mobile_trader

Privacy

Privacy

Updated 2026-05-18.

What we collect

When you claim a free key: the email address you submit, the IP that submitted the request, the timestamp of issuance, and per-key MCP call counts (for the dormant-key 14-day revocation policy). The API key plaintext is returned to you exactly once and never persisted server-side — only its SHA-256 hash.

What we don’t collect

  • · No name. No phone. No card data. No payment information (the service is free anytime).
  • · No tracking cookies. No analytics scripts. No ad networks.
  • · No private keys, no seed phrases, no signing keys. Ever.
  • · No wallet address. We don't ask for it and we don't store it.

How long we keep it

Email-to-key mapping: retained for the 30-day key lifetime plus a short grace period (~7 days), then deleted. Expired API key records: retained as SHA-256 hash only for replay-prevention. Audit log of key issuance + revocation: 12 months for service-operations purposes.

Your rights (GDPR)

Request export or deletion of your audit-log entries by emailing the address in the site footer from the email you used to claim your free key. We respond within 30 days. Keys can be revoked on request at any time.

Third parties

Hosting: Cloudflare (CDN, Worker, D1). Solana RPC: third-party (your tx is visible on-chain regardless). No other data processors.