PRIVACY POLICY
Last updated: March 27, 2026
1. What We Collect
Testudo collects the minimum data necessary to operate the platform. Here is exactly what we store:
- → Wallet address — Your Ethereum wallet address, used as your identity (via SIWE)
- → Exchange API keys — Encrypted at rest with AES-256-GCM. Used to execute trades and fetch balances
- → Trade history — Imported from your exchanges and recorded from live trades. Used for journal and analytics
- → Journal entries — Your trade notes, theses, tags, and uploaded images
- → Risk configuration — Your position sizing and risk management settings
2. What We Don't Collect
Testudo uses wallet-based authentication. We do not collect:
- → Email addresses
- → Passwords
- → Real names or personal identification
- → Phone numbers
- → Location or IP-based tracking data
- → Third-party tracking cookies or advertising pixels
3. How We Store Your Data
All data is stored in a PostgreSQL database. Exchange API credentials are encrypted with AES-256-GCM before storage — they are never stored in plaintext and are only decrypted at the moment of use (executing a trade, fetching a balance).
Agent wallet private keys (for Hyperliquid) are encrypted with the same scheme. You can revoke agent wallet authorization at any time, which immediately disables the key on-chain regardless of our storage.
4. Cookies
Testudo uses two HttpOnly cookies for authentication:
- → access_token — JWT session token (15 minute TTL)
- → refresh_token — Session refresh token (7 day TTL)
Both cookies are Secure, HttpOnly, and SameSite=Strict. They cannot be read by JavaScript and are only sent to Testudo's API. We do not use tracking cookies, analytics cookies, or any third-party cookies.
5. Third-Party Services
When you connect an exchange, Testudo makes API calls to that exchange on your behalf using your credentials. This is necessary to execute trades, fetch balances, and import trade history. The exchanges that receive these calls are:
- → Hyperliquid (via native API)
- → Binance (via REST API)
- → Bybit (via REST API)
- → WOO (via REST API)
- → OKX (via REST API)
We do not share your data with any other third parties. We do not use analytics services, advertising networks, or data brokers.
6. We Don't Sell Your Data
Your trading data, journal entries, performance metrics, and exchange credentials are never sold, shared, or provided to any third party for any purpose. Your data exists solely to operate the platform for you.
7. Your Rights
You have the right to:
- → Export your data — Trade history and journal entries can be exported as markdown files from the Desk
- → Delete your account — All data including encrypted credentials is permanently deleted
- → Revoke exchange access — Remove API keys or revoke agent wallets at any time
- → Request your data — Contact us for a full export of everything we store about you
8. Data Retention
While your account is active, all data is retained to provide the service. If you delete your account:
- → Exchange credentials are destroyed immediately
- → Trade history, journal entries, and analytics are deleted within 30 days
- → Authentication sessions are revoked immediately
9. Security
We take the security of your data seriously:
- → Credentials encrypted with AES-256-GCM at rest
- → HTTPS/TLS for all data in transit
- → HttpOnly, Secure, SameSite=Strict cookies
- → JWT tokens with short TTL and server-side session tracking
- → No plaintext credential storage anywhere in the system
If you discover a security vulnerability, please report it via GitHub.
10. Changes to This Policy
We may update this policy as the platform evolves. Material changes will be communicated through the platform. Continued use after changes constitutes acceptance.