AlstrumAlstrum← Back to Home

Privacy Policy

Alstrum AI, Inc.

Effective Date: January 9, 2026 | Last Updated: January 9, 2026

1. Introduction

Alstrum AI, Inc. ("Alstrum," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our trading infrastructure platform, websites, mobile applications, and related services (collectively, the "Services").

We operate as the "AI layer of capital markets," providing institutional-grade quantitative trading infrastructure to retail traders and institutional clients. Given the sensitive nature of financial data, we maintain rigorous privacy and security standards, including SOC 2 Type II compliance.

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please do not use our Services.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when using our Services:

  • Account Information: Name, email address, phone number, username, password, and for trading accounts: date of birth, SSN/tax ID, government ID, and proof of address.
  • Financial Information: Bank account details, brokerage account credentials (with authorization), investment preferences, risk tolerance, and transaction history.
  • Profile Information: Profile photos, trading experience level, investment goals, and communication preferences.
  • Communications: Customer support inquiries, feedback, and correspondence.
  • Payment Information: Billing address and payment method details (processed by PCI-DSS compliant processors).

2.2 Information Collected Automatically

  • Device and Usage Information: Device type, OS, browser, IP address, unique identifiers, access times, pages viewed, features used.
  • Trading Activity Data: Strategies created, signals viewed, backtests run, trading decisions made.
  • Log Data: Access times, hardware/software info, device events, crash data.
  • Cookies and Tracking: Cookies, web beacons, and similar technologies (see Section 6).

2.3 Information from Third Parties

  • Brokerage Partners: Account information, positions, and transaction data.
  • Identity Verification: KYC and AML compliance services.
  • Data Providers: Market data, financial information, and alternative data.
  • Analytics Providers: Aggregated analytics data.

3. How We Use Your Information

  • Providing and Improving Services: Operating our trading platform, generating AI signals, market analysis, trade execution.
  • Personalization: Tailoring signals, recommendations, and content to your preferences.
  • Account Management: Creating/managing accounts, processing transactions, customer support.
  • Security and Fraud Prevention: Detecting and preventing fraud, monitoring for suspicious patterns.
  • Compliance: Meeting SEC, FINRA, and international financial regulations.
  • Communications: Service-related messages and marketing (with consent).
  • Research: Training ML models, conducting research with anonymized data.
  • Legal Purposes: Enforcing terms, protecting rights, defending claims.

4. How We Share Your Information

We do not sell your personal information. We may share in these circumstances:

  • Service Providers: Cloud hosting (GCP, AWS), payment processing, identity verification, customer support, analytics.
  • Brokerage Partners: Information needed to facilitate transactions.
  • Data Partners: Technical info for accessing services (Databento, FactSet, Quiver) - we do not share personal trading data.
  • Legal Requirements: Law, regulation, legal process, or governmental request (SEC, FINRA).
  • Business Transfers: Mergers, acquisitions, or asset sales.
  • With Consent: When you explicitly consent.
  • Aggregated Data: De-identified information for research/analytics.

5. Data Retention

  • Account Information: Duration of account + 7 years after closure.
  • Transaction Records: Minimum 7 years (SEC/FINRA requirements).
  • Trading Activity Data: 7 years for regulatory compliance.
  • Communications: Support: 3 years; Marketing consent: duration + 2 years.
  • Log Data: 2 years for security/troubleshooting.
  • Anonymized Data: May be retained indefinitely.

6. Cookies and Tracking Technologies

  • Essential Cookies: Required for services to function (authentication, security).
  • Analytics Cookies: Understanding user interactions (Rybbit Analytics).
  • Preference Cookies: Remembering display settings and configurations.
  • Marketing Cookies: Delivering relevant ads (with consent).

Manage preferences through our cookie consent banner or browser settings.

7. Your Rights and Choices

7.1 All Users

  • • Access and update account information in settings.
  • • Opt out of marketing emails.
  • • Disconnect linked brokerage accounts.
  • • Request account deletion at [email protected].

7.2 California Residents (CCPA/CPRA)

  • • Right to Know, Delete, Correct, Opt Out, Limit Sensitive Info Use, Non-Discrimination.
  • • Contact: [email protected] or +1 (617) 993-9577.

7.3 EEA/UK/Switzerland (GDPR)

  • • Rights: Access, Rectification, Erasure, Restriction, Portability, Object, Withdraw Consent, Lodge Complaints.
  • • International transfers use Standard Contractual Clauses.
  • • Data Protection Officer: [email protected].

7.4 Other U.S. States

Virginia, Colorado, Connecticut, Utah residents: Contact [email protected].

8. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact us immediately at [email protected].

9. Third-Party Links and Services

Our Services may contain links to third-party websites or integrate with third-party services (e.g., brokerage platforms). This Privacy Policy does not apply to those third parties. Review their privacy policies before providing personal information.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be reflected in the "Effective Date," and material changes will be communicated via email or platform notice. We review this policy at least annually.

11. Contact Us

Alstrum AI, Inc.

Email: [email protected]

Data Protection Officer: [email protected]

Phone: +1 (617) 993-9577

Address: Boston, MA, United States

California Residents: Email [email protected] with subject "CCPA Request" or call +1 (617) 993-9577.

EEA/UK Residents: Contact [email protected].

Response Time: 45 days (CCPA) or 30 days (GDPR), with extensions as permitted.

12. Supplemental Notices

12.1 Financial Industry Compliance

We comply with SEC recordkeeping, FINRA rules, Gramm-Leach-Bliley Act, and BSA/AML requirements.

12.2 SOC 2 Compliance

Alstrum maintains SOC 2 Type II compliance. Reports available to customers under NDA.

12.3 Do Not Track

Our Services do not currently respond to DNT signals. Manage tracking via our cookie consent tool.

12.4 Global Privacy Control

We honor GPC signals as a valid opt-out request under CCPA/CPRA.

This Privacy Policy is provided in English. If translated, the English version controls.

© 2026 Alstrum AI, Inc. All rights reserved.