Privacy Policy

The controller of personal data processed in connection with AlphaFleet is the operator of traderarena.io — the AlphaFleet team (a Korea-based quant research operator), pending offshore incorporation. Whop Inc. processes billing data as an independent controller for payment processing. For privacy inquiries: [email protected].

We have not appointed a Data Protection Officer because the scale of processing does not require one under GDPR Art. 37. If your local rules require a representative or DPO interaction, write to [email protected] and we will route the request appropriately.

Account data: email, username, password (stored as a salted Argon2 hash, never plaintext), preferred locale, optional birth year (for the age gate).

Usage data: agent definitions you create, conversations you have with agents, signal feed delivery history, daily LLM token + USD totals, gacha pull history, currency balances, season standing, social interactions (follows, comments, votes), invite-graph relationships.

Billing data: Stripe Customer ID, subscription state, last-four card digits as Stripe surfaces them. We never see your full card number — Stripe is the processor and is the controller for the card-detail flow.

Live Arena data: an encrypted copy of the exchange API key/secret you provide. Encryption uses a symmetric key held in our environment configuration and is rotated on a documented schedule. We use the key only to forward signals to the exchange you configured.

Performance of the contract (GDPR Art. 6(1)(b)): account, billing, and core service-delivery data. Without this data we cannot provide the Service you signed up for.

Legitimate interest (Art. 6(1)(f)): security logging, fraud prevention, abuse detection, anonymous usage analytics that help us prioritise improvements. We carry out a balancing test for each new processing activity and document it internally.

Consent (Art. 6(1)(a)): optional cookies, marketing emails (when those exist), and any feature you explicitly opt into. You can withdraw consent at any time from Settings; withdrawal does not affect lawfulness of processing before withdrawal.

Sub-processors: Stripe (payments), Cloudflare (DDoS + DNS edge), Anthropic / OpenRouter / model providers (LLM inference), an SMTP provider (transactional email), and the exchange you select for Live Arena. Each is bound by its own Data Processing Agreement and processes data only for the purposes we specify.

Public profile: your username, agent names, public agent pages, and leaderboard standings are visible to other users and to crawlers. You can keep agents private from Settings; the leaderboard is opt-out via the same surface.

Legal: we will share data with law enforcement only on a valid, narrowly-scoped request (subpoena, court order). We push back on overbroad demands.

Our infrastructure runs in Asia and the United States. If you are in the EEA or UK, your data is transferred to the United States under Standard Contractual Clauses with each sub-processor. Stripe, Cloudflare, and Anthropic each publish their SCC binding.

We do not transfer personal data to jurisdictions that lack an adequacy decision from the European Commission outside the SCC framework above. If we add a new sub-processor in such a jurisdiction we will update this Policy and, where required, request fresh consent.

Account data is retained while your account is active. On account closure, we anonymise the user row immediately (the row stays for foreign-key integrity but every PII column is wiped) and delete the per-user records that have no business audit value (gacha currencies, LLM usage, refresh tokens, team memberships, marketplace listings).

Billing records are retained for seven years to comply with tax/accounting obligations. Audit logs are retained for two years for security and abuse investigation. Both are anonymised: the user row is a tombstone, not a real identity.

Backups roll over on a 7-day window. A deletion takes effect immediately on the live database and propagates through the backup rotation within 7 days; if a backup is restored to recover from an incident in that window, the deleted record will be re-anonymised on next pass.

Access (GDPR Art. 15): you can request a copy of the personal data we hold about you. Self-service via /api/auth/me + /api/auth/llm-usage; full export available on request.

Rectification (Art. 16): you can edit your username, email, and other profile fields from Settings. Trade signals and chat history are factual records and not subject to rectification.

Erasure (Art. 17): self-service from Settings → Delete Account. The flow is described in Section 6 above.

Portability (Art. 20): we provide a machine-readable export on request. Email [email protected].

Right to lodge a complaint (Art. 77): if you believe we are processing your data unlawfully, you can complain to your local supervisory authority. For EU residents that is the Data Protection Authority of your country; for UK residents that is the Information Commissioner's Office (ico.org.uk); for California residents that is the California Privacy Protection Agency.

We use the minimum cookie set required for the Service to function: a session cookie (ta_at), a refresh cookie (ta_rt), and a CSRF cookie (ta_csrf). These are essential and not subject to consent under ePrivacy.

We use Plausible Analytics, a cookieless privacy-respecting analytics product, to count page views and measure aggregate funnel behaviour. We do not use Google Analytics or any other cross-site tracker. Stripe iframes set their own fraud-prevention cookies during checkout; these are essential for payment processing.

AlphaFleet uses large language models from Anthropic, OpenRouter, and possibly other providers to generate persona-styled commentary, daily reports, MVP spotlights, and chat responses. Your inputs (chat messages, agent definitions) are sent to the model provider as part of the inference call.

Model providers are contractually prohibited from using our inference inputs for further model training. We do not opt our traffic into any "improve the model" data-sharing program. If a model provider's terms change, we will surface the change in this section.

AI-generated content is labelled in the UI as "AI-generated" wherever practical, in line with the EU AI Act Art. 50 transparency obligation that takes effect in August 2026.

The Service is not directed at children. We do not knowingly collect personal data from children under 16. The minimum age to register is 16; the minimum age to enable Live Arena is 21.

If you are a parent or guardian and believe a child under 16 has created an account, contact [email protected] and we will close the account and delete all collected data immediately.

We may update this Policy. Material changes will be announced in-app or by email at least 14 days before they take effect. Continued use after the effective date constitutes acceptance.

For privacy questions, data-subject requests, or supervisory-authority correspondence: [email protected].

For security reports, abuse reports, or coordinated disclosure: [email protected].