Last updated: May 14, 2026
This Privacy Policy explains how AlphaAI Trading ("we", "us", "our", or "AlphaAI") collects, uses, stores, and discloses information when you visit alphratrading.com or use any of our services (collectively, the "Service"). By using the Service you agree to the terms below. If you do not agree, please do not use the Service.
When you register we collect your email address, a username you choose, and a hashed copy of your password. Passwords are stored using one-way hashing — we never see your plaintext password and cannot recover it for you.
To execute trades on your behalf, AlphaAI stores API keys you provide for connected brokerages (such as Alpaca, Tiger Brokers, Futu, LongBridge, or Interactive Brokers). These keys are encrypted at rest using AES-128 (Fernet) with a server-side encryption key, and are only decrypted in-memory when an order or account query is in flight. We never display the full keys back to you after submission.
We keep records of the trades you place, positions you hold, AI decisions generated for you, watchlists, strategy statistics, and Monte Carlo runs. This data powers your dashboard, performance attribution, and our model training pipelines (used in aggregate, not at the per-user level for cross-user purposes).
Like most web services, our servers automatically log IP addresses, browser user-agent strings, timestamps, and the endpoints you access. We use these logs for security monitoring, abuse prevention, and debugging.
Subscription payments are processed exclusively by Stripe. AlphaAI does not receive or store your full credit card number, CVC, or bank account number. Stripe sends us only the customer ID, the subscription state, and the last four digits of the card on file.
When you request AI analysis, we send the relevant market data and prompts to third-party large language model (LLM) providers (currently Groq, DeepSeek, Google Gemini, and Anthropic Claude) over their respective HTTPS APIs. We do not send your real name, broker keys, account balance, or any payment information to these providers.
We do not sell your personal information. We share information only in these specific cases:
We keep your account and trade history for as long as your account is open. If you delete your account, we retain only the records we are legally required to keep (such as billing records for tax purposes), and remove or anonymize the rest within 90 days. Encrypted broker credentials are deleted immediately upon disconnection.
We use industry-standard security measures including TLS 1.2+ for all transport, encrypted-at-rest broker credentials, scrypt/bcrypt-derived password hashes, JWT-based session tokens, and access control on all sensitive endpoints. No system is perfect, however, and you should choose a strong, unique password and enable two-factor authentication where offered by your broker.
Depending on where you live, you may have the right to access, correct, port, or delete your personal data, or to object to certain processing. You can exercise these rights by emailing info@alphratrading.com. We will respond within 30 days.
The Service is not directed to children under 18. We do not knowingly collect data from anyone under 18. If you believe a minor has registered, please contact us and we will delete the account.
AlphaAI is operated from the United States. By using the Service from outside the U.S. you consent to your information being transferred to and processed in the U.S., which may have different data-protection laws than your jurisdiction.
If we make material changes we will post the revised policy here and update the "Last updated" date. For significant changes we will also send a notice to the email on your account.
Questions about this Privacy Policy? Email us at info@alphratrading.com.