Privacy Policy

What we collect, what we never store, and your rights.

Last updated: 6 July 2026

This Privacy Policy explains how StrategyFactory.ai FZ-LLC (“StrategyFactory.ai”, “we”, “us”, “our”), registered in Dubai, United Arab Emirates, collects, uses, shares, and protects personal data in connection with trigger.trade and the related StrategyFactory webhook services (the “Services”).

🔒 The core promise: your exchange API keys and secrets are never stored. They are processed transiently for encryption, returned to you inside your alert files, and discarded. We keep no database of credentials.

We do not sell personal data.

1) Personal Data We Collect

We do not request or store your exchange passwords. We do not hold private keys and do not take custody of funds.

2) How We Use Personal Data

We do not use your personal data to provide financial advice or recommendations.

3) Legal Bases (GDPR-Aware)

Where GDPR or similar laws apply, we process personal data on the basis of: performance of a contract (providing the Services), legitimate interests (security, fraud prevention, service improvement), compliance with legal obligations, and consent where required.

4) Data Storage & Security

You are responsible for configuring exchange API keys with least privilege. We strongly recommend disabling withdrawal permissions and limiting keys to trading functionality only.

5) Cookies & Tracking

We use essential cookies required for sign-in sessions (set by Clerk) and basic site functionality. We do not run advertising trackers. You can control cookies through your browser settings; disabling essential cookies will break sign-in.

6) Sharing & Third-Party Processors

We share data with service providers only as needed to operate the Services:

Third parties, including TradingView and the exchanges, process your data under their own terms and policies. StrategyFactory.ai is not responsible for third-party privacy practices.

7) International Transfers

We are based in the United Arab Emirates, and our service providers may be located in multiple countries. Your personal data may be transferred to and processed in jurisdictions with different data protection laws than your country of residence.

8) Data Retention

We retain personal data only as long as necessary for the purposes described here, including legal, accounting, security, and operational requirements. Exchange credentials are not retained at all; they exist in our systems only for the seconds needed to encrypt them.

9) Your Rights

Subject to applicable law, you may request access to, correction of, deletion of, or restriction of processing of your personal data, and you may object to certain processing. To submit a request, email [email protected]. We may require verification of identity before fulfilling requests.

10) Changes to This Policy

We may update this Privacy Policy at any time. Continued use of the Services after changes become effective constitutes acceptance of the updated policy.

11) Contact

For privacy inquiries, email [email protected] or visit the knowledge base.