Privacy and Security Policy
Last updated: June 6, 2026
Provider: Essofore LLC (“we”, “us”, “our”)
User: the individual or entity submitting the Getting Started form (“you”, “your”)
This Privacy and Security Policy explains what information we collect, how we use it, and the measures we take to protect it. By using our service you agree to the practices described here.
1. Information We Collect
When you submit the Getting Started form, we collect:
- API Key and API Secret for your Alpaca paper-trading account;
- Email address;
- Stock ticker you wish to trade.
We do not collect payment information, government-issued identification, or any other personal data beyond what is listed above.
2. How We Use Your Information
We use the information you provide exclusively for business purposes related to operating the service:
- To connect to your Alpaca paper-trading account and execute trades on your behalf;
- To communicate with you about your account, service updates, and trial status;
- To diagnose and resolve technical issues with the service.
We do not sell, rent, or share your personal information or API credentials with third parties, except as required by law or to operate core infrastructure (e.g., cloud hosting providers) under appropriate confidentiality obligations.
3. Security Safeguards
We apply appropriate technical and organizational measures to protect your credentials and personal data, including:
- Encryption of credentials at rest and in transit (TLS);
- Strict access controls limiting who can view stored credentials;
- Monitoring and logging of access to sensitive data.
Despite these measures, no internet-based system is completely secure. We cannot guarantee that unauthorized parties will never circumvent our safeguards. You acknowledge and accept that you provide your API credentials at your own risk.
4. Limitation of Liability for Security Incidents
To the maximum extent permitted by applicable law, Essofore shall not be liable for any loss, damage, or unauthorized disclosure of your credentials or personal data resulting from:
- Cyber-attacks, hacking, or unauthorized access to our systems;
- Malware, phishing, or other third-party malicious acts;
- Events beyond our reasonable control.
In the event of a confirmed breach affecting your data, we will notify you by email as promptly as reasonably practicable.
5. Data Retention
We retain your information for as long as your account is active or as needed to provide the service. You may request deletion of your data at any time by contacting us. Upon request we will delete your stored credentials and personal data within a reasonable timeframe, except where retention is required by law.
6. Your Rights
Depending on your jurisdiction, you may have rights to access, correct, or delete your personal data. To exercise any of these rights, please contact us via the contact form.
7. Changes to This Policy
We may update this Policy from time to time. We will notify you of material changes by email. Continued use of the service after changes take effect constitutes your acceptance of the revised Policy.
8. Contact
If you have questions or concerns about this Policy, please contact us via the contact form.