Legal
Privacy Policy
Last updated: March 13, 2026
System R AI ("Company", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform, APIs, and related services (the "Service").
1. Information We Collect
1.1 Information You Provide
| Data Type | Examples |
|---|---|
| Account information | Name, email address, password (hashed) |
| Payment information | Processed by Stripe. We never store card numbers. |
| Trading configuration | Strategies, risk parameters, broker connections |
| Support communications | Emails, feedback, support requests |
1.2 Information Collected Automatically
| Data Type | Purpose |
|---|---|
| Usage data | Features used, session duration, interaction patterns |
| Device information | Browser type, OS, screen resolution |
| Log data | IP address, access times, error logs |
| Cookies | Session management, preferences, analytics |
1.3 Information We Do Not Collect
- We do not collect or store your broker account credentials. Authentication is handled via OAuth with your broker.
- We do not collect actual trade execution data from your broker unless you explicitly enable trade sync.
- We do not collect financial account balances unless you grant read-only API access.
2. How We Use Your Information
- Provide the Service: Process your requests, run analysis, execute trading workflows
- Improve the platform: Analyze usage patterns to improve features and performance
- Communicate: Send service updates, security alerts, and billing notifications
- Security: Detect and prevent fraud, abuse, and unauthorized access
- Legal compliance: Meet regulatory obligations and respond to lawful requests
We do not use your trading data to train machine learning models shared across users. Your trading configurations and strategies remain private to your account.
3. Data Sharing
We do not sell your personal information. We share data only in these limited circumstances:
- Service providers: Stripe (payments), AWS (infrastructure), broker APIs (at your direction)
- Legal requirements: When required by law, subpoena, or court order
- Business transfers: In connection with a merger, acquisition, or sale of assets (with advance notice)
- With your consent: When you explicitly authorize sharing
4. Data Storage and Security
Your data is stored on AWS infrastructure in the United States. We implement industry-standard security measures including:
- Encryption in transit (TLS 1.3) and at rest (AES-256)
- Role-based access controls with least-privilege principles
- Regular security audits and vulnerability assessments
- Isolated compute environments for each user's trading operations
- Automated threat detection and incident response procedures
See our Security page for more details on our security practices.
5. Data Retention
- Active accounts: Data retained for the duration of your subscription
- Cancelled accounts: Data retained for 30 days to allow reactivation, then deleted
- Backups: Encrypted backups retained for up to 90 days for disaster recovery
- Legal holds: Data may be retained longer if required by law
You may request data export or deletion at any time by contacting us.
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your data ("right to be forgotten")
- Portability: Request your data in a machine-readable format
- Restriction: Request restriction of processing in certain circumstances
- Objection: Object to processing based on legitimate interests
To exercise any of these rights, contact us at hello@systemr.ai
7. Cookies
We use cookies and similar technologies for:
- Essential cookies: Required for authentication and session management
- Analytics cookies: Help us understand how users interact with the Service
- Preference cookies: Remember your settings and configurations
You can control cookie preferences through your browser settings. Disabling essential cookies may prevent the Service from functioning properly.
8. Third-Party Services
The Service integrates with third-party services that have their own privacy policies:
- Stripe: Payment processing. stripe.com/privacy
- AWS: Cloud infrastructure. aws.amazon.com/privacy
- Broker APIs: Governed by your broker's terms and privacy policy
9. Children's Privacy
The Service is not intended for anyone under 18 years of age. We do not knowingly collect information from minors. If we learn that we have collected data from a minor, we will delete it promptly.
10. International Data Transfers
If you access the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer. We implement appropriate safeguards for international data transfers in compliance with applicable data protection laws.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification at least 14 days before taking effect. The "Last updated" date at the top reflects the most recent revision.
12. Contact
For questions about this Privacy Policy or your data, contact us at:
hello@systemr.ai