Privacy Policy

The corporation registered in British Columbia, Canada ("we," "us," or "our") is dedicated to protecting your privacy in accordance with applicable laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada and the General Data Protection Regulation (GDPR) for European Union users. This Privacy Policy delineates our practices concerning the collection, utilization, disclosure, and safeguarding of your information in connection with the http://Botico.ai website (http://botico.ai), mobile application, and Services. By engaging with the Services, you consent to the terms hereof.

1. Categories of Information Collected

We collect only such information as is reasonably necessary to furnish and enhance the Services:

• Identifiers and Contact Data: Including name, email address, and similar details provided during account creation.
• Device and Usage Information: Encompassing IP addresses, browser types, device identifiers, navigational patterns, and interaction metrics, procured through automated technologies such as cookies and analytics tools.
• Trading and Technical Data: Encrypted API keys, user-defined strategies, trade histories, and preferences (e.g., for personalization of the Aisha AI assistant and machine learning model refinement—we expressly disclaim access to or storage of your exchange account balances or funds).
• Financial Transaction Data: Billing particulars processed via secure third-party gateways (we do not retain payment card information).
• Communication and Feedback Data: Inquiries directed to Aisha, support correspondence, and user-submitted feedback.

Data is anonymized or pseudonymized wherever practicable to minimize identifiability.

2. Methods of Data Collection

Information is amassed:

• Directly from Users: Through registration forms, API configurations, or voluntary submissions.
• Automatically: Via cookies, server logs, and integrated analytics for operational efficacy.
• From Third Parties: Such as exchanges pursuant to your explicit consent for trade facilitation, or service providers for ancillary functions.

3. Purposes for Data Utilization

Your information is processed solely for legitimate purposes:

• Service Provision and Functionality: To facilitate trade automation, deliver AI-driven insights via Aisha, enable backtesting, and execute user commands.
• Platform Enhancement and Analytics: To refine features, train AI models with anonymized data, and conduct aggregated performance evaluations.
• Security, Fraud Prevention, and Legal Compliance: To detect anomalies, mitigate risks, and fulfill obligations under AML laws (e.g., FINTRAC reporting) and other regulatory mandates.
• Communications: To disseminate updates, transactional notifications, and, with consent, marketing materials (revocable at any time).
• Internal Operations: For auditing, dispute resolution, and business continuity.

We adhere to principles of data minimization and purpose limitation.

4. Disclosure of Information

Disclosures are restricted to:

• Authorized Service Providers: Entities bound by data processing agreements for hosting, analytics, or payment processing.
• Legal and Regulatory Obligations: In response to valid requests from authorities, subpoenas, or to safeguard rights, property, or safety.
• Corporate Transactions: In the context of mergers, acquisitions, or asset sales, subject to equivalent privacy protections.
• With Explicit Consent: For optional features such as community content sharing.

We do not sell, rent, or otherwise monetize your personal data.

5. Data Security Protocols

We implement reasonable administrative, technical, and physical safeguards commensurate with the sensitivity of the data:

• Encryption Standards: Employing robust cryptographic measures for data in transit and at rest.
• Access Controls and Monitoring: Role-based permissions, multi-factor authentication, and continuous surveillance for unauthorized activities.
• Incident Response: In the event of a data breach, we commit to prompt notification as required by law (e.g., within 30 days under PIPEDA or 72 hours under GDPR where applicable).
• AI-Specific Measures: Aisha processes queries with anonymized datasets for training, ensuring no retention of identifiable information beyond necessity.

Notwithstanding these measures, absolute security cannot be assured; users are encouraged to employ vigilant practices.

6. Cookies and Similar Technologies

We utilize cookies and analogous tracking mechanisms to optimize functionality:

• Essential Cookies: Indispensable for core operations such as session maintenance and security.
• Preference Cookies: To retain user settings and enhance personalization.
• Analytics Cookies: For aggregated insights into usage patterns.
• Marketing Cookies: To deliver tailored content, subject to consent.

Upon initial access, a consent banner permits customization of preferences (essential cookies remain active). Cookies may persist from session duration to extended periods. Users may manage or disable via browser configurations, though this may impair Service functionality.

8. Rights of Data Subjects

You possess rights to:

• Access, rectify, or erase your personal data.
• Restrict or object to processing, including automated decision-making.
• Data portability in a structured format.
• Withdraw consent prospectively, potentially affecting Service availability.

For EU residents, GDPR confers additional entitlements, including complaints to supervisory authorities. Submit requests to [email protected]; we respond within statutory timelines (e.g., 30 days under PIPEDA).

9. Privacy for Minors

The Services are not directed at individuals under 18 years of age, and we do not knowingly collect data from minors.

10. Cross-Border Data Transfers

Personal data may be transferred to and processed in jurisdictions outside Canada, including the United States and European Union, with appropriate safeguards such as adequacy determinations or Standard Contractual Clauses to ensure equivalent protection levels.

11. Data Retention Practices

We retain personal data only for the duration necessary to fulfill the purposes outlined herein, or as mandated by legal, regulatory, or contractual obligations (e.g., financial records for up to seven years). Upon fulfillment or request, data is securely deleted or anonymized.

12. Amendments to Privacy Policy

We may revise this Policy periodically, providing conspicuous notice (e.g., via email or platform alert). Continued engagement with the Services post-revision signifies acceptance. We encourage periodic review.

13. Inquiries and Data Protection Officer

For privacy concerns, rights exercises, or complaints, contact our Data Protection Officer at [email protected]. Canadian users may escalate to the Office of the Privacy Commissioner of Canada; EU users to relevant supervisory authorities.