Stratagem Lab Bot Privacy Policy

Stratagem Lab Web-Based

Personal Automated Trading Bot

Privacy Policy

Effective Date: May 27, 2026

Last Updated: May 31, 2026

This Privacy Policy describes how personal data is collected, utilized, and protected when purchasing a license for or executing this independent automated local software application (the "Software"). This Software is operated by an independent software developer ("Licensor") and is not owned by or legally affiliated with Stratagem Lab.

Important Software Architecture Context

Local Operation Only: The Software is a local desktop application (Windows, macOS, or Linux) consisting of a headless background worker and a Streamlit monitoring interface operating strictly on the local network (http://localhost:8501). It is not a hosted cloud web application, and users do not log into Licensor servers to execute trades.

Broker Configuration: The Software interfaces with an explicitly configured third-party US broker API. By default, the application runs in a simulated Paper Trading mode. Live trading is entirely user-configured.

1. Collected Information and Local Protocols

A. Information Collected Externally (At Point of Sale)

Because this application is sold as a commercial product, certain personal data is collected when completing a checkout transaction:

Billing Information: Real name, billing address, email address, and transactional metadata. All payment details are securely processed and encrypted via Stripe, LLC. The Licensor never stores or receives complete payment card numbers.

License Validation Data: To verify the software license without hardware binding, the following opaque identifiers are utilized via the local .env configuration file:

REMOTE_LOG_INSTANCE_ID: An opaque UUID issued per distinct software installation.

TELEMETRY_SUBSCRIPTION_REF: An opaque license row identifier generated by the backend infrastructure.

The account email address and Stripe customer_id recorded at checkout.

B. Allocation of Local Data vs. Transmitted Telemetry

1. Data That Stays Exclusively on the Local Device (Local Data)

The following information is strictly kept within the local environment. The Licensor cannot access, pull, or view this data:

Secrets & Keys: Third-party broker API keys, external chat platform webhook URLs, and SMTP passwords remain in plain text within the local .env file. These are filtered out at the code layer and are never transmitted via telemetry.

Local Files: All logs generated under the data/ directory—including trade journals, system audit logs, tick histories, and daily CSV or text reports—remain completely on disk. They are never transmitted unless the user manually generates and sends a redacted diagnostics zip file to support.

2. Data Transmitted to Licensor (Telemetry Ingest and Validation Loops)

When telemetry is enabled under the software license or when verification loops execute, the Software executes secure HTTPS POST requests to the Licensor's Google Cloud ingest and authentication endpoints. This information is stored securely within a Google Firestore database environment.

The precise data scope of these transmissions is outlined below:

3. Breakdown of Telemetry Alert Line Content

Telemetry event payloads are limited to high-level operational tracking and do not include profit & loss (P&L), equity values, or total cash balances:

Worker Status: Transmits the targeted ticker symbol, trading mode (paper or live), dry_run status, bar size constraints, strategy time window constraints, and mathematical indicators (such as RSI, Moving Average, or volume parameters).

Order Submissions: Transmits the symbol, quantity ordered, reference trigger price, broker-issued order ID, signal generation reason, and execution mode (paper or live).

Daily Report Notifications: Transmits the date, local report file path, execution mode, and dry_run boolean flags. It explicitly omits financial summary values, which stay entirely local on disk within the data/reports/ directory.

4. Optional Third-Party Data Paths, Local Audit Chains, and Verification Cache

User-Configured Alerts: If the user chooses to enable external notifications via chat platform webhooks or SMTP email, the message payload will be transmitted through the chosen external communication provider. These entities act as data subprocessors. Payload metrics mimic the standard telemetry alert lines described above.

Buyer-Side Firestore Logs: This feature is turned off by default for retail deployments (REMOTE_LOG_FIRESTORE_ENABLED=false inside .env.retail.example). If explicitly turned on by the user utilizing their own Google Cloud Platform (GCP) credentials, data streams directly to that isolated cloud project, not to the Licensor infrastructure.

Local Audit Chains: If the user defines an AUDIT_HMAC_KEY variable, the Software activates a tamper-evident local transaction log (data/audit_log.jsonl). This ledger remains local to the device unless manually exported for troubleshooting.

Local Validation Cache: To preserve operational resilience during localized network disruptions, the Software logs execution verification metadata on disk to data/license_cache.json. This tracking payload is used solely to maintain a rolling 24-hour network failure grace period and is never read or compiled by the Licensor.

2. How Information is Utilized

The Licensor processes limited personal data, validation pings, and telemetry streams strictly to fulfill contract terms, maintain network security, and manage retail software operations:

To authenticate license states, execute automated runtime validation lookups, and manage active software subscription windows via Stripe.

To operate the telemetry ingest pipeline, map technical exceptions, and cross-reference inbound customer support tickets to a specific install_id.

To immediately revoke application access tokens and deny cloud database verification requests in the event of an issued refund, standard subscription cancellation, or financial chargeback.

Note on Software Updates: While critical service announcements are sent directly to the registered checkout email address, automated software updates are not pushed over telemetry. System modifications must be downloaded manually by the user via a secure release portal or verified GitHub Release zips.

3. Disclosures, Subprocessors, and Security

A. Third-Party Subprocessors

The Licensor does not sell, rent, or trade personal data. To maintain service viability, metadata is shared only with the following data subprocessors:

Stripe, LLC: For payment handling, automated invoicing, product entitlement routing, and business fraud mitigation.

Google Cloud Platform (GCP): For core serverless ingest infrastructure, Cloud Functions hosting, and secure Firestore database storage (telemetry_logs, entitlements, and license_activations collections).

Optional Notification Platforms: The user's chosen communication or SMTP provider, only when explicitly turned on by the operator to process external notification webhooks.

B. International Data Transfers

If an international resident accesses this Software from outside the United States, transaction details and telemetry logs will be transferred to and securely processed within the United States under valid Standard Contractual Clauses.

C. Technical Security and Operations

In-Transit Protection: All telemetry and validation traffic traveling from the local worker application to the cloud infrastructure uses encrypted, HTTPS-only ingestion URLs.

Authentication: Transmissions must present a cryptographically verified Bearer token unique to the specific install_id.

Local Security Boundary: Because the Streamlit monitoring dashboard operates on local hosting boundaries (localhost), the user is strictly required to ensure the local port configuration is not exposed to the public internet.

D. User Rights and Data Retention

Retention Policy: Telemetry logs collected inside Google Firestore are held for a maximum rolling window of 90 days for operational analysis and debugging, after which they are permanently purged. Checkout financial logs are kept longer to satisfy corporate legal and tax obligations.

Your Rights: Users retain full rights to request access to or permanent deletion of all telemetry records tied to their install_id or customer email address. For all privacy inquiries, data extraction requests, or deletion processing, please contact the Licensor's support team directly.

Financial Disclaimer

Disclaimer: This Software is a local execution tool intended for automated data analysis and order routing. The Licensor does not provide personalized investment advice, financial planning, or custodial portfolio management. All trading strategies are run at the sole risk and discretion of the local operator.

5. Governing Law and Contact

G. Governing Law and Jurisdiction

This Privacy Policy shall be governed by, and construed in accordance with, the laws of the Commonwealth of Virginia, without regard to its conflict of law principles. Any legal action or proceeding arising under this Privacy Policy shall be brought exclusively in the state or federal courts located in Henrico, Virginia, and the parties hereby consent to personal jurisdiction therein.