1. Who We Are
The Service is operated by:
PT TRADE CAFE AILABS
Address: JL. Sunset Road No 105, Desa/Kelurahan Seminyak, Kec. Kuta, Kab. Badung, Provinsi Bali, Kode Pos: 80361, Indonesia
Email: info@tradecafe.ai
2. Scope
This Privacy Policy explains how we collect, use, disclose, store, and protect information when you use the Website.
3. Unified Account Across Website and Mobile Apps
We use a single account system across our Website and our iOS/Android mobile applications. This means your account information and settings may be used across interfaces so you can access the Service consistently.
4. Information We Collect
4.1 Account Data
- Email address (if you register by email).
- If you register/login via Google OAuth: name, avatar, email, and Google ID.
4.2 Subscription and Payment Data (Crypto Only)
We accept payments only in USDT (TRC20). We store:
- Subscription type (monthly/annual) or one-time payment status.
- Invoice amount, time of payment detection, and status (active/expired).
- Invoice assignment information (e.g., the unique wallet address generated for your transaction).
We do not collect or store credit card numbers or bank account details.
4.3 Withdrawal and Reward Payout Data
If you request a payout, we collect:
- The withdrawal wallet address you provide.
- Withdrawal request metadata (amount, time, status).
4.4 Exchange Integration Data (e.g., Bybit)
If you connect an exchange account, we collect and store in our database:
- Exchange name.
- API key and API Secret (stored using industry-standard encryption).
- Integration settings.
Important: We require API keys to be created without withdrawal permissions. You may delete your API keys at any time. We do not share your API keys with third parties.
4.5 Referral / Marketing Program Data
We process username, referral counts, internal platform balance, and aggregated referral turnover to administer the reward program (including rewards limited to the first 3 referral levels and quarterly rewards for active users, as shown in the Service).
4.6 Cookies / Local Storage
We use strictly necessary cookies/tokens for authentication and to maintain your session (e.g., access token, refresh token, user ID). On our public website we also use Google Analytics (GA4), provided by Google, which sets cookies and collects standard usage data — such as pages viewed, approximate location (derived from IP address), device and browser type, and referral source — to help us measure traffic and improve the site. These analytics run only on our public marketing pages, not inside the authenticated app.
4.7 Logs and Diagnostics
We maintain service logs (authentication events, API errors) for security and debugging purposes for up to 30 days.
5. How We Use Your Information
We use your information to:
- Provide account registration, authentication, and access control.
- Verify crypto payments and manage subscriptions.
- Execute exchange integrations and trading bot commands you request (where applicable).
- Administer Trading Pool and referral rewards (where applicable).
- Maintain security and prevent fraud/abuse.
- Communicate about purchases, payments, and policy changes.
- Comply with legal obligations and enforce our terms.
7. International Data Processing
Your data is stored and processed in the EU, primarily in Frankfurt, Germany. We do not process your data in Indonesia.
8. Data Retention
We retain data only as long as necessary for the purposes described in this policy, including security and legal compliance. Key retention points:
- Logs: up to 30 days.
- Database backups: created daily and retained for 7 days.
- Account data: generally deleted upon account deletion, subject to short backup retention and limited legal/security needs.
- Referral retention after deletion: inviter reward attribution may remain only as an orphaned former internal ID (no username/email and no link back to the deleted user’s identity).
9. Account Deletion (Support Ticket)
Account deletion is handled via support ticket request.
After approved deletion, we delete or de-identify account data. Due to rolling backups, deleted data may persist in backups for up to 7 days until overwritten.
10. Security
We use reasonable technical and organizational measures including HTTPS/TLS, encryption of sensitive data (such as exchange API secrets), role-based access control (RBAC), and least-privilege access.
11. Your Rights
Depending on your location, you may request access, correction, or deletion of your information. Contact us at info@tradecafe.ai.
12. Children
The Service is not intended for users under 18.
13. Changes
We may update this policy and will notify you of material changes via email and/or within the Service.
14. Contact
info@tradecafe.ai