← Back

Privacy Policy

Last updated: March 2025

1. Who we are

HIT Algo (High Intelligence Trading) is a trading intelligence platform that provides live market signals, automated trading bots, and broker integration. This policy explains how we collect, use, and protect your data.

2. Data we collect

  • Account information — email address, name, and hashed password when you register or are created by an administrator.
  • Broker credentials — API keys you provide to connect your broker. These are encrypted at rest and never shared with third parties.
  • Trading activity — orders placed through the platform, including instrument, side, quantity, and execution status.
  • Usage data — pages visited, session duration, and feature interactions collected via PostHog analytics (see Section 5).

3. How we use your data

  • To authenticate you and provide access to the platform.
  • To execute trading orders on your behalf via your connected broker.
  • To display your trading history, bot configurations, and market signals.
  • To improve the platform based on aggregated usage analytics.
  • To monitor errors and ensure platform reliability.

4. Legal basis (GDPR)

  • Contract performance — processing your account data and executing trades is necessary to provide the service you signed up for.
  • Legitimate interest — we use product analytics to understand how the platform is used and to improve it. This is a recognized legitimate interest under GDPR Article 6(1)(f).

5. Analytics & cookies

We use PostHog for product analytics. PostHog may set cookies in your browser to track sessions and identify returning users. Data is processed on PostHog's EU servers (eu.i.posthog.com).

These analytics tools collect information such as pages visited, session duration, browser type, and device information. No financial data or broker credentials are sent to analytics providers.

6. Error monitoring

We use Sentry for error tracking and performance monitoring. When an error occurs, Sentry may receive technical information about the request (e.g. URL, browser version, stack trace). No passwords or broker credentials are sent to Sentry.

7. Data security

  • Passwords are hashed using bcrypt and never stored in plain text.
  • Broker API keys are encrypted at rest using Fernet symmetric encryption.
  • All communication between your browser and our servers is encrypted via HTTPS/TLS.
  • Access to the platform requires authentication via JSON Web Tokens (JWT).

8. Data sharing

We do not sell your data. We share data only with the following third-party services, solely for the purposes described above:

  • Your broker (Alpaca, Interactive Brokers) — to execute trades you configure.
  • PostHog (EU) — product analytics.
  • Sentry — error monitoring.

9. Data retention

Your account data and trading logs are retained for as long as your account is active. If your account is deleted by an administrator, your data is permanently removed from our database.

10. Your rights

Under GDPR, you have the right to access, correct, or delete your personal data, as well as the right to object to processing based on legitimate interest. Contact your administrator to exercise these rights.