HookTraderTrade on Alert
Sign in

Privacy Policy

Last updated: 20 April 2026

1. Introduction

HookTrader (“the Service”) is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights regarding that data. By using the Service you consent to the practices described here.

2. Data We Collect

Account information: email address, display name, and hashed password created during registration.

Exchange credentials: Binance API keys and secrets that you provide to connect your exchange account. These are encrypted at rest using Fernet symmetric encryption and are only decrypted in an isolated worker process during trade execution.

Trading data: webhook configurations, strategy settings, trade history, order details, and position snapshots generated through your use of the Service.

Usage data: error logs, performance metrics, and session information collected via Sentry for debugging and reliability purposes.

3. How We Use Your Data

We use collected data to:

  • Execute trades on your behalf based on your configured strategies and webhook alerts
  • Display your trading history, positions, and performance metrics in the dashboard
  • Monitor and improve the reliability and performance of the Service
  • Communicate with you about your account, service updates, or security issues

4. Credential Security

Your exchange API keys are treated as highly sensitive data. They are encrypted immediately upon submission using Fernet symmetric encryption and stored only in encrypted form in our database. Decryption occurs exclusively within the ARQ worker process at the moment of trade execution — the API server never handles plaintext credentials.

We strongly recommend creating API keys with restricted permissions (futures trading only, no withdrawal access) and IP-whitelisting where supported by your exchange.

5. Data Sharing

We do not sell, rent, or share your personal data or trading information with third parties for marketing purposes. Data may be shared with: Sentry (error monitoring and diagnostics), and infrastructure providers necessary to operate the Service (hosting, database). We may also disclose data if required by law or to protect the rights and safety of our users.

6. Data Retention

Account data and trade history are retained for as long as your account is active. You may delete your trade history through the dashboard settings at any time. Active trade state in Redis is retained during the trade lifecycle and for 24 hours after a trade closes. Upon account deletion, all associated data — including encrypted credentials, trade history, and strategy configurations — is permanently removed.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you via your dashboard
  • Correct inaccurate data by updating your account settings
  • Delete your trade history or your entire account at any time
  • Revoke exchange API access by deleting your stored credentials from the dashboard

8. Cookies and Authentication

The Service uses a single authentication cookie (ht_token) containing a JSON Web Token for session management. We do not use third-party tracking cookies or analytics scripts. No advertising or behavioural tracking is performed.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last updated” date. Material changes will be communicated via the platform dashboard or email. See our Terms of Service for the full agreement governing your use of HookTrader.

10. Contact

If you have questions about this Privacy Policy or how your data is handled, contact us through the support channels available in the platform dashboard.