# Privacy Policy **Effective Date**: 2026-03-15 **Last Updated**: 2026-03-15 **Version**: 2.0.0 ## Overview ### Who We Are QuantNexus is an AI-powered quantitative trading platform operated by Stratcraft Inc. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, create an account, or use our services. ### Scope This policy applies to all users of the QuantNexus platform, including registered account holders, website visitors, and API consumers. It does not apply to third-party websites, services, or applications linked from our platform. ### Key Definitions "Personal Data" means any information relating to an identified or identifiable individual. "Services" refers to the QuantNexus platform, APIs, and related features. "Processing" includes collection, storage, use, disclosure, and deletion of Personal Data. > By using QuantNexus, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our data practices, please discontinue use of the platform. ## Personal Data We Collect ### Account & Profile Data When you register, we collect your name, email address, username, and password. If you subscribe to a paid plan, we collect billing information such as your billing address and payment method details (processed securely by Stripe). ### Trading & Algorithm Data We store the trading strategies, algorithm configurations, backtest parameters, and results you create on the platform. This includes factor definitions, entry/exit rules, and performance metrics generated during backtesting. ### AI & LLM Interaction Data When you use AI-powered features (strategy generation, chat assistant, LLM-driven analysis), your prompts and inputs may be sent to third-party LLM providers (e.g., OpenAI, Anthropic) to process your request. We do not store LLM conversation logs beyond the current session unless you explicitly save results. ### Device & Technical Data We automatically collect your IP address, browser type and version, operating system, device identifiers, referring URLs, pages visited, and timestamps. This data helps us maintain security, diagnose issues, and improve our services. ### Usage & Analytics Data We collect information about how you interact with our platform, including features used, session duration, navigation patterns, and frequency of use. This data is used to improve user experience and product development. ### Communication Data We retain records of your communications with us, including support tickets, emails, and feedback. This helps us respond to your inquiries and improve our support quality. ## How We Use Your Data ### Providing Our Services We use your data to operate the platform, execute backtests, generate AI-powered analysis, manage your account, process payments, and deliver the features you request. ### Security & Fraud Prevention We use technical data and usage patterns to detect and prevent fraudulent activity, unauthorized access, and abuse of our platform. ### Product Improvement We analyze aggregated usage data to understand how our features are used, identify areas for improvement, and develop new functionality. ### Communication We use your email address to send transactional messages (account verification, password resets, billing notifications) and, with your consent, product updates and announcements. You can opt out of non-essential communications at any time. ### Legal Compliance We may process your data as required to comply with applicable laws, regulations, legal processes, or governmental requests. ## How We Share Your Data ### Payment Processors We share billing information with Stripe to process payments. Stripe acts as an independent data controller for payment data and is PCI DSS Level 1 certified. We never store your full credit card number on our servers. ### AI/LLM Service Providers When you use AI features, your prompts and relevant context are sent to third-party LLM providers to generate responses. We use providers that offer data processing agreements and do not use your data to train their models. Your API keys for these providers, if supplied, are encrypted and used solely for your requests. ### Cloud Infrastructure Providers Our platform is hosted on enterprise-grade cloud infrastructure. These providers process data on our behalf under strict data processing agreements. ### Email Delivery Services We use Amazon SES to deliver transactional and notification emails. Only email addresses and message content are shared for delivery purposes. ### Legal Requirements We may disclose your data if required by law, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others. ### No Selling of Data We do not sell, rent, or trade your personal information to third parties for marketing or advertising purposes. We do not share your data with data brokers. ## Cookies & Tracking Technologies ### Essential Cookies Required for the platform to function. These cookies handle authentication, session management, security tokens (CSRF/nonce), and user preferences such as language and theme settings. They cannot be disabled. ### Functional Cookies Enable enhanced functionality such as remembering your layout preferences, selected data views, and workflow configurations. These improve your experience but are not strictly necessary. ### Analytics Cookies Help us understand how visitors interact with our platform by collecting anonymized usage data. This information is used to improve our services and user experience. ### Managing Your Preferences You can control cookies through your browser settings. Disabling essential cookies may prevent you from using certain features. Most browsers allow you to block or delete cookies, though this may affect platform functionality. ## Data Retention ### Active Account Data We retain your account data, strategies, and backtest results for as long as your account is active. You can delete individual strategies or data at any time through the platform. ### After Account Deletion When you delete your account, we remove your personal data from our active systems within 30 days. Some data may be retained in encrypted backups for up to 90 days, after which it is permanently deleted. ### Legal Retention Requirements We may retain certain data for longer periods where required by law, such as billing records for tax compliance or data subject to ongoing legal proceedings. ## Your Rights & Choices ### Access & Download You have the right to request a copy of the personal data we hold about you. You can access most of your data directly through your account settings. ### Correction You can update your account information at any time through your profile settings. If you believe other data we hold is inaccurate, contact us to request a correction. ### Deletion You can request deletion of your personal data by deleting your account or contacting our support team. We will process deletion requests within 30 days, subject to legal retention requirements. ### Data Portability You may request an export of your data in a structured, machine-readable format. Strategy configurations and backtest results can be exported directly through the platform. ### Opt-Out of Communications You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email or adjusting your notification preferences in account settings. Transactional emails related to your account cannot be opted out of. ## International Data Transfers ### Data Location Our primary servers are located in the United States. By using QuantNexus, you acknowledge that your data may be transferred to and processed in the United States. ### Transfer Safeguards For users in the European Economic Area (EEA), United Kingdom, or other regions with data transfer restrictions, we rely on Standard Contractual Clauses (SCCs) and other appropriate safeguards to ensure adequate protection of your data. ## Children's Privacy ### Age Requirement QuantNexus is not intended for individuals under the age of 18 (or the minimum age of digital consent in your jurisdiction, whichever is higher). We do not knowingly collect personal data from children. If we learn that we have collected data from a child, we will promptly delete it. ## Jurisdiction-Specific Rights ### European Economic Area & United Kingdom (GDPR) If you are located in the EEA or UK, you have additional rights under the General Data Protection Regulation (GDPR), including the right to restrict processing, object to processing, and lodge a complaint with your local data protection authority. Our legal bases for processing include: contract performance (to provide our services), legitimate interests (security, product improvement), consent (marketing), and legal obligations. ### California (CCPA/CPRA) If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights including: the right to know what personal information we collect, the right to delete your data, and the right to opt out of the sale of personal information. We do not sell your personal information. To exercise your rights, contact us at privacy@quantnexus.com. ### Brazil (LGPD) If you are located in Brazil, the Lei Geral de Protecao de Dados (LGPD) provides you with rights regarding your personal data, including confirmation of processing, access, correction, anonymization, portability, and deletion. Contact us to exercise these rights. ## Changes to This Policy ### Notification of Changes We may update this Privacy Policy from time to time. For material changes, we will notify you via email at least 30 days before the changes take effect. Non-material updates will be reflected by updating the "Last Updated" date at the top of this page. ## Contact Us ### Privacy Inquiries If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at privacy@quantnexus.com. We will respond to your request within 30 days. ## Frequently Asked Questions ## Important Notes > This Privacy Policy applies only to the QuantNexus platform and does not cover third-party websites, services, or applications linked from our platform. We encourage you to review the privacy policies of any third-party services you interact with. If you provide your own API keys for third-party services, you are also subject to those providers' data handling practices. --- Source: https://stratcraft.ai/help/privacy-policy/