Noon Barbari
Sign up

Privacy Policy

Last updated: 2026-05-09

What we collect

  • Email and (optionally) display name on signup.
  • Strategies, backtests, and runs you create (stored on our servers).
  • Broker API keys you choose to upload — encrypted at rest with a per-server key, decrypted only in memory while your strategy runs.
  • Subscription / payment records: NOWPayments invoice IDs, on-chain transaction hashes, USDT amounts. We never see your wallet's seed or other addresses.
  • Server-side request logs (IP, user-agent, timestamp) for security and debugging — pruned after 90 days.

Analytics (privacy-respecting)

We use a self-hosted Plausible Analytics instance to see which features get used and where users get stuck. Plausible is cookieless, stores no IP addresses, and uses no cross-site identifiers. We never send your email, user ID, strategy code, or any other personal identifier as an event property — only bounded enums and counts. No consent banner is required for this analytics layer.

What we don't collect

  • Cross-site tracking cookies, ad-network pixels, or browser-fingerprinting scripts.
  • Marketing or retargeting trackers.
  • Google Analytics, Facebook Pixel, or any third-party advertising tracker.
  • Behavioural profiles for advertising — analytics is aggregate-only and self-hosted.

How we use it

To operate the service, charge subscriptions, send renewal reminders, and provide support. We do not sell or share your data with third parties for marketing.

Sub-processors

  • NOWPayments — processes USDT subscription payments.
  • Plausible Analytics — self-hosted, cookieless, no personal data.
  • Your hosting provider (whoever you connect for live trading — Alpaca, Binance, etc.). We do not send your strategies to them; we send orders generated by your strategies.

Your rights (GDPR)

You can:
  • Export your data — visit /api/account/export while logged in. You'll get a JSON file with every strategy, run, and payment record we hold for you.
  • Delete your account — visit /profile/delete. This wipes your strategies, runs, reports, and stored keys. Subscription records are retained for 30 days for billing audit and then deleted.
  • Correct inaccurate data — most fields are editable from /profile. For anything else, email us.

Where data lives

On servers we operate. We do not transfer personal data outside the EU/EEA except as needed to send payments (NOWPayments processing).

Security incidents

If we discover a breach affecting your account, we'll notify you within 72 hours.

Contact

Questions or requests: info@noonbarbari.xyz.