Security & Compliance

Built with security and regulatory compliance as top priorities

Non-Custodial Architecture

No Wallets

We never create or control wallets on your behalf

No Balances

Your funds always remain in your exchange account

No Transfers

We cannot initiate withdrawals or transfers of your assets

What This Means For You

Our platform operates as a pure software tool that connects to your exchange account via API. We only have permission to read market data and place orders based on your configurations. We cannot access, transfer, or withdraw your funds. This architecture eliminates custody risk entirely.

Regulatory Positioning

MiCA Compliance Framework

This platform does not fall under MiCA-regulated crypto-asset services as it does not provide:

  • Custody services (we don't hold assets)
  • Execution services (orders execute on third-party exchanges)
  • Advisory services (users make all strategic decisions)

What We Actually Provide

  • Software-as-a-Service (SaaS) automation tool
  • User-configured standing instructions
  • API integration technology
  • Technical infrastructure for automation

Data & API Security

Encrypted Storage

API credentials are encrypted at rest using industry-standard AES-256 encryption. Encryption keys are stored separately and rotated regularly.

Read/Trade Only Permissions

We only request API keys with read and trade permissions. We never ask for withdrawal permissions, ensuring your funds cannot be moved off the exchange through our platform.

Immediate Revocation

You can revoke API access instantly from your exchange account at any time. Once revoked, our platform immediately loses all access to your account.

Your Security Responsibilities

Use a strong, unique password for your account

Enable two-factor authentication (2FA) on your exchange account

Never share your API keys with anyone else

Regularly review your automation settings and logs

Monitor your exchange account for any unexpected activity