Privacy Policy
Last updated on 21 Oct 2025
1. INTRODUCTION
2. SCOPE & CONTROLLER STATUS
3. CATEGORIES OF PERSONAL DATA WE COLLECT
4. SOURCES
5. PURPOSES & LEGAL BASES
6. DISCLOSURES & CATEGORIES OF RECIPIENTS
7. INTERNATIONAL TRANSFERS
8. RETENTION
9. SECURITY
10.COOKIES & TRACKING
11.YOUR RIGHTS
12.CHILDREN
13.CHANGES
1. INTRODUCTION
StratAIge, Inc. (“StratAIge”, “we”, “us”) operates an AI strategy-building platform that creates, back-tests and delivers equity-trading signals. We are not a broker-dealer or investment adviser. This Policy explains how we collect, use, disclose and protect Personal Data in connection with stratAIge.com, our API, mobile or desktop applications, e-mail, Discord & Telegram bots, and any other service that links to this Policy (collectively, the “Service”). By registering, connecting a brokerage account, or simply browsing, you accept this Policy.
2. SCOPE & CONTROLLER STATUS
We act as a “data controller” (GDPR) and “business” (CCPA/CPRA). Personal Data means any information that identifies, relates to, describes, or could reasonably be linked to you.
3. CATEGORIES OF PERSONAL DATA WE COLLECT
A. Identification: name, username, postal address, phone, government ID (for KYC when required).
B. Contact & Device: e-mail, IP address, device IDs, browser fingerprint, geolocation.
C. Financial & Trading: linked broker account numbers, balances, transaction history, strategy parameters, risk tolerance, performance statistics.
D. AI Inputs & Generated Content: watch-lists, custom indicators, copied strategies, portfolio allocations, signal logs.
E. Third-Party Social: profile photo, UID, and public posts when you sign-in via Google, Discord, Telegram, etc.
F. Automatically-Collected: click-stream, feature usage, error reports, cookies / pixels (see § 10).
4. SOURCES
You, your browser/device, Alpaca (via OAuth), data brokers for fraud scoring.
5. PURPOSES & LEGAL BASES
a. Service delivery – account creation, strategy generation, back-testing, signal dispatch (contract performance).
b. Broker connectivity – token exchange, order routing, balance refresh (contract performance & legitimate interests).
c. AI improvement – de-identified model training, feature tuning (legitimate interests; aggregated).
d. Security & fraud – device fingerprinting, IP reputation (legitimate interests & legal duty).
e. Marketing – newsletters, in-app upsells, event invitations (consent; opt-out any time).
f. Compliance – audit trails, tax, sanctions screening, regulatory requests (legal obligation).
6. DISCLOSURES & CATEGORIES OF RECIPIENTS
We never sell Personal Data. We share only as needed:
Alpaca Securities LLC (order execution)
Cloud & analytics vendors (AWS, GCP, Datadog, Amplitude)
Communication platforms (SendGrid, Discord, Telegram)
KYC / identity validators
Regulators, courts, or law-enforcement when legally compelled
All recipients are contractually bound to use the data solely for the agreed purpose and to implement appropriate security measures.
7. INTERNATIONAL TRANSFERS
We host in the United States. Where we transfer EEA/UK data abroad we rely on Standard Contractual Clauses approved by the European Commission or UK ICO.
8. RETENTION
We keep your data for the life of your account + 6 years for tax / audit, or longer if required by a pending matter. De-identified AI training data may be retained indefinitely. When you delete your account we erase or anonymise within 30 days unless retention is necessary for legal claims or regulatory obligations.
9. SECURITY
AES-256 at rest, TLS 1.3 in transit, SOC-2-audited infrastructure, role-based access, MFA for staff, quarterly penetration tests, and real-time anomaly detection on trading endpoints.
10. COOKIES & TRACKING
Essential cookies: session, auth, CSRF.
Analytics cookies: Amplitude, GA4 (IP anonymised).
Marketing cookies: LinkedIn, Twitter (only with consent).
See full Cookie Policy for opt-out links.
11. YOUR RIGHTS
You may access, correct, delete, port, or restrict processing of your Personal Data, and withdraw consent at any time. Verified requests are fulfilled within 45 days. California consumers may exercise CCPA/CPRA rights without discrimination. To raise a complaint ran0xiaoxuan@gmail.com.
12. CHILDREN
The Service is not directed to children under 16. We do not knowingly collect their data.
13. CHANGES
Material changes will be announced via e-mail or in-app banner 30 days in advance. Continued use constitutes acceptance.