Tradeaion logoTradeaion

Security

How Tradeaion Protects Your Trading Data

Trading data is sensitive. Here is how Tradeaion handles it — read-only imports, encryption everywhere, and clear data ownership.

Read-only broker imports

Tradeaion never asks for trade execution permissions. Imports are read-only by design — we ingest your trade history, never the ability to place orders on your behalf.

No broker passwords stored

Tradeaion does not store broker login credentials. CSV imports never touch credentials at all. When supported broker auto sync ships, it uses scoped, read-only OAuth or API tokens — not passwords.

Encryption in transit and at rest

All traffic to Tradeaion runs over TLS 1.2+. Data at rest is encrypted using industry-standard AES-256 encryption inside our cloud provider's managed storage.

Your data, your control

You can export your full Tradeaion data on the Pro plan at any time. You can delete your account and request data deletion in writing — see our Privacy Policy for details.

Hardened cloud infrastructure

Tradeaion runs on hardened cloud infrastructure with isolated environments for production data, audit logging on sensitive operations, and least-privilege access controls.

Modern web security

HTTPS only, HSTS preload, strict referrer policy, content type sniffing protection, and a permissions policy that disables sensitive browser APIs we don't use.

Personalized AI handled responsibly

Your trade data is never used to train shared models. Personalized AI runs on your own data, scoped to your account, and we don't sell or share trading data with third parties.

Solo founder, transparent stack

Tradeaion is being built by a solo founder. There's no opaque vendor chain — what we use, how we store data, and what we change is communicated openly via the changelog.

Responsible disclosure

If you find a security issue, please report it responsibly:

  • Email [email protected] (or contact via /contact) with details of any potential vulnerability.
  • Please don't publicly disclose, exploit beyond proof of concept, or test against other users' data.
  • We respond to credible reports promptly and fix critical issues quickly.

For everything else, see our Privacy Policy and Terms of Service.