.4722%2021.8243L15.0241%2017.4906L15.0214%2017.489L15.0133%2017.4842L22.4957%2013.068L29.9995%2017.434Z'%20fill='%234258FF'/%3e%3cpath%20d='M30.0003%2026.2039V26.2145L15.0005%2034.9422V26.1722L22.4731%2021.8242L30.0003%2026.2039Z'%20fill='%231E30B6'/%3e%3cpath%20d='M14.9999%2026.1722V34.9421L0%2026.2145L7.50377%2021.8742L7.55878%2021.8424L14.9999%2026.1722Z'%20fill='%234258FF'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_77_5057'%3e%3crect%20width='29.7058'%20height='34.5999'%20fill='white'%20transform='scale(1.0099)'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
Stratwise