Privacy Policy

Alphio.ai provides a financial AI assistant platform that combines market analysis, portfolio diagnosis and automated trading execution. Because of the nature of these services, we collect and process information beyond what a typical content website handles, including financial credentials and trading behavior. This Policy explains what we collect, why, and the safeguards we apply.

In addition to standard personal data, Alphio.ai collects information specific to financial analysis and automated trading execution.

2.1 Personal Identification Information

• Account Information: username, password, email address, and phone number.
• Identity Verification: for advanced features such as Auto Trading, we may require Know Your Customer (KYC) documentation as required by regional regulations.
• Payment Information: we use third-party payment processors. We do not store full credit card numbers but retain transaction records for accounting and compliance.

2.2 Financial and Trading Data (Alphio.ai specific)

• API Credentials: when you use the Auto Trade feature, we collect your exchange API keys and secret keys. These are stored using high-grade encryption.
• Portfolio Data: information regarding your current holdings, asset allocation, and watchlists.
• Trading Behavior: historical trade records, strategy execution parameters, and take-profit / stop-loss settings.
• Strategy Preferences: your quantitative screening criteria, risk tolerance levels, and asset analysis preferences.

2.3 Content Information

• Input Content: financial queries, uploaded financial statements, and custom AI Agent prompts.
• Output Content: generated analysis reports, market reviews, trade signals, and related metadata.

2.4 Usage and Technical Data

• Log Data: IP address, browser type, device ID, and general location (used for regional compliance and anti-fraud measures).

We use the information we collect for the following purposes:

• Core service delivery: running financial AI models, executing automated trade orders, and generating portfolio diagnoses.
• Trade execution: connecting to your authorized exchange or broker via API to execute trades based on your pre-set strategies.
• AI optimization: we use de-identified or anonymized data to analyze usage trends and improve our quant screener and market monitoring algorithms.
• Security and defense: detecting unauthorized API calls, preventing fraudulent activity, and protecting your financial accounts.
• Compliance: fulfilling Anti-Money Laundering (AML) and other financial regulatory reporting requirements.

We do not sell your personal information. We share data only in the following circumstances:

• Financial partners: to execute your trades, we must transmit necessary API tokens and order details to your chosen third-party exchanges or brokers.
• Service providers: third-party cloud hosts (for encrypted data storage), payment gateways, and data analytics providers.
• Legal requirements: if required by law, court order, or valid government request to comply with legal proceedings.
• Business transfers: in the event of a merger, acquisition, or asset sale, your information may be transferred as a business asset.

5.1 Encryption

We implement industry-leading AES-256 encryption to protect your API keys at rest and use SSL/TLS encryption for all data in transit.

5.2 Access Control

Access to sensitive trading credentials is restricted to authorized automated systems. Our employees cannot view your API secret keys in plain text.

5.3 Safety Recommendation

While we take extreme measures to secure our platform, no internet transmission is 100% secure. We strongly recommend that when setting up API permissions on your exchange, you enable "Read" and "Trade" permissions only, and strictly DISABLE "Withdrawal" permissions.

Depending on your jurisdiction (e.g. GDPR or CCPA), you may have the following rights:

• Access and rectification: the right to view and update your personal information and financial configurations.
• Deletion: the right to request account deletion, which includes the physical removal of all stored API keys.
• Withdrawal of consent: you may disconnect your API link at any time to revoke Alphio.ai's authorization to execute trades.
• Data portability: the right to export your strategy logs or analysis reports in a machine-readable format.

Our Service is strictly directed to users aged 18 and older. We do not knowingly collect information from individuals under the age of 18.

Alphio.ai is a global service. Your information may be processed in locations including the United States, Hong Kong, or Singapore. We implement appropriate safeguards (such as Standard Contractual Clauses) to ensure your data remains protected across borders.

We retain your personal information only as long as necessary for the purposes set out in this policy, or to comply with financial record-keeping laws (typically 5–7 years for transaction-related data). API keys are physically deleted from our active databases immediately upon account deletion or manual unbinding.

If you have any questions regarding this Privacy Policy or our data practices, please contact our compliance team at: contact@alphio.ai

Security tip: Alphio.ai will never ask for your password or API secret key via email or social media. All credential management must be conducted through the official Alphio.ai secure settings dashboard.