Skip to main content

Privacy Policy

Last Updated: February 15, 2026

This Privacy Policy should be read in conjunction with our Terms of Service, Risk Disclosure Statement, and Disclaimer.

1. Introduction

Welcome to VibeTrade! We are committed to protecting your privacy and safeguarding your personal information. This Privacy Policy describes how VibeTrade ("VibeTrade", "we", "our", or "us") — an independent, unincorporated software project that provides an AI-assisted on-chain trading interface — collects, uses, stores, and protects your information. VibeTrade operates as an independent project, not an incorporated legal entity. By using VibeTrade, you agree to the terms of this Privacy Policy. We aim to handle your data responsibly and in line with applicable privacy principles. If you do not agree with this Policy, please discontinue use of our services. For any questions or concerns, you can contact us as outlined at the end of this document.

2. Information We Collect

We limit the personal information we collect about you to only what is necessary to provide our services. The types of information we collect include:

  • Email Address: We collect your email during account creation and login. This is the only personally identifiable information (PII) we require. We use your email to set up and secure your account, authenticate your access, and communicate with you about important account-related matters (e.g. account verification, service updates). We do not ask for your name, address, or other contact details aside from email, ensuring minimal data collection.
  • Cryptocurrency Exchange API Keys: If you choose to connect your exchange accounts to VibeTrade, we collect the API key (and secret) that you provide. These keys allow our platform to execute trades on your behalf as you direct. API keys are stored in encrypted form on our systems for security. Important: We never store or display your API keys in plaintext, and VibeTrade does not provide any interface for viewing or retrieving a stored API key once entered. You may delete (or rotate) your API keys at any time, which will remove them from our systems.
  • Payment Information: If you make payments (for example, subscribing to a premium plan), you will provide billing information such as credit card details or other payment data. VibeTrade does not store your full payment information on our servers — instead, we use reputable third-party payment processors to handle payments securely. This means sensitive payment details (like card numbers or billing addresses) are transmitted directly to the payment processor (e.g. Stripe or a similar provider) over encrypted connections and are not retained by VibeTrade. We only receive limited information from the payment processor (such as a payment confirmation, transaction ID, or subscription status) necessary for record-keeping.
  • Usage Data and Analytics: Like most online services, we automatically collect certain technical information about your use of our platform. This may include data such as your IP address, browser type, device information, pages or features you access, and timestamps. We utilize Google Analytics for aggregate website usage analytics. Google Analytics may use cookies and similar technologies to collect information on how users interact with our site. This usage data helps us understand user behavior and improve our services, but it generally does not identify you personally. We do not combine anonymous analytics information with your email or any personally identifying data.

We do not knowingly collect any sensitive personal data such as government ID numbers, financial account passwords, or biometric information. We also do not intentionally collect any data from third-party sources about you (except as needed for payments and analytics as noted). All information is collected directly from you or through your use of our service.

3. How We Use Your Information

We use the information we collect strictly for legitimate and intended purposes in operating the VibeTrade platform. These purposes include:

  • Providing and Improving the Service: We use your data to operate VibeTrade's core functionality and personalize your experience. For example, your email is used to create and secure your account, and your API Wallet credentials are used to sign and submit the trades you authorize on the Hyperliquid protocol. We also analyze usage patterns (via analytics data) to understand platform performance and user behavior, which helps us improve features and enhance our services.
  • Communications: We may use your email address to send you service-related communications. These include confirmations, technical or security alerts, and updates about new features or changes to the platform. We may also send newsletters or promotional updates about VibeTrade's offerings, but only where you have opted in to receive them. You can withdraw your consent and unsubscribe from marketing emails at any time by using the unsubscribe link provided in those emails. We will not spam you or send excessive communications.
  • Customer Support: If you contact us for help, we will use your email and any other information you provide to respond to your inquiries, troubleshoot issues, and provide effective customer support.
  • Payments and Transactions: For users who make purchases or subscribe to paid services, we use your provided payment information to process those transactions via our third-party payment processors. We may also send billing reminders or invoicing information to your email. (As noted, full payment details are handled by the payment processor, not stored by us.)
  • Security and Fraud Prevention: We may process data (such as IP addresses or account activity) to monitor for suspicious or fraudulent activity, verify user identities, and enforce our terms of service. This helps protect the integrity of our platform and the security of user accounts.
  • Legal Compliance: Where necessary, we will use or disclose information to comply with applicable laws, regulations, legal processes or enforceable governmental requests. For instance, we may retain and use certain data to fulfill our tax or audit obligations, or to respond to a court order or regulatory inquiry if required by law.

