Last updated: June 7, 2026

This Privacy Policy explains how Dome Terminal collects, uses, shares, stores and protects information when you use the website, applications, account features, market data workflows, AI-assisted tools, bots, scripts, Academy content, alerts, portfolio tools, journal features, billing features and related services.

1. Scope and controller

This Policy applies to Dome Terminal services that link to it. It does not apply to third-party exchanges, brokers, payment processors, AI providers, hosting providers, analytics tools, app stores, data vendors or websites that we do not control. Those services process information under their own privacy policies and terms.

Where applicable law uses the terms controller, business, processor or service provider, Dome Terminal acts according to the role that fits the feature being used and the data processing relationship involved.

2. Information we collect

We may collect account information such as name, email address, username, password metadata, authentication state, plan, billing status, support requests, preferences and security events. We may collect device and usage data such as IP address, browser, device identifiers, operating system, app version, logs, crash reports, performance data, approximate location derived from IP and interaction events.

Trading workflow information may include watchlists, symbols, timeframes, chart state, indicators, alerts, journal entries, screenshots or uploaded media, paper trades, strategy settings, bot configuration, risk rules, portfolio records, educational progress and other data you choose to enter or connect.

3. AI prompts and generated content

If you use AI features, prompts, selected context, generated responses, feedback, tool calls and related metadata may be processed to provide the requested feature, maintain safety, debug issues, prevent abuse and improve product quality where permitted. AI context may include chart state, journal excerpts, risk settings, Academy lesson context, bot settings or other workflow data you deliberately make available to the AI feature.

Do not submit private keys, seed phrases, exchange secrets, full payment details, passwords, government IDs or information you are not authorized to share. AI outputs may be reviewed or logged for safety and troubleshooting depending on feature settings, provider requirements and applicable law.

4. Exchange, broker and API integrations

If you connect an exchange, broker, data provider or API integration, we may process connection metadata, provider name, permission scope, health state, rate-limit state, symbols, balances, orders, fills, positions, account snapshots and other data returned by the provider, depending on the integration and permissions you grant.

Credential handling depends on the integration design. Where credentials or tokens are used, they should be scoped to the minimum permissions needed. You remain responsible for provider settings, permission scopes, API key rotation, withdrawal restrictions, provider account security and compliance with provider rules.

5. Payments and subscriptions

Payments may be processed by third-party payment providers such as Stripe or other processors. We may receive billing metadata such as customer ID, plan, invoice status, renewal status, payment status, tax region, card