[ Auracle / Privacy ]

Privacy

Effective 2026-05-15. Aurapoint Capital LLC ("Auracle", "we") operates this website and the Auracle self-hosted software. Auracle is a self-hosted platform: your trading strategies, market data, and order history live on your hardware and never reach our servers.

What we collect

• Billing data — your email, name, billing address, and payment-method last-4 are collected by Stripe when you purchase. We see only what Stripe forwards via webhook (email + invoice metadata). Card numbers never reach our servers.
• License-validation pings — your install pings our license server every 6 hours with your license key + a per-install UUID. We use this to confirm your subscription is active and to detect a single key activated on multiple installs.
• Marketing-site analytics — none. This site does not use Google Analytics, Mixpanel, Segment, Posthog, or any third-party analytics. The only request your browser makes off-site from this page is to load fonts from fonts.bunny.net (a privacy-respecting Google Fonts mirror).

What we don't collect

• Your trading strategies, backtest results, orders, positions, P&L, or account balances.
• Your broker credentials (IBKR / Alpaca / ClearStreet / Hyperliquid). These live in your local .env only.
• Your market data ingest. Auracle pulls market data direct from providers (yfinance, Polygon, IBKR) into your local TimescaleDB; we never see it.
• Your IP address on the marketing site, beyond what Vercel's edge logs retain for ~24 hours for DDoS protection.

Where data goes

• Stripe — stripe.com/privacy. Stripe is our payment processor and acts as a separate data controller for billing data.
• Postmark / SMTP — outbound license-key emails. The plaintext key + your email transit through whichever provider you've configured as AURACLE_*_SMTP_* for your install. Our central license server uses Postmark.
• Stripe invoice JSON retention — we keep the full Stripe invoice JSON for 120 days (the chargeback window). After that we null out the PII-bearing fields and keep only aggregated payment metadata for revenue reporting.

Right to deletion

Email contact@aurapointcapital.com with subject "Right to deletion" and your billing email. We respond within 30 days and confirm when your records have been purged from our license server. Stripe and any active subscription must be canceled separately at refunds.

Contact

Privacy questions: contact@aurapointcapital.com.