We do not use personal data for any purposes incompatible with those above. In particular, we do not use your data for automated profiling or decision-making that would have legal or significant effects on you, other than as needed to provide the automated trading features you explicitly set up. We also do not sell or rent your personal information for advertising or any other purposes.

PurposeLegal Basis
Account creation & authenticationPerformance of contract
Trade execution via API keysPerformance of contract
Customer supportPerformance of contract
Payment processingPerformance of contract
Security & fraud preventionLegitimate interests
Service improvement & analyticsLegitimate interests
Marketing communicationsConsent (opt-in)
Legal complianceLegal obligation

Where we rely on legitimate interests, we have assessed that our interests do not override your fundamental rights and freedoms.

4. How We Share or Disclose Information

VibeTrade respects the confidentiality of your information. We do not sell your personal data to third parties. We only share or disclose information in the following circumstances:

  • Service Providers: We use trusted third-party service providers to perform certain functions on our behalf, such as cloud hosting, payment processing, and site analytics. These providers include companies like Amazon Web Services (for data hosting), payment processors (for handling billing), and Google Analytics (for website analytics). Each of these third parties only receives the information necessary for them to perform their specific services for us. For example, our hosting provider stores the data in secure infrastructure, the payment processor receives your billing details to process transactions, and Google Analytics receives usage data to analyze web traffic. We require all such service providers to keep your information confidential and to use it only for the purposes we specify. They are not permitted to use your data for their own unrelated purposes.
  • Legal Requirements and Protection: We may disclose information if we are compelled by law to do so (for instance, in response to a subpoena, court order, or government demand). Additionally, if necessary, we may share information to enforce our Terms of Service or other agreements, or to protect the rights, property, or safety of VibeTrade, our users, or others. This could include exchanging information with other companies or organizations for fraud protection and risk reduction, in accordance with applicable privacy laws.
  • Business Transfers: If VibeTrade is involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, user information may be transferred to a successor or affiliate as part of that process. In such cases, we will ensure the new owner honors the commitments we have made in this Privacy Policy or provide you notice and an opportunity to opt out of the transfer of your personal information.
  • With Your Consent: We will share your information with third parties outside of the above circumstances only if you give us explicit consent to do so. For example, at your direction we might share data with a partner integration or another service, but only with your authorization.

When we do share data with any third party, we implement appropriate safeguards to ensure your information remains protected. We aim to disclose the minimum information necessary for the purpose at hand, and all third parties must agree to protect personal data to a standard comparable to ours.

5. API Key Security and Handling

The security of your trading credentials is of paramount importance to us — for the Hyperliquid network, these are the API/agent wallet credentials you authorize through the app, scoped to trading and account-management actions only and unable to withdraw your funds. These credentials are stored using strong encryption and security measures wherever the service holds them. We treat them as highly sensitive data:

