This page describes what Blackridge collects when you use the platform, why we collect it, and how to remove it. We hold the minimum needed to operate trading on your behalf, and we never sell or rent your data.
What we collect
Account data — email, display name, optional phone number. Used to sign you in and reach you about account-critical events (security, billing, outages).
Exchange credentials — Binance API key/secret, encrypted at rest with a deployment-scoped key. We never display the secret again after submission. We strongly recommend disabling withdrawal permissions on the API key; the connect-account dialog documents the safe configuration.
Trading state — your open and closed positions, P&L, strategy configurations, backtests, audit log of security-sensitive changes. This is generated by your use of the platform and is required to render the dashboard.
Diagnostic snapshots — only when you submit one explicitly via Settings → Help & support. The snapshot captures app version, your user id, and the page you were on. It never includes your token, password, or API credentials.
Operational logs — request timestamps, endpoint paths, response codes. Retained 30 days for debugging and abuse prevention.
What we don't collect
We do not run third-party trackers, advertising pixels, or analytics SDKs. We do not sell, share, or license any of the data above to third parties.
Where it lives
Application data is stored on our managed PostgreSQL cluster. Backups are encrypted at rest and retained 14 days. Server access is restricted to engineering staff under named accounts and audited.
Your rights
You can export your full account state on request. You can permanently delete your account, which removes credentials, profile, and personally-identifying data. Trade history is retained in pseudonymous form for regulatory and accounting reasons.
For requests or questions, reach us via Settings → Help & support, or email privacy@blackheart.app.