LEGAL · LAST UPDATED 1 APR 2026

Privacy Policy.

How we collect, use, protect and store your data — GDPR compliant, no tracking sales, full control over your information.

EFFECTIVE 1 APR 2026 COMPLIANCE GDPR CONTACT [email protected]

01Data controller

SignalForge AI, based in Alicante, Spain. Contact: [email protected]

02Data we collect

We collect the following data:

  • Registration data: name, email, and payment method (managed by Stripe; we do not store card details).
  • MT5 connection data: server, login, and trading password, encrypted with Fernet encryption. Used solely for order execution.
  • Usage data: processed signals, execution history, error logs, and AI decisions.
  • Technical data: IP address, browser type (for security and diagnostics only).

03Purpose of processing

  • Providing the contracted service (alert connection and order execution).
  • Managing your subscription and billing.
  • Applying AI filters to signals (Pro plan, Q3 2026).
  • Technical support and incident resolution.
  • Improving the service and preventing fraud.

04Legal basis

Processing is based on the execution of the subscription contract (Art. 6.1.b GDPR) and our legitimate interest in maintaining service security (Art. 6.1.f GDPR).

05Data security

HOW YOUR CREDENTIALS ARE PROTECTED MT5 credentials are stored encrypted with Fernet encryption (AES-128-CBC). We have no access to withdraw funds from your broker account.

Communications are conducted over HTTPS/TLS. Payment data is processed entirely by Stripe (PCI DSS Level 1 certified).

06Data sharing

We do not sell or share your data with third parties, except:

  • Stripe: for payment processing.
  • Your MT5 broker: for order execution (using credentials you provide).
  • Legal requirement: if requested by a competent authority.

07Data retention

We retain your data while you maintain an active subscription. After cancellation, we delete MT5 credentials within 30 days. Billing data is retained for the legally required period (5 years in Spain).

08Your rights

Under the GDPR, you have the right to:

  • Access your personal data.
  • Rectify inaccurate data.
  • Request deletion of your data.
  • Object to processing.
  • Request data portability.
  • File a complaint with the AEPD (agpd.es).

To exercise these rights, write to [email protected].

09Cookies

We use strictly necessary cookies for service operation. Additionally, we use Google Analytics 4 (GA4) as a web analytics tool to understand how users interact with our site. GA4 uses first-party cookies to measure interactions. We do not use advertising cookies or share analytics data with third parties for commercial purposes. You can accept or reject analytics cookies via the banner displayed when visiting the site. If you reject, GA4 will not collect data from your visit. Legal basis: consent (Art. 6.1.a GDPR).

10Modifications

We may update this policy. We will notify relevant changes via email. The last updated date is indicated at the beginning of this document.

— END OF POLICY · LAST UPDATED 1 APR 2026 —