  • Limited Use: Your API keys are used only to carry out the trading actions that you authorize through our platform (for example, to place trades or fetch balances as part of the service). We do not use your API credentials to access or perform any actions in your exchange accounts beyond what is necessary for the VibeTrade features you utilize. Furthermore, we do not have the ability to withdraw funds from your exchange accounts unless you have expressly granted such permissions via the API keys. VibeTrade never takes custody of your assets; the API keys simply allow our trading algorithms to execute trades on your behalf while your funds remain in your exchange account.
  • Encryption and Storage: When you input your API key and secret, we immediately encrypt this information before storing it in our database. The encryption ensures that even in the unlikely event of unauthorized access to our databases, the API keys would not be readable. Our internal systems decrypt the keys only when absolutely needed to execute your requested trades, and this happens in a secure, controlled environment.
  • No User Visibility: For your security, once an API key is saved, it is not visible in plaintext through our user interface. We do not provide any mechanism for you (or anyone) to retrieve the full API secret from our system. If you lose your API key or suspect it has been compromised outside of VibeTrade, you should invalidate it with your exchange and create a new one. You can then update the key in our platform. VibeTrade allows you to delete your stored API keys at any time via your account settings. Deleting an API key will remove all records of that key from our platform, and we will no longer be able to access your exchange account with that credential.
  • Access Controls: Internally, access to decrypted credential information is extremely restricted. The credentials cannot be arbitrarily viewed; only the automated trading engine uses them, and only to carry out the trading functions described. Any access to encrypted credential data for essential maintenance or support is tightly controlled and logged.
  • Protection of Funds: It's important to note that connecting an API key does not give VibeTrade direct access to your funds beyond trade execution. We cannot transfer or withdraw assets through your API keys unless you have explicitly enabled such permissions (and our recommendation is to use trading-only or read/trade API permissions, not withdrawal permissions, for added safety). We design our system such that we have no access to your cryptocurrency holdings or private keys, and we only see information and perform actions that you have authorized.

These measures are in place to provide a defensible level of security for your API keys and to maintain your trust. However, you are also responsible for managing your API keys safely: only use API keys on VibeTrade that you intend to, and never share your exchange API secret with others. If you suspect any unauthorized use of your API credentials on our platform, please contact us immediately.

6. Data Security

VibeTrade employs robust technical and organizational measures to safeguard all user data. We understand that the security of your personal information is critical. Some of the key security practices we follow include:

  • Secure Infrastructure: We host VibeTrade on reputable cloud infrastructure (such as Amazon Web Services). AWS data centers employ industry-leading physical and network security. All your data is stored in secure servers with multiple layers of protection (firewalls, intrusion detection systems, etc.). We also use up-to-date software and conduct regular security patches to protect against vulnerabilities.
  • Encryption: We use strong encryption protocols to protect data both in transit and at rest. This means that any data you send to our servers (for example, when you log in or enter information on the site) is encrypted using SSL/TLS so that it cannot be intercepted by third parties. Likewise, sensitive data stored in our databases (including API keys, passwords, and any personal details) is encrypted using industry-standard algorithms. For example, your password is stored as a secure cryptographic hash, and your API keys are stored encrypted (as described above).
  • Access Control: Access to personal data is restricted to what is strictly necessary to operate or support the service, and anyone with such access is bound by confidentiality obligations. Administrative access to systems containing personal data is tightly limited and protected with strong authentication (such as multi-factor authentication).
  • Monitoring and Auditing: We monitor our systems for security anomalies and use logging to track access to sensitive data. We review our security measures periodically and address identified risks promptly, and we aim to respond quickly and effectively in the event of any data security incident.
  • Data Minimization: We consciously minimize the personal data we collect and store. By holding less data, we reduce the risk to your privacy. For instance, as noted, we only collect your email (no other PII) and do not store unnecessary information like full payment details or personal identifiers.
  • Overall Best Practices: We adhere to industry best practices and security standards to guard your information. While we strive to protect your data, it's important to note that no method of transmission over the internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security. However, we continuously work to protect your personal information and update our security practices as new threats emerge.

