1. Introduction

AI Predicted Signals ("we", "us", or "our"), operated by Maithamali Akil Jiwan, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service at aipredictedsignals.cloud.

By using the Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you register for an account, we collect:

Email address
Name (if provided)
Authentication credentials managed by Supabase Auth
Subscription plan and billing information

2.2 Usage Data

We automatically collect information about how you interact with the Service:

Pages visited, features used, and interaction timestamps
Bot configurations and trading activity metadata
Signal views and dashboard interactions
Navigation paths and session duration

2.3 Technical Data

We collect technical information including:

IP address and approximate geographic location
Browser type, version, and operating system
Device type and screen resolution
Referral source and exit pages

2.4 Exchange API Keys

When you connect an exchange account, we store your API keys. These keys are:

Encrypted at rest using industry-standard encryption
Transmitted over TLS (encrypted in transit)
Trade-only permissions — we require keys without withdrawal access
Automatically expired after 90 days of inactivity (TTL policy)

3. How We Use Your Information

We use collected information for the following purposes:

Service Delivery: Provide and maintain the Service, execute automated trades, and deliver signals
Authentication: Verify your identity and manage access based on your subscription plan
Billing: Process payments, manage subscriptions, and enforce plan limits
Performance Monitoring: Track system health, signal latency, and service quality
Product Improvement: Analyze usage patterns to improve features, user experience, and signal quality
Communication: Send service updates, security alerts, and subscription notifications
Legal Compliance: Comply with legal obligations and enforce our Terms of Service

4. Third-Party Service Providers

We share information with the following third-party service providers as necessary to operate the Service:

Supabase: Authentication and user account management
Stripe: Payment processing and subscription management (we do not store your full credit card information)
Vercel: Frontend hosting and content delivery
Fly.io: Backend API hosting and compute infrastructure
Redis Cloud: Real-time data streaming and caching infrastructure (TLS encrypted)
Google Analytics: Website analytics and usage tracking

Each third-party service operates under its own privacy policy. We encourage you to review them.

5. We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We only share data as described in this policy for the purposes of operating and improving the Service.

6. Data Retention

We retain your information for as long as necessary to provide the Service and comply with legal obligations:

Account Data: Retained while your account is active, plus 90 days after deletion request
Trading Activity Metadata: Retained for 30 days (PnL timeseries TTL)
Usage Analytics: Retained for 12 months
Payment Records: Retained for 7 years for tax and legal compliance
Exchange API Keys: Encrypted, with 90-day inactivity TTL
Support Communications: Retained for 3 years

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data (subject to legal retention obligations)
Data Portability: Receive your data in a structured, machine-readable format
Opt-Out: Unsubscribe from non-essential communications
Objection: Object to processing of your data for certain purposes
Withdraw Consent: Withdraw previously given consent at any time

To exercise these rights, contact us at support@aipredictedsignals.cloud. We will respond to requests within 30 days.

8. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

Essential Cookies: Maintain your login session and authentication state
Preference Cookies: Remember your settings and preferences
Analytics Cookies: Collect usage data via Google Analytics (Google Tag Manager)

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

9. Regulatory Compliance

PIPEDA (Canada)

As a Canadian entity, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). You have the right to access, correct, and challenge the accuracy of your personal information held by us.

GDPR (European Union)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability, the right to erasure, and the right to lodge a complaint with a supervisory authority.

CCPA (California)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information, including the right to know what data we collect, the right to delete your data, and the right to opt out of the sale of your data. We do not sell personal information.

10. Security Measures

We implement industry-standard security measures to protect your information:

TLS/SSL encryption for all data in transit
Encryption at rest for sensitive data including API keys
Secure Redis connections with TLS authentication (rediss://)
Access controls and role-based permissions
Rate limiting and abuse prevention
Regular security monitoring and incident response

No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

11. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a minor, please contact us immediately for deletion.

12. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated version number and date. Continued use of the Service after changes constitutes acceptance of the revised policy. For material changes, we will notify you via email or a prominent notice on the Service.

13. Contact Information

For questions about this Privacy Policy or to exercise your data rights, contact us at: support@aipredictedsignals.cloud