PRIVACY POLICY
§1 DATA WE COLLECT
Email address (for authentication and communication), Hyperliquid wallet address (to connect and monitor your agent), trading data generated by your agents (positions, trades, P&L), usage data (pages visited, features used). credit purchase history, credit balance, and evaluation usage statistics. anonymized decision and trade data contributed by your agent to the collective intelligence network. this data includes: coin, direction, action (enter/reject/exit), regime classification, and trade outcome. this data is stripped of personally identifiable information before being used in collective computations.
§2 DATA WE DO NOT COLLECT
Private keys are never transmitted to or stored by zero. We do not access your wallet directly — the agent runtime uses your credentials only for trade execution. We do not sell or share personal data with third parties for marketing purposes.
§3 THIRD-PARTY SERVICES
Supabase (database hosting), Vercel (web hosting, US), Hyperliquid (trade execution, decentralized), Resend (email delivery, US), Plausible (analytics — no cookies, no personal data collection), Alchemy (blockchain monitoring, United States) — used for payment detection on Arbitrum network. We do not sell or share your data with advertisers. Anonymized trading decisions and performance metrics may be used to improve collective network intelligence. No personally identifiable information is shared with other operators. Credit purchase transactions are processed by Stripe (card) or on-chain (USDC on Arbitrum). We store transaction records but not payment credentials.
§4 GDPR RIGHTS (EU/EEA USERS)
Right to access: request a copy of your data. Right to deletion: request deletion of your account and data. Right to portability: export your trading history. Right to correction: request correction of inaccurate data. Data retention: deleted within 30 days of account deletion. Contact for requests: [email protected]
§5 DATA RETENTION & DELETION
Upon account deletion request, all personal data will be removed within 30 days. Active account data is retained while your account exists. Deleted data cannot be recovered.
§6 COOKIES
Essential cookies only (authentication session). No tracking cookies, no advertising cookies, no analytics cookies that identify users. Plausible analytics operates without cookies.
§7 SECURITY
Data is encrypted at rest and in transit via TLS. Credentials are encrypted using industry-standard encryption. Access is logged and monitored. Row Level Security enforced at the database level. credit balances are stored in encrypted database systems with row-level security. credit transactions are logged with full audit trails.
§8 CHILDREN
zero is not intended for users under 18 years of age. We do not knowingly collect data from minors.
§9 CHANGES
Users will be notified via email of material changes to this privacy policy. Continued use after notification constitutes acceptance.
§10 CONTACT
For privacy inquiries: [email protected]