If you have reason to believe that your data is not secure or if you have discovered any vulnerability in our platform, please notify us immediately so we can take action.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. In practice, this means:

  • Account Data: For as long as you maintain an active account with VibeTrade, we will keep the information associated with your account (such as your email and encrypted API keys) so that we can provide the service to you.
  • Inactive Accounts: If you stop using your account, we may retain your information for a reasonable period of time in case you return, and to maintain records of your transactions for our legitimate business interests (such as audit and fraud prevention) or to comply with legal obligations.
  • Account Deletion: You have the right to delete your account at any time. Upon your request to delete your account (or if we choose to terminate or decommission the service), we will delete or anonymize your personal data. All user-specific data will be expunged from our active databases, including your email and any stored API keys, typically within a short period following the request. Some data may remain in our backups or logs for a brief time until those are rotated or deleted in the ordinary course of our backup procedures. We ensure that backup data is also eventually deleted, and during retention it remains protected.
  • Legal Requirements: In certain cases, we may need to retain information even after an account deletion request, if required to do so by law. For example, we might retain transaction records if needed for financial reporting, or information necessary to comply with a legal dispute resolution or enforcement of our agreements. However, in such cases we will not use the retained data for any other purpose.

Once the retention period expires or the data is no longer needed, we delete the data from our systems or anonymize it so that it can no longer be associated with you. Per our policy, you may request deletion of your data at any time, and we will honor such requests in accordance with applicable laws.

8. Cookies and Tracking Technologies

VibeTrade uses cookies and similar tracking technologies only to the extent necessary to provide and improve our web service. A cookie is a small text file that is placed on your device to help websites function or gather information. Our use of cookies is as follows:

  • Essential Cookies: We use cookies that are necessary for core functionality of the site, such as to keep you logged in during your session (session cookies) and to remember your preferences. These cookies enable features like secure account login and navigation through the platform. Without them, the service may not function correctly.
  • Analytics Cookies: We use Google Analytics to collect anonymized statistical information about how users use our website (e.g., which pages are visited, how long is spent on the site, what browser is used). Google Analytics uses its own cookies to track this usage data. The information collected through analytics cookies is aggregated and does not directly identify individual users. We use these analytics solely to understand user interactions and improve our platform's performance and design. We do not use analytics data to profile individual users or for advertising purposes. Moreover, we do not share analytics data in a form that identifies you, nor do we allow Google Analytics to combine our data with other information for advertising. In line with best practices, any anonymous analytics information is not combined with personal information we hold about you.
  • No Advertising or Third-Party Cookies: We do not use any cookies for advertising, marketing, or tracking users across different websites. We also do not allow third-party advertising networks to set cookies on our site. The only third-party cookies in use are those from Google Analytics (as described above) and possibly from our payment processor during a checkout process (e.g., if the processor needs to use a cookie to remember your session during payment).

Your choices: Most web browsers automatically accept cookies, but you have the option to modify your browser setting to decline cookies or notify you when a cookie is set. However, please note that if you disable cookies entirely, some essential features of VibeTrade (like staying logged in) may not work properly. With respect to Google Analytics, if you wish to opt out of being included in analytics data, Google provides an opt-out browser add-on that you can install to prevent data from being used by Google Analytics. You can obtain this add-on from Google's site and install it in your browser to exercise this choice. Additionally, some browsers offer "Do Not Track" signals; while our service does not currently respond to these signals (since we do not engage in cross-site tracking), you can rest assured that we limit tracking to our site's own analytics needs only.

For more details on our cookie usage, please contact us at privacy@vibetrade.com. Essential cookies are used on the basis of our legitimate interest in providing a functional service. Analytics cookies are used on the basis of our legitimate interest in improving the Service, and you may opt out as described above.

9. Your Rights and Choices

We believe in user data autonomy. Depending on your location and applicable law, you have certain rights regarding your personal data that we respect and uphold. These include:

  • Access and Portability: You have the right to request a copy of the personal information we hold about you. Since we collect minimal data, this typically would include your email address and any associated account information (and potentially logs related to your account). We will provide this to you in a common format.
  • Rectification (Correction): If any personal data we have is incorrect or outdated (for example, if you need to update your email address), you have the right to correct it. You can usually do this directly through your account settings. If you need assistance or are unable to change something, you can contact us and we will help make the correction.
  • Deletion (Right to be Forgotten): You have the right to request deletion of your personal data. As noted in the Data Retention section, you can delete your account via the platform or by contacting support. Upon such request, we will delete your personal information (email, encrypted keys, etc.) from our active systems, provided we do not need to retain it for legal reasons.
  • Withdrawal of Consent: In cases where we rely on your consent to process data (for example, if we ever request your consent for a new use of data), you have the right to withdraw that consent at any time. If you previously consented to receive marketing emails, you can unsubscribe; if you consented to optional data collection, you can opt out. Withdrawal of consent will not affect the lawfulness of any processing that occurred before your withdrawal.
  • Objection and Restriction: You may have the right to object to certain processing or ask us to restrict processing. For example, you can opt out of Google Analytics tracking by using the methods described above, effectively objecting to processing of your usage data for analytics. If you believe we are processing any of your data unlawfully or beyond the scope of what's needed, you can request restriction (i.e., that we stop using it for certain purposes).
  • Opt-Out of Data Sharing: As we do not share data for marketing, there is no third-party marketing to opt out of. U.S. State Privacy Rights: If you are a resident of California, Virginia, Colorado, Connecticut, or another U.S. state with comprehensive privacy legislation, you may have additional rights, including the right to know what personal information we collect, the right to delete your personal information, the right to correct inaccuracies, and the right to opt out of the sale or sharing of personal information. We do not sell or share your personal data for cross-context behavioral advertising. To exercise any of these rights, please contact us at privacy@vibetrade.com. If you are not satisfied with our response, you may have the right to appeal by contacting us again with additional details.

To exercise any of your rights, please contact us at our support email provided below. We will respond to your request within a reasonable timeframe and in accordance with applicable laws. For security, we may need to verify your identity before fulfilling certain requests (such as access or deletion requests) to ensure that we do not release data to an unauthorized person.

Please note that some rights may not fully apply in all jurisdictions or in all situations. For instance, if you request deletion, we might retain certain information if required by law or for legitimate purposes as described. We will explain any such necessity to you if it arises. In general, we are committed to honoring your rights and giving you control over your personal information.

10. Children's Privacy

VibeTrade is an adult-oriented service intended for users who are at least 18 years old. We do not knowingly collect personal data from anyone under the age of 18. If you are under 18, you are not permitted to use our platform or provide any personal information to us.

In the unlikely event that we discover we have collected personal information from a minor (for example, if a child misrepresents their age and an account is created), we will take immediate steps to delete that information from our records. If you are a parent or guardian and you believe that your child under 18 has provided us with personal information, please contact us right away so that we can investigate and take appropriate action.

11. International Data Transfers

VibeTrade is a global service, and as such, your information may be stored or processed in jurisdictions other than your own. Our primary infrastructure is hosted in cloud data centers which may be located outside the country where you access the Service. If you are accessing VibeTrade from outside the jurisdiction where our servers are located, be aware that your information (including personal data) may be transferred to, stored, and processed in a jurisdiction different from yours.

We understand that different jurisdictions may have different data protection laws, so we take steps to ensure that an equivalent level of protection travels with your data. Where your data is transferred outside of your jurisdiction, we rely on recognized data-transfer safeguards to ensure adequate protection, including:

  • Contractual safeguards between VibeTrade and our processors that bind them to data protection obligations consistent with this Privacy Policy;
  • Service provider certifications — our infrastructure providers and payment processors maintain compliance with recognized data protection frameworks.

We will handle your data in accordance with this Privacy Policy at all times, regardless of where it is processed. Our aim is to ensure your privacy rights are respected no matter where your data is located.

12. Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will update the "Last Updated" date at the top of the Policy. If the changes are significant, we will also provide a more prominent notice — for example, by emailing you at your registered email address or by placing a notice on our website or dashboard.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of VibeTrade after any changes to this Policy will constitute your acknowledgment of the changes and your agreement to be bound by the updated Policy. If you do not agree with the changes, you should discontinue use of our services and, if you wish, delete your account.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please do not hesitate to contact us.

Data Controller: VibeTrade (an independent, unincorporated project — see the introduction above).

We will respond to your request within a reasonable timeframe and in accordance with applicable laws. We greatly appreciate your trust and are dedicated to keeping it by respecting your privacy and keeping your information secure.