Privacy Policy

Last Updated: February 14, 2026

🔒 GDPR & CCPA Compliant

1. Introduction

At BluePeak Ventures ("we," "us," or "our"), we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the AI Trading Platform ("Platform" or "Service").

We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant privacy regulations.

By using our Service, you consent to the data practices described in this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

  • Account Information: Name, email address, username, password
  • Profile Data: Trading preferences, risk tolerance settings, notification preferences
  • Payment Information: Billing details for performance fee payments (processed securely by third-party payment processors)
  • Exchange API Keys: Read-only trading API keys and secrets (encrypted and stored securely)
  • Communications: Messages, feedback, and support requests you send to us

2.2 Automatically Collected Information

When you use our Service, we automatically collect certain information:

  • Trading Data: Trade history, positions, performance metrics, portfolio values
  • Usage Information: Pages visited, features used, time spent on platform, click patterns
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Access times, error logs, API request logs
  • Cookies and Tracking: Session data, preferences, analytics information

2.3 Information from Third Parties

We may receive information from:

  • Cryptocurrency Exchanges: Account balances, trade confirmations, market data
  • Payment Processors: Payment confirmation, transaction status
  • Analytics Providers: Aggregated usage statistics, performance metrics
  • Affiliate Partners: Referral information for affiliate program participants

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Delivery

  • Execute automated trades on your behalf via exchange APIs
  • Monitor and manage your trading portfolio
  • Calculate and apply risk management rules
  • Generate performance reports and analytics
  • Provide copy trading functionality

3.2 Platform Improvement

  • Train and improve AI trading algorithms
  • Analyze usage patterns to enhance user experience
  • Develop new features and services
  • Conduct research and testing

3.3 Communication

  • Send trade notifications and alerts
  • Provide customer support and respond to inquiries
  • Send important account updates and security alerts
  • Deliver marketing communications (with your consent)

3.4 Legal and Security

  • Comply with legal obligations and regulatory requirements
  • Detect and prevent fraud, abuse, and security threats
  • Enforce our Terms of Service
  • Protect the rights and safety of our users

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share data with trusted third-party service providers who assist in operating our Service:

  • Cloud hosting providers (AWS, Google Cloud)
  • Payment processors for fee collection
  • Email service providers for notifications
  • Analytics platforms for usage tracking
  • Customer support tools

All service providers are bound by contractual obligations to keep information confidential and use it only for providing services to us.

4.2 Cryptocurrency Exchanges

We connect to cryptocurrency exchanges via your API keys to execute trades. We only access the minimum necessary information and never have withdrawal permissions.

4.3 Legal Requirements

We may disclose information when required by law or in response to:

  • Court orders, subpoenas, or legal processes
  • Regulatory or government requests
  • Protection of our legal rights
  • Investigation of fraud or security issues

4.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

4.5 Aggregated Data

We may share aggregated, de-identified information that cannot reasonably be used to identify you for research, marketing, or analytics purposes.

5. Data Security

We implement industry-standard security measures to protect your information:

5.1 Technical Safeguards

  • Encryption: All data transmitted using TLS/SSL encryption (256-bit)
  • API Key Security: Keys encrypted at rest using AES-256
  • Database Security: Encrypted databases with access controls
  • Authentication: Multi-factor authentication (MFA) available
  • Network Security: Firewalls, intrusion detection, DDoS protection

5.2 Organizational Measures

  • Limited employee access to personal data on need-to-know basis
  • Regular security audits and penetration testing
  • Employee training on data protection
  • Incident response procedures

⚠️ Security Reminder

No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. Use strong passwords and enable MFA for additional protection.

6. Data Retention

We retain your information for as long as necessary to provide our Service and comply with legal obligations:

  • Account Data: Retained while your account is active and for 7 years after closure for legal compliance
  • Trading Records: Maintained for 7 years for regulatory and tax purposes
  • Communication Records: Kept for 3 years for support and legal purposes
  • Log Data: Retained for 90 days for security and troubleshooting

You may request deletion of your data subject to legal retention requirements. Some information may be retained in anonymized form for analytical purposes.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

7.1 GDPR Rights (EU/EEA Users)

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Limit how we use your data
  • Right to Portability: Receive your data in a portable format
  • Right to Object: Object to processing for direct marketing
  • Right to Withdraw Consent: Withdraw consent for data processing

7.2 CCPA Rights (California Users)

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of sale of personal information (we don't sell data)
  • Right to Non-Discrimination: Equal service regardless of privacy rights exercise

7.3 Exercising Your Rights

To exercise any of these rights, contact us at:

Email: [email protected]

Subject Line: Privacy Rights Request

We will respond to your request within 30 days. We may require verification of your identity before processing your request.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

8.1 Types of Cookies

  • Essential Cookies: Required for platform functionality and security
  • Preference Cookies: Remember your settings and choices
  • Analytics Cookies: Help us understand how you use the platform
  • Marketing Cookies: Track effectiveness of campaigns (with consent)

8.2 Managing Cookies

You can control cookies through:

  • Browser settings to block or delete cookies
  • Our cookie preference center in your account settings
  • Opt-out tools for analytics providers (Google Analytics, etc.)

Note: Disabling essential cookies may impact platform functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for certain jurisdictions
  • Data Processing Agreements with all service providers
  • Compliance with Privacy Shield principles where applicable

By using our Service, you consent to the transfer of your information to countries that may have different data protection laws than your jurisdiction.

10. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

If we discover that we have collected information from a child without parental consent, we will delete that information immediately. If you believe we have collected information from a child, please contact us at [email protected].

11. Third-Party Links

Our Service may contain links to third-party websites, including cryptocurrency exchanges. We are not responsible for the privacy practices of these external sites.

We encourage you to review the privacy policies of any third-party sites you visit. This Privacy Policy applies only to information collected by our Service.

12. Changes to Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via:

  • Email notification to registered users
  • Prominent notice on our platform
  • Update to the "Last Updated" date at the top of this policy

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

13. Contact Us

For questions or concerns about this Privacy Policy or our data practices, please contact:

Data Protection Officer: [email protected]

Email: [email protected]

Address: BluePeak Ventures, [Address]

EU Representative: [EU Contact if applicable]

If you have unresolved privacy concerns, you have the right to lodge a complaint with your local data protection authority.