1. Information We Collect
As a financial technology company, we collect information necessary to provide our trading systems, charting SDKs, and related services to enterprises and financial institutions:
- Business Information: Company name, business registration details, industry classification
- Contact Information: Authorized representatives, technical contacts, billing contacts
- Technical Data: System specifications, integration requirements, performance metrics
- Financial Information: Payment details, billing addresses, transaction records
- Communication Records: Support tickets, technical discussions, project documentation
- Compliance Data: Regulatory information, audit trails, risk assessments
2. Trading System Data Collection
For our trading systems and financial services, we collect:
- Market Data: Price feeds, order book data, trade execution information
- User Activity: Trading patterns, system usage, performance analytics
- Risk Data: Position information, margin calculations, compliance metrics
- System Logs: Access logs, error logs, security events, audit trails
- API Usage: SDK integration data, API call patterns, performance metrics
3. How We Use Your Information
We use collected information to:
- Deliver and maintain our trading systems and charting SDKs
- Provide 24x7 technical support and system monitoring
- Ensure compliance with financial regulations and industry standards
- Optimize system performance and reliability
- Conduct risk management and fraud prevention
- Generate analytics and reporting for business intelligence
- Develop and improve our technology solutions
- Maintain audit trails for regulatory compliance
4. Data Sharing and Disclosure
We may share information in the following circumstances:
- Regulatory Compliance: With financial regulators, auditors, and compliance authorities
- Service Providers: With trusted partners who assist in system operations and maintenance
- Legal Requirements: When required by law, court order, or regulatory investigation
- Business Partners: With approved third-party integrations and data providers
- Security: To prevent fraud, protect against security threats, or investigate violations
- Consent: When explicitly authorized by the data subject
5. Financial Data Security
We implement enterprise-grade security measures specifically designed for financial services:
- Encryption: AES-256 encryption for data at rest and TLS 1.3 for data in transit
- Access Controls: Multi-factor authentication, role-based access, privileged access management
- Network Security: Firewalls, intrusion detection, DDoS protection, network segmentation
- Audit Logging: Comprehensive logging of all system activities and data access
- Regular Testing: Penetration testing, vulnerability assessments, security audits
- Compliance: SOC 2, ISO 27001, and financial industry security standards
6. Data Retention and Archival
We retain data according to our software service standards and business needs. Clients are responsible for ensuring compliance with their specific regulatory requirements:
- System Data: Retained for operational and support purposes
- Audit Logs: Retained for security monitoring and system maintenance
- Client Data: Retained for the duration of the service relationship
- Development Data: Retained for ongoing support and maintenance
- Archival: Secure archival of historical data as needed
- Client Responsibility: Clients must ensure their data retention policies meet local regulatory requirements
7. Your Rights and Data Subject Requests
Under applicable data protection laws, you have the right to:
- Access: Request copies of your personal and business data
- Rectification: Correct inaccurate or incomplete information
- Erasure: Request deletion of data (subject to regulatory requirements)
- Portability: Receive data in a structured, machine-readable format
- Restriction: Limit processing of your data in certain circumstances
- Objection: Object to processing based on legitimate interests
8. International Data Transfers
As a global software company, we provide technology solutions to international clients. Data transfer compliance responsibilities:
- Software Services: We provide technology tools and solutions for client use
- Client Responsibility: Clients must ensure compliance with their local data protection laws
- Data Residency: Clients can choose deployment options based on their requirements
- Cross-Border: Clients are responsible for ensuring appropriate safeguards for their data
- Regulatory Compliance: Clients must adhere to applicable laws in their jurisdiction
- Technical Support: We provide technical assistance for data protection implementation
9. Client Compliance Responsibilities
As a software development company, we provide technology solutions and tools. Client compliance responsibilities include:
- Local Regulations: Clients must ensure compliance with their local data protection and financial regulations
- Industry Standards: Clients are responsible for meeting industry-specific compliance requirements
- Legal Framework: Clients must adhere to applicable laws in their jurisdiction (GDPR, CCPA, SOX, etc.)
- Regulatory Reporting: Clients are responsible for all regulatory reporting and audit requirements
- Data Governance: Clients must implement appropriate data governance policies and procedures
- Third-Party Compliance: Clients must ensure compliance with any third-party service provider requirements
10. Incident Response and Breach Notification
In the event of a data security incident:
- Detection: 24x7 monitoring and automated threat detection
- Response: Immediate containment and investigation procedures
- Notification: Timely notification to affected parties and authorities
- Remediation: Comprehensive remediation and prevention measures
- Documentation: Detailed incident reports and lessons learned
11. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our services or legal requirements. We will notify clients of material changes through our standard communication channels and update the "Last updated" date accordingly.
Last updated: January 2025
