SignalBee

Privacy Policy

Last updated: November 15, 2025

MVP Template - To be reviewed by legal counsel

1. Introduction

SignalBee ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our automated cryptocurrency trading platform.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (for account identification and communication)
  • Password (securely hashed before storage)
  • Account creation and last login timestamps

2.2 Exchange Credentials

To execute trades on your behalf, we collect:

  • Binance API keys (encrypted before storage)
  • Binance API secrets (encrypted before storage)
  • Exchange account identifiers

Important: API keys are NEVER stored in plaintext. All credentials are encrypted at rest using industry-standard encryption.

2.3 Trading Configuration

We store your trading preferences:

  • Webhook secrets (securely hashed)
  • Trading enabled/disabled status
  • Whitelisted trading pairs
  • Maximum order size limits
  • Default exchange selection

2.4 Trading Activity Data

We log all trading signals and order executions:

  • Signal payloads received from TradingView (action, ticker, quantity)
  • Order execution results (quantity, price, status)
  • Timestamps for all trading activity
  • Success/failure status and rejection reasons

This data is retained for 30 days and used for audit trails and troubleshooting.

2.5 Technical Information

We automatically collect:

  • IP addresses (for security monitoring)
  • Browser type and version
  • Device information
  • Log data (errors, performance metrics)

3. How We Use Your Information

3.1 Service Provision

  • Execute trading signals on cryptocurrency exchanges
  • Authenticate webhook requests from TradingView
  • Enforce risk management rules (whitelists, size limits)
  • Provide signal and order history in the dashboard

3.2 Security and Fraud Prevention

  • Detect and prevent unauthorized access
  • Monitor for suspicious trading activity
  • Enforce rate limiting and abuse prevention
  • Audit credential access and modifications

3.3 Service Improvement

  • Analyze platform performance and reliability
  • Debug errors and technical issues
  • Optimize signal-to-execution latency
  • Improve user experience based on usage patterns

3.4 Communication

  • Send email verification links during registration
  • Notify about service updates or maintenance (future)
  • Respond to support inquiries

4. Data Security Measures

4.1 Encryption

We implement multiple layers of encryption:

  • At Rest: Exchange API keys encrypted using industry-standard encryption
  • In Transit: All communications secured with HTTPS
  • Password Hashing: Passwords are securely hashed before storage
  • Webhook Secrets: Securely hashed before storage

4.2 Access Controls

  • Credentials only decrypted when needed for trade execution
  • Encryption keys stored in environment variables (MVP) or secrets manager (future)
  • Database access restricted to application layer only
  • No direct database access by operators during normal operation

4.3 Audit Logging

  • All credential access logged with timestamps and user IDs
  • Trading decisions logged at Info/Warn/Error levels
  • Security events monitored for anomalies

5. Data Sharing and Disclosure

5.1 Third-Party Services

We share minimal data with:

  • Binance: API keys/secrets for order execution (encrypted in transit)
  • Email Service Providers: Email addresses for verification emails (future)

5.2 We Do NOT:

  • Sell your personal data to third parties
  • Share trading strategies or signal content with anyone
  • Provide your exchange credentials to any third party
  • Use your data for advertising or marketing to third parties

5.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Valid legal processes (subpoenas, court orders)
  • Investigations by law enforcement agencies
  • Protection of our legal rights

6. Data Retention

  • Account Data: Retained while account is active
  • Exchange Credentials: Deleted when you remove credentials from dashboard
  • Trading History: Signals and orders retained for 30 days, then deleted
  • Audit Logs: Security-relevant logs retained for 90 days

7. Your Rights

7.1 Access and Portability

  • View your signal and order history in the dashboard
  • Export trading data for your records
  • Request a copy of your account data

7.2 Modification and Deletion

  • Update your email address and password
  • Modify trading configuration (whitelists, limits)
  • Delete exchange credentials at any time
  • Request account deletion (contact support)

7.3 Opt-Out

  • Disable trading via the enable/disable toggle
  • Revoke API key permissions on Binance directly
  • Unsubscribe from email communications (future)

8. Cookies and Tracking

SignalBee uses minimal cookies for essential functionality:

  • Session Cookies: JWT tokens stored in localStorage for authentication
  • No Advertising Cookies: We do not use tracking cookies for ads
  • No Third-Party Analytics: MVP does not include Google Analytics or similar services

9. Children's Privacy

SignalBee is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time during the MVP phase. We will notify users of significant changes by:

  • Updating the "Last updated" date at the top of this policy
  • Sending email notifications for material changes (future)
  • Displaying a notice in the dashboard (future)

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact:

13. Your Consent

BY USING SIGNALBEE, YOU CONSENT TO THE COLLECTION, USE, AND STORAGE OF YOUR INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT AGREE, PLEASE DO NOT USE THE SERVICE.