LEGAL

Privacy Policy

1 Data We Hold

KYC information, contact details, subscription state, broker access tokens (AES-256-GCM encrypted), session logs, and audit records of every consent and trade event.

2 Token Handling

Broker access tokens are encrypted with user-specific keys, never logged, never exposed in API responses, and revoked daily at 4:00 PM IST.

3 Retention

Audit logs and trade records are retained for five years in compliance with SEBI requirements.

4 Third Parties

Data is shared only with empaneled brokers (for trade execution), exchanges (for Strategy ID compliance), and regulators upon lawful request.