Legal
Privacy Policy
Last Updated: 23 March 2026 | Effective Date: 23 March 2026
AlphaSync is a product of Vianmax Techno Ventures Pvt. Ltd. ("Vianmax™", "we", "us", or "our"), incorporated in India. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the AlphaSync platform — including demo.alphasync.app (α·SIM practice trading) and trade.alphasync.app (α·AUTO and α·SCALP live trading).
By using any part of the AlphaSync Service, you consent to the practices described in this Policy. If you do not agree, please discontinue use of the Service.
1. Information We Collect
Information you provide directly:
- Full name, email address, and phone number when you register
- Profile details such as trading experience level and goals
- Payment information — processed securely via third-party payment gateways (Razorpay, UPI); we do not store card or bank account numbers
- Support communications, feedback, and contact form submissions
- College or institution name if you sign up under an institutional plan
Information collected automatically:
- Platform usage data: pages visited, features used, virtual trades placed, session duration
- Device and browser information: browser type, operating system, IP address, device identifiers
- Virtual trading activity: orders placed, portfolio composition, P&L history, strategy configurations (all virtual)
- Cookies and similar tracking technologies (see Section 7)
Subdomain-specific data:
- demo.alphasync.app (α·SIM): Virtual portfolio data, practice trade history, AI signal interactions — no real financial data is ever collected on this subdomain
- trade.alphasync.app (α·AUTO & α·SCALP): In addition to standard data, this subdomain collects broker API credentials (encrypted), 2FA device records, live strategy configurations, and real-trade execution logs
2. Broker API Keys & Live Trading Data
AES-256
Broker API keys provided for α·AUTO and α·SCALP live trading modes are stored using AES-256 encryption at rest. Keys are never logged in plaintext, never shared with third parties beyond the designated broker API endpoint, and are used solely to execute trades on your behalf as authorised by you.
- Supported broker integrations: Zebu Mynt, Zerodha Kite, Upstox, Angel One SmartAPI (and others as added)
- API keys are transmitted over TLS 1.3 encrypted connections only
- You may revoke API access at any time from your account settings — this immediately stops all automated trade execution
- AlphaSync does not retain broker API keys after account deletion
- Live trade execution logs (order IDs, timestamps, quantities, prices) are retained for 2 years for audit, dispute resolution, and regulatory purposes
3. Two-Factor Authentication (2FA) Data
Two-Factor Authentication is mandatory for all trade.alphasync.app accounts and optional for demo.alphasync.app. We collect the following in connection with 2FA:
- Phone number or authenticator app registration data (TOTP seed — stored encrypted)
- Login attempt timestamps and IP addresses (retained for 90 days for security audit purposes)
- Device fingerprints for trusted-device recognition
2FA data is never shared with third parties and is used solely for account security purposes.
4. How We Use Your Information
- To provide, operate, and improve the AlphaSync platform (demo.alphasync.app and trade.alphasync.app)
- To execute automated trading strategies on your behalf when you activate α·AUTO or α·SCALP
- To personalise your experience, AI signal recommendations, and strategy suggestions
- To process payments and manage your subscription plan
- To send service notifications, account alerts, trade execution summaries, and (with consent) marketing emails
- To respond to your queries and provide customer support
- To detect and prevent fraud, unauthorised access, and security breaches
- To analyse aggregated usage patterns and improve platform performance
- To fulfil legal obligations, regulatory reporting, or respond to lawful authority requests
5. Sharing of Information & Third-Party Partners
We do not sell your personal data. We may share your information with:
- Broker Partners (Zebu, Zerodha, Upstox, Angel One): When you activate live trading modes (α·AUTO / α·SCALP), your encrypted API credentials are used to communicate with your chosen broker's API. Trade instructions are transmitted to your broker on your explicit authorisation. Zebu Share and Wealth Managements Pvt. Ltd. is an official partner — see their privacy policy at zebuetrade.com
- Cloud Infrastructure Providers: Servers, storage, and CDN services — all bound by data processing agreements
- Payment Processors: Razorpay or equivalent — PCI-DSS compliant; we do not see or store card numbers
- Analytics & Monitoring Tools: Usage analytics to improve the platform — only anonymised/aggregated data
- Email Service Providers: For transactional emails, account alerts, and newsletters (with consent)
- Institutional Administrators: If your account is under a college or enterprise plan, your institution's administrator may view your performance metrics and trading activity within the platform dashboard
- Legal Requirements: If required by law, court order, SEBI, or any regulatory authority in India
- Business Transfers: In the event of a merger, acquisition, or asset sale — subject to equivalent privacy protections
6. Data Retention
- Account data: Retained for the life of your account plus 12 months after closure
- Virtual trade history (α·SIM): Retained while account is active; deleted 30 days after account closure
- Live trade logs (α·AUTO / α·SCALP): Retained for 2 years from date of trade for regulatory audit purposes
- Broker API keys: Deleted immediately upon account closure or key revocation
- Security logs (login attempts, IP addresses): Retained for 90 days
- Payment records: Retained for 7 years as required under Indian financial regulations
You may request deletion of your account and personal data at any time by contacting us at info@alphasync.app. Certain data may be retained longer to comply with legal obligations or pending disputes.
7. Cookies & Tracking
We use cookies and similar technologies to:
- Maintain your authenticated session across demo.alphasync.app and trade.alphasync.app
- Remember your preferences (theme, language, dashboard layout)
- Analyse traffic and improve platform performance
- Detect suspicious session activity and enforce security policies
You can manage cookie preferences through your browser settings or our cookie consent banner. Declining non-essential cookies may affect platform functionality. Session cookies required for login and security cannot be disabled without losing platform access.
8. Data Security
We implement the following security measures to protect your data:
- TLS 1.3 All data in transit is encrypted using TLS 1.3
- AES-256 Broker API keys and sensitive credentials are encrypted at rest using AES-256
- 2FA Two-factor authentication is mandatory on trade.alphasync.app and available on demo.alphasync.app
- 30-min Automatic session timeout on trade.alphasync.app after 30 minutes of inactivity
- Role-based access controls limiting employee access to personal data
- Regular security audits and vulnerability assessments
No method of electronic transmission is 100% secure. We cannot guarantee absolute security but commit to notifying you promptly — and as required by law — in the event of a data breach affecting your information.
9. Your Rights
Under applicable Indian data protection laws, you have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your account and personal data (subject to legal retention obligations)
- Portability: Request your data in a structured, machine-readable format
- Restriction: Object to or restrict certain types of processing
- Withdraw Consent: Opt out of marketing communications at any time via the unsubscribe link in emails or by contacting us
- Broker API Revocation: Revoke broker API access at any time from your account settings on trade.alphasync.app
To exercise any of these rights, contact our Data Protection team at info@alphasync.app. We will respond within 30 days.
10. Children's Privacy
AlphaSync is not intended for users under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has created an account or provided us with data, please contact us immediately at info@alphasync.app and we will delete the information promptly.
11. Third-Party Links
The platform may contain links to third-party websites and services — including broker platforms (Zebu at oa.zebuetrade.com, Zerodha, Upstox), research portals, and payment gateways. We are not responsible for the privacy practices, content, or security of those external sites. We encourage you to review their privacy policies before providing any personal information.
12. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, platform features, or legal requirements. We will notify you of material changes via email or in-app notification. The updated policy will show a revised "Last Updated" date at the top. Continued use of the Service after notification constitutes acceptance of the updated Policy.
13. Contact Us
For privacy-related queries, data requests, or to exercise your rights, contact our Data Protection team: