Use this timestamp to confirm you are reading the current public version.
Legal
OttoTrader Privacy Policy
This policy explains what OttoTrader collects, why the data is processed, which providers help operate the service, how long records are generally kept, and how users can exercise privacy rights.
Document summary
This policy explains what OttoTrader collects, why the data is processed, which providers help operate the service, how long records are generally kept, and how users can exercise privacy rights.
This document is structured in short sections so the main obligations are easier to scan.
Users should read the legal pages together with the practical product guidance.
What OttoTrader collects
- Account data such as email address, display name, authentication metadata, pricing tier, and login/session records.
- Website account activity such as checkout state, owned strategies, seller metadata, and support/contact events.
- Desktop-linked activity such as account sync state, connected exchange contexts, strategy usage metadata, and diagnostic logs.
- Billing and commerce data such as subscription status, payment events, purchase records, and payout-readiness data for sellers.
What OttoTrader does not intend to collect
- OttoTrader does not require custody of user funds.
- OttoTrader does not require withdrawal-enabled API keys.
- Sensitive exchange secrets are minimized, protected, and used only in the user-directed integration context.
Why OttoTrader uses the data
- To authenticate users and secure accounts.
- To operate pricing, entitlements, marketplace ownership, and seller controls.
- To support exchange connectivity, desktop sync, update delivery, fraud prevention, and product support.
- To investigate complaints, enforce marketplace rules, respond to legal requests, and maintain audit logs for security and platform integrity.
Legal bases
- Contract necessity for account creation, login, subscription handling, entitlement delivery, protected strategy ownership, desktop sync, and customer support.
- Legitimate interests for security monitoring, fraud prevention, platform diagnostics, service improvement, marketplace moderation, and legal-risk management.
- Legal obligations where OttoTrader must retain or disclose records for billing, dispute handling, sanctions compliance, law-enforcement requests, or accounting requirements.
- Consent where OttoTrader asks users to approve optional analytics or marketing storage preferences.
Third parties and processors
- Supabase for authentication and account identity infrastructure.
- Stripe for subscriptions, billing portal actions, and marketplace checkout where enabled.
- Render, Vercel, and related infrastructure providers for hosting, delivery, operations, and logging.
- Transactional email and support-processing providers used to deliver account notices, password-reset messages, and customer-service workflows.
Cookies, local storage, and consent
- OttoTrader uses essential browser storage for secure login state, account protection, password reset continuation, MFA continuation, and consent records.
- Optional analytics and marketing storage categories remain off unless a user expressly allows them through OttoTrader's consent controls.
- Users can review and update stored consent preferences from the website consent controls and privacy surface.
Retention
- Routine account-profile data is kept for as long as the account remains active and for a reasonable post-closure period needed to address security, fraud, abuse, and support issues.
- Billing, dispute, legal, and audit records may be kept longer where necessary to comply with legal obligations or defend OttoTrader's rights.
- Marketplace moderation logs, complaint records, and abuse-prevention records may be retained for platform-safety and legal-risk management.
User rights
- Users can submit requests for access, correction, deletion, portability, or objection through OttoTrader's account-level privacy request workflow or by contacting [email protected].
- OttoTrader may need to verify identity and may decline or narrow a request where law permits, including where retention is still required for security, billing, fraud, dispute, or legal-compliance reasons.
- Users in the European Economic Area and users covered by applicable United States state privacy laws may have additional rights under those laws.
International transfers and contact
- OttoTrader is operated from Romania and may use service providers that process data in other jurisdictions. OttoTrader relies on appropriate contractual, technical, or statutory safeguards where required.
- Privacy, legal, and support requests can be sent to [email protected].
Related Documents
Continue through the rest of OttoTrader's policy pages.
Terms, privacy, marketplace rules, and risk disclosures work together. If your use case touches billing, seller status, or live trading, the related pages matter too.
Legal
Terms of Service
These terms govern OttoTrader as self-directed trading software, not as investment advice, brokerage, custody, portfolio management, or a managed-copy-trading product.
LegalMarketplace Terms
These terms frame marketplace listings as software-license transactions for protected strategy logic and related metadata, not as financial products, advisory services, or copy-trading mandates.
LegalSeller Terms
These terms govern creator accounts, listing quality standards, moderation, seller obligations, buyer-facing disclosures, and OttoTrader's marketplace-enforcement powers.
LegalSeller Claims Policy
This policy defines what sellers can and cannot say about strategy performance, suitability, and expected outcomes on the platform.