Privacy Policy

TRILLbot, Inc. ("TRILLbot", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service.

This policy applies to all users of the TRILLbot platform, including our website, mobile applications, and related services (collectively, the "Service").

By accessing or using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not use our Service.

2.1 Information You Provide to Us

We collect information that you voluntarily provide when:

• Account Registration: Email address, username, password, and profile information
• Identity Verification (KYC): Full name, date of birth, address, government-issued ID, and selfie photographs (as required by applicable regulations)
• Payment Information: Credit/debit card details, bank account information, and billing address (processed securely by third-party payment processors)
• Wallet Connections: Cryptocurrency wallet addresses and public keys (we never access or store private keys)
• Communications: Messages, support tickets, feedback, and survey responses
• Trading Preferences: Strategy selections, risk tolerance settings, and trading parameters

2.2 Information Automatically Collected

When you access our Service, we automatically collect certain information:

• Device Information: IP address, browser type, operating system, device identifiers, and mobile network information
• Usage Data: Pages visited, features used, time spent on the Service, clickstream data, and interaction patterns
• Location Data: General geographic location based on IP address (we do not collect precise GPS location without consent)
• Log Data: Server logs, error reports, and diagnostic information
• Cookies and Similar Technologies: See Section 8 for details

2.3 Trading and Transaction Data

• Trade history, order details, and execution records
• Portfolio holdings, balances, and performance metrics
• Deposit and withdrawal transactions
• Exchange API keys (stored encrypted) and connection status

2.4 Information from Third Parties

• Cryptocurrency exchanges (transaction data, balances)
• Payment processors (payment confirmation, fraud detection)
• Identity verification services (KYC/AML compliance)
• Analytics providers (aggregated usage statistics)
• Blockchain networks (public transaction data)

We use collected information for the following purposes:

3.1 Service Provision and Operations

• Create and manage your account
• Execute automated trading strategies on your behalf
• Connect to cryptocurrency exchanges and execute trades
• Process payments and subscription billing
• Provide customer support and respond to inquiries
• Monitor system performance and resolve technical issues

3.2 Security and Fraud Prevention

• Verify your identity and comply with KYC/AML regulations
• Detect and prevent fraud, abuse, and security threats
• Monitor for suspicious trading activity
• Enforce our Terms of Service and legal rights

3.3 Service Improvement and Development

• Analyze usage patterns to improve our Service
• Train and optimize AI/ML trading algorithms
• Develop new features and functionality
• Conduct research and data analysis

3.4 Communications

• Send transactional emails (confirmations, alerts, account updates)
• Provide customer support and respond to requests
• Send marketing communications (with your consent)
• Notify you of important changes to our Service or policies

3.5 Legal and Compliance

• Comply with legal obligations and regulatory requirements
• Respond to lawful requests from authorities
• Enforce our legal rights and agreements
• Protect against legal liability

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers and Partners

• Cryptocurrency Exchanges: To execute trades on your behalf
• Payment Processors: To process subscription payments
• Identity Verification Services: For KYC/AML compliance
• Cloud Hosting Providers: For data storage and computing infrastructure
• Analytics Services: For service improvement (aggregated data only)
• Customer Support Tools: To manage support tickets

All service providers are bound by data protection agreements and process data only on our instructions.

4.2 Legal Requirements

We may disclose information when required by law to:

• Comply with court orders, subpoenas, or legal processes
• Respond to lawful requests from law enforcement or regulatory agencies
• Investigate potential violations of our Terms of Service
• Protect the rights, property, or safety of TRILLbot, our users, or the public

4.3 Business Transfers

If TRILLbot is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4.4 Aggregated or De-identified Data

We may share aggregated or de-identified data that cannot reasonably be used to identify you for research, marketing, or analytics purposes.

We implement industry-standard security measures to protect your personal information:

• Encryption: TLS/SSL encryption for data in transit; AES-256 encryption for data at rest
• Access Controls: Role-based access restrictions and multi-factor authentication
• Secure Infrastructure: SOC 2 Type II certified cloud hosting
• API Key Security: Exchange API keys encrypted with user-specific keys
• Security Monitoring: 24/7 intrusion detection and security monitoring
• Regular Audits: Third-party security audits and penetration testing
• Cold Storage: 95% of cryptocurrency holdings in offline cold wallets

While we implement strong security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

We retain your personal information for as long as:

• Your account is active and you continue to use our Service
• Necessary to provide you with our Service
• Required to comply with legal obligations (typically 7 years for financial records)
• Necessary to resolve disputes and enforce our agreements

After account deletion, we will delete or anonymize your personal information within 90 days, except where longer retention is required by law. Some information may be retained in backup systems for up to 180 days.

Depending on your jurisdiction, you may have the following rights:

7.1 General Rights

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to certain processing activities
• Restriction: Request restriction of processing in certain circumstances

7.2 GDPR Rights (European Union)

If you are in the EU/EEA, you have additional rights under GDPR:

• Right to lodge a complaint with a supervisory authority
• Right to withdraw consent for consent-based processing
• Right to object to processing based on legitimate interests

7.3 CCPA Rights (California)

If you are a California resident, you have rights under CCPA:

• Right to know what personal information is collected, used, and shared
• Right to delete personal information (subject to exceptions)
• Right to opt-out of the "sale" of personal information (we do not sell data)
• Right to non-discrimination for exercising your rights

7.4 How to Exercise Your Rights

8.1 What Are Cookies

Cookies are small text files stored on your device that help us provide and improve our Service.

8.2 Types of Cookies We Use

• Essential Cookies: Required for authentication and security (cannot be disabled)
• Performance Cookies: Analyze how users interact with our Service
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand usage patterns (Google Analytics, etc.)

8.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling cookies may limit your ability to use certain features of our Service.

Your information may be transferred to and processed in countries other than your country of residence, including the United States.

When we transfer data internationally, we implement appropriate safeguards, including:

• Standard Contractual Clauses approved by the European Commission
• Privacy Shield frameworks (where applicable)
• Adequacy decisions by regulatory authorities

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

If we become aware that we have collected information from a child under 18, we will take steps to delete that information promptly. If you believe we have collected information from a child, please contact us at privacy@trillbot.com.

Our Service may contain links to third-party websites and services (e.g., cryptocurrency exchanges, wallet providers). This Privacy Policy does not apply to those third parties.

We encourage you to review the privacy policies of any third-party services before providing your information to them. We are not responsible for the privacy practices of third parties.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will notify you by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email notification to registered users
• Displaying a prominent notice on our Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.