Privacy Policy

This Privacy Policy (hereinafter - "Policy") governs the processing and protection of personal data collected by LLC "TRADE KEEPER" (hereinafter - "Company", "we", "our") when using the websites https://tradekeeper.io, https://app.tradekeeper.io and any other digital resources of the Company (collectively - "Site").

We respect the right of users (hereinafter - "User") to privacy and comply with the requirements of Ukrainian legislation, in particular the Law of Ukraine "On Personal Data Protection", as well as the EU General Data Protection Regulation (GDPR), if applicable.

We may process the following User data:

• name and email address;
• IP address, geolocation (city/country), device type and browser type;
• data about the use of the Site (analytical data, cookies);
• cryptocurrency exchange API keys (read-only), trading history and balances;
• information about the User’s last activity;
• account identifiers (including username or Telegram ID), profile information voluntarily provided by the User, language settings (interface language), as well as referral identifiers used to determine the source of User registrations.

We do not collect or store payment details – payments are made through third-party payment providers that comply with PCI DSS requirements.

The User’s personal data is processed for the following purposes:

• providing analytical functionality of the Site;
• maintaining the User account;
• managing subscriptions;
• communicating with the User (informational and technical messages);
• statistical analysis and improvement of the Site;
• tracking the source of User registrations and operating referral or partner programs;
• sending service notifications (technical and informational) through communication channels voluntarily connected by the User, including Telegram;
• fulfilling legal obligations.

The User may provide cryptocurrency exchange API keys in order to use the functionality of the Site. We strongly recommend using only API keys with “read-only” permissions, which allow viewing trading information without the ability to trade, transfer funds, or make changes to the exchange account.

The Company has no technical ability to verify the access level granted by the User when creating an API key. Therefore, the responsibility for providing API keys with limited access permissions (“read-only”) lies entirely with the User. The Company does not carry out any financial or trading operations and does not intend to gain access to the assets of Users. If it is discovered that an API key has extended permissions, the Company reserves the right to refuse the use of such API key on the Site or request additional confirmation.

The User independently determines the level of access when creating an API key and is responsible for its security.

Provided API keys are used exclusively for the analytical display of trading history on the Site. The Company does not transfer API keys to third parties and does not provide access to them.

The Company stores all API keys in encrypted form using the modern cryptographic standard AES-256 in order to ensure a high level of data security.

We may share Users’ personal data with the following categories of third parties solely for the purposes described in this Policy:

• authentication providers – when the User signs in through third-party authentication services (including a Google account), basic profile information may be exchanged for the purpose of verifying the User’s identity;
• providers of infrastructure and security services – including hosting, content delivery network (CDN) and cybersecurity services (including Cloudflare) used to ensure the availability, stability and protection of the Site;
• payment providers – when the User initiates a payment, they may be redirected to a third-party payment provider that processes payment data in accordance with its own security and privacy policies;
• competent public authorities – where such disclosure is required by applicable law of Ukraine or pursuant to an official request from authorized authorities.

Some of these service providers may process personal data outside Ukraine in accordance with applicable data protection laws.

Users’ personal data is not sold or rented to third parties.

The Site uses cookies to ensure the proper functioning of the service and to improve user experience. Cookies are small text files stored on the User's device that allow the Site to store technical parameters, maintain the User session and perform authentication.

During authentication, technically necessary cookies may be set to maintain the User session, protect against CSRF attacks and ensure the proper functioning of the Site. Such cookies contain only technical identifiers required for authentication and session management.

The Site may also use cookies set by providers of infrastructure and security services, including Cloudflare, in order to detect bots, prevent automated abuse and protect the Site from malicious activity. Such cookies are used solely for security purposes and do not contain information that directly identifies the User.

We use only technically necessary cookies required for the proper functioning of the Site and the User account.

In the future, the Site may use web analytics services, including Google Analytics or other similar tools. In such case, this Policy will be updated to reflect the relevant services, the categories of data processed and the available opt-out mechanisms.

The User may manage cookies through their browser settings. However, disabling technically necessary cookies may limit access to certain features of the Site or affect its proper functioning.

Users' personal data is stored for the period necessary to achieve the purposes defined by this Policy, or for the periods provided by current legislation.

Storage and processing of personal data is carried out on servers in Frankfurt (Germany), serviced by providers DigitalOcean, Cloudflare and Amazon Web Services (AWS).

The Company takes all reasonable technical and organizational measures to ensure the security of personal data, including:

• use of secure servers with limited access, located in certified data centers;
• encryption of confidential data, including API keys, using modern cryptographic standards;
• restricting access to personal data only to authorized Company employees within the scope of their official duties;
• monitoring and protecting the information infrastructure from unauthorized access, loss or data leakage.

The Company constantly improves information security measures in accordance with current technological standards.

The User has the right to:

• receive information about the processing of their personal data;
• request access to their personal data, as well as request correction, updating or deletion of such data;
• request restriction of the processing of personal data or object to such processing;
• withdraw consent to the processing of personal data at any time (where such processing is based on consent);
• lodge a complaint with the competent authority for personal data protection in case of violation of their rights;
• where applicable under the GDPR, exercise the right to data portability.

These rights are guaranteed in accordance with the applicable legislation of Ukraine, including the Law of Ukraine "On Personal Data Protection", as well as the General Data Protection Regulation of the European Union (GDPR), where its provisions apply to the relevant User.

Requests from Users regarding the exercise of their rights are considered by the Company in the manner and within the time limits established by applicable law.

If a request concerns the deletion of a User account or related data (including API keys or technical information), it must be submitted as a written request to the Company’s email address: [email protected]. Such requests may be processed manually taking into account the technical features of the Site.

The Company reserves the right to change or update this Policy at any time. The current version of the Policy is published on the Site indicating the date of the last update. Continued use of the Site constitutes the User’s consent to the updated version of the Policy.

This Policy is drafted in the Ukrainian language. In the event of translation into other languages and any discrepancies between language versions, the Ukrainian text shall prevail.