← Back

Privacy Policy

Last Updated: January 2025

1. Information We Collect

When you create an account, we collect:

• Account Information: Email address, username, password (hashed), and date of birth
• Broker Data: Account balances, positions, and trade history from connected brokerages (accessed via authorized API connections)
• Usage Data: Pages viewed, features used, device type, and session information
• Device Tokens: Push notification tokens for iOS and web push subscriptions

2. How We Use Your Information

We use your information to:

• Provide and maintain the Platform's features
• Execute trades on your behalf when auto-trading is enabled
• Send notifications about trade signals, account status, and broker connections
• Improve the Platform and develop new features
• Communicate with you about your account and our services
• Verify age eligibility (18+ requirement)

3. Broker Account Access

When you connect a brokerage account:

• We access your account data through official broker APIs
• Session tokens are stored securely in encrypted Redis storage
• We never store your broker passwords — authentication happens directly with the broker
• You can disconnect your broker at any time from the Settings page

4. Data Storage & Security

Your data is stored on Microsoft Azure cloud infrastructure with:

• Encrypted data at rest and in transit (HTTPS/TLS)
• Session cookies with httpOnly and Secure flags
• Password hashing using industry-standard algorithms
• Regular security monitoring and updates

5. Data Sharing

We do not sell your personal information. We may share data with:

• Brokerage Partners: To execute trades and retrieve account data on your behalf
• Service Providers: Cloud hosting (Azure), email delivery (Resend), payment processing (Stripe)
• Legal Requirements: When required by law, court order, or government request

6. Cookies & Local Storage

We use:

• Session Cookies: httpOnly cookies for authentication (required for the Platform to function)
• Local Storage: User preferences, cached data, and API keys for frontend authentication

7. Push Notifications

If you enable push notifications, we send alerts for:

• Trade signals and execution confirmations
• Broker session expirations
• Sports prediction results
• System announcements

You can disable push notifications at any time from your device settings or the Cyris Settings page.

8. Data Retention

We retain your data for as long as your account is active. Trade history is kept indefinitely for your records. If you delete your account, we remove your personal information within 30 days, except where retention is required by law.

9. Your Rights

You have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your account and data
• Disconnect broker integrations at any time
• Opt out of promotional communications

10. Children's Privacy

Cyris is not intended for users under 18 years of age. We do not knowingly collect information from anyone under 18. If we learn that we have collected data from a user under 18, we will delete their account and information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

12. Contact Us

For questions about this Privacy Policy or your data, contact us at help@cyrisai.com