1. Scope
This Privacy Policy applies when:- You browse our public websites, pricing pages, product pages, or documentation
- You create or use a Traseq account
- You join, manage, or are invited to a workspace
- You subscribe to a paid plan or purchase credits
- You use our APIs or AI-assisted features
- You contact support, submit feedback, or request information
- You interact with enterprise, sales, support, or contact forms
2. Personal Data We Collect
We collect data from you, from workspace administrators/collaborators, from integrated providers, and automatically from your use of the Services.If you don’t provide data required for account creation, authentication, billing, or workspace access, we may be unable to provide the relevant part of the Services.
A. Website, identity, and account data
| Data | Examples |
|---|---|
| Website visitor data | Page visits, referral information, contact form context, documentation views |
| Identity | Name, email address, avatar or profile image |
| Authentication | Provider identifiers, login/session details |
| Preferences | Account preferences, onboarding status |
B. Workspace and collaboration data
| Data | Examples |
|---|---|
| Workspace info | Workspace name, settings |
| Membership | Member/invitation records, role assignments, permissions |
| Administration | Organization data, billing admin data, activity logs |
C. Research and product usage data
| Data | Examples |
|---|---|
| Strategy data | Strategies, versions, blocks, prompts, comments, notes |
| Backtest data | Configurations, results, analytics, comparison sets |
| API keys | Metadata — name, scopes, creator, status, last-used timestamp, expiry |
| Usage metrics | Credits consumed, plan limits, seat allocation |
| Settings | Product settings, browser storage, linked service preferences |
Important: Plaintext API key secrets are shown only at creation time and are not stored in plaintext in our database.
D. Billing and transaction data
| Data | Examples |
|---|---|
| Subscription | Tier, billing cycle, status, invoices, renewals |
| Payment | Payment-related identifiers from payment providers |
| Tax | Tax-relevant billing records |
| Fraud prevention | Transaction metadata for reconciliation and support |
We do not intentionally store full payment card or equivalent credentials on our own systems when handled by a third-party processor.
E. Communications and support data
- Support requests and correspondence
- Feedback submissions (category, subject, message, page URL, troubleshooting metadata)
- Enterprise, sales, or partnership form submissions
- Email delivery and notification logs
F. Technical, device, and security data
- IP address
- Browser, device, and operating system information
- Request logs, timestamps, and identifiers
- Error and performance events
- Cookie and session information
- Data used to detect abuse, fraud, or unauthorized access
G. AI workflow data
If you use AI-assisted features, we may process:- Prompts and instructions you submit
- Relevant workspace context needed to generate outputs
- AI-generated drafts, rewrites, analyses, and related metadata
- Model usage telemetry for operating and securing the feature
Please do not include sensitive personal data in prompts unless it is necessary and you are authorized to do so.
3. How We Use Personal Data
| Purpose | Examples |
|---|---|
| Provide the Services | Operate, secure, and maintain our websites, applications, and APIs |
| Authentication | Manage accounts, workspaces, permissions, API access |
| Billing | Process subscriptions, invoices, refunds, billing events |
| Product functionality | Deliver backtests, analytics, AI outputs, and workspace collaboration |
| Communication | Account, workspace, billing, and support messages |
| Website operations | Respond to inbound requests, improve public pages, and manage conversion flows |
| Reliability | Monitor performance, debug issues, improve security |
| Safety | Investigate abuse, fraud, terms violations, legal claims |
| Legal compliance | Meet legal obligations, audits, enforcement requests |
| Protection | Protect rights, safety, and integrity of Traseq and users |
Legal bases (EEA, Switzerland, UK)
If you are located in the EEA, Switzerland, or the UK, our legal bases include:- Contract performance — to provide the Services you signed up for
- Legitimate interests — security, product operations, abuse prevention, support
- Legal obligations — compliance with applicable laws
- Consent — where required by law
4. How We Disclose Personal Data
We don’t sell your data. We don’t use it for third-party cross-context behavioral advertising. We may disclose personal data to:| Recipient | Why |
|---|---|
| Workspace members | According to your role and the product’s permission model |
| Service providers | Identity, hosting, storage, email, billing, observability, support, AI |
| Payment providers | Subscriptions, invoices, purchase flows |
| Professional advisers | Auditors, insurers, legal counsel |
| Authorities | Law enforcement, regulators, courts — where required by law or to protect rights and safety |
| Corporate transactions | Actual or proposed merger, acquisition, financing, reorganization, or asset sale |
5. Cookies, Local Storage, Analytics, and Similar Technologies
We use cookies and similar technologies for:- Authentication and session management
- Security protections
- Product functionality and preferences
- Optional analytics and service improvement where permitted and enabled
localStorage, sessionStorage) for interface preferences, pending invitation flows, workspace context, payment-return state, and other settings.
Where required by law, we will obtain consent before enabling non-essential analytics or session replay. Essential technologies remain active to provide requested functionality, maintain security, and preserve necessary product state. You can control cookies through your browser settings, but disabling essential technologies may affect functionality.
For surface-specific details, including which Traseq surfaces currently use optional analytics or session replay, see our Cookie & Tracking Notice.
6. AI Providers and Automated Processing
Important: AI outputs are probabilistic and may be inaccurate or incomplete. Human review remains your responsibility.When AI features are enabled, prompts and workspace context may be sent to third-party model providers to generate outputs. Those providers process data according to our instructions and their applicable service commitments.
7. International Data Transfers
We may process and store personal data in countries other than your own. Where required by law, we use appropriate safeguards for cross-border transfers, such as contractual protections or other lawful transfer mechanisms.8. Data Retention
We retain personal data for as long as reasonably necessary to:- Provide the Services
- Maintain account history and workspace continuity
- Enforce our terms and resolve disputes
- Meet tax, accounting, legal, and audit obligations
- Protect against fraud, abuse, and security incidents
If you request deletion, we may retain limited data as necessary for legal compliance, security, fraud prevention, backup integrity, or dispute resolution.For analytics and tracking data, retention may also depend on provider configuration, fraud-prevention needs, and whether aggregate or de-identified reporting can be retained without keeping user-identifiable event history.
9. Your Rights and Choices
Depending on where you live, you may have the right to:- Know whether we process your personal data
- Access or obtain a copy of your data
- Correct inaccurate or incomplete data
- Delete your personal data
- Object to or restrict certain processing
- Withdraw consent where processing is consent-based
- Portability — receive your data in a portable format
- Opt out of certain uses where required by law
- Appeal or complain to a regulator
Region-specific rights
Taiwan
Under the Personal Data Protection Act (Article 3), you may inquire, review, obtain copies, supplement or correct, demand cessation of collection/processing/use, and request deletion — subject to statutory exceptions.EEA, Switzerland, and UK
Under GDPR (Articles 15–22), you have data subject rights. We generally aim to respond within one month, subject to lawful extensions.California
You may have the right to know, access, correct, and delete certain personal information, and to be free from unlawful discrimination for exercising privacy rights.How to exercise your rights
Contact us at support@traseq.com. We may need to verify your identity before acting. Workspace admins may also manage certain data within the product.10. Security
We use administrative, technical, and organizational safeguards to protect personal data, including:- Access controls
- Scoped API keys
- Role-based permissions and workspace isolation
- Transport security
- Logging and security monitoring
- Sensitive-area masking for supported session replay flows
Important: No system is completely secure. You are responsible for protecting your credentials, using appropriate workspace access controls, and promptly reporting suspected compromise.