Last updated: July 4, 2026
This Privacy Policy explains what personal data AutoTrader ("we", "us") collects when you use our website and trading automation service (the "Service"), how we use and protect it, and the rights you have over it. The data controller is the operator of AutoTrader, reachable at contact@YOUR-DOMAIN.com. By using the Service you also agree to our Terms of Service.
We collect only what the Service needs to function:
We never hold your funds or cryptoassets, we cannot withdraw from your exchange account, we do not use advertising trackers, and we never sell your personal data.
Where the EU/UK GDPR applies, our legal bases are: performance of our contract with you (providing the Service), our legitimate interests (security, abuse prevention, service improvement), your consent (push notifications), and compliance with legal obligations.
We share data only where necessary to run the Service:
No system is perfectly secure. If we become aware of a breach affecting your personal data, we will notify you and the competent authorities as required by applicable law.
We keep your data while your account is active. If you delete your account or disconnect an exchange, the associated credentials are deleted. Trade history and security logs may be retained for a limited period after account closure where we have a legitimate interest (fraud and abuse prevention, dispute resolution) or a legal obligation to keep them, after which they are deleted or anonymized. Temporary records such as webhook de-duplication entries expire automatically.
Depending on where you live (including under the EU/UK GDPR), you have the right to access, correct, delete, or receive a copy of your personal data, to restrict or object to certain processing, and to withdraw consent at any time (for example, disabling push notifications). To exercise any right, email contact@YOUR-DOMAIN.com. We will respond within the timeframe required by law. You also have the right to lodge a complaint with your local data protection authority.
Our infrastructure providers may store or process data in countries other than your own. Where data is transferred out of the EU/UK, we rely on providers that offer appropriate safeguards, such as standard contractual clauses or an adequacy decision.
We use only what is strictly necessary to operate the Service: authentication tokens (via Firebase), your session state, and service-worker caching so the app can work as an installable PWA. We do not use third-party advertising or analytics cookies.
The Service is not directed to anyone under 18, and we do not knowingly collect data from minors. If you believe a minor has created an account, contact us and we will delete it.
We may update this policy from time to time. We will post the updated version here with a new "Last updated" date and, for material changes, notify you in the app or by email.
Privacy questions or requests: contact@YOUR-DOMAIN.com