Last updated: May 2026
This policy describes how Brain Technology ("we", "us", "our") handles personal information when you use our website, dashboard, APIs, and related services (the "Service"). Have this document reviewed by qualified legal counsel before you rely on it for a regulated launch.
Brain Technology operates the Service. For privacy-related requests, contact us at the support email shown on the website. If you appoint a grievance officer under applicable Indian law, add their name and contact details here when finalised.
Account data: name, email address, phone number if provided, and credentials (passwords are stored using one-way hashing; we do not store your password in plain text).
Broker connectivity: API keys, tokens, and related secrets you supply to link your broker. These values are encrypted at rest (for example AES-256-GCM) and are not displayed back to staff in plain text for routine operations.
Trading and product usage: strategies you enable, orders and positions mirrored from your broker where applicable, logs, configuration, and support tickets you send us.
Technical data: IP address, device and browser type, approximate location derived from IP, timestamps, and diagnostic events (for example error reports if you enable optional monitoring such as Sentry).
Payments: if you pay through a third-party gateway, payment identifiers and billing status may be processed by that provider under their terms; we do not store full card numbers unless you are independently PCI-DSS compliant and contractually require it.
We use personal information to:
Depending on jurisdiction, we may rely on contract (to deliver the Service), legitimate interests (for example security and product improvement), consent (for optional communications or cookies where required), and legal obligation.
We use infrastructure and software providers (for example hosting, database, email delivery, error monitoring). They process data on our instructions and for the purposes above. We may disclose information if required by law or to protect rights, safety, and integrity of users and the Service. We do not sell your personal information.
We retain account and trading-related data for as long as your account is active and for a reasonable period afterwards for backups, dispute resolution, and legal compliance. Broker tokens may be deleted earlier when you disconnect your broker. Exact retention schedules should be aligned with your counsel and operational needs.
We use industry-standard measures such as TLS in transit, encryption for sensitive fields, access controls, and separation of environments where practicable. No method of transmission or storage is 100% secure; you use the Service at your own risk subject to our Terms.
Depending on where you live, you may have rights to access, correct, delete, or export your personal data, and to object to or restrict certain processing. Contact support to exercise these rights. You may lodge a complaint with a supervisory authority where applicable law allows.
If data is stored or processed outside your country (for example on a cloud region), we implement appropriate safeguards as required by law and describe them in annexes or subprocessors documentation as your counsel advises.
The Service is not directed to children under 18 (or the age of majority in your jurisdiction).
We may update this policy from time to time. We will post the updated version and revise the "Last updated" date. Material changes may require additional notice under applicable law.
This text is a practical starting point only. Before production use, have a qualified lawyer in your jurisdiction review and adapt it — especially for India's Digital Personal Data Protection Act, 2023 and any sector-specific rules that apply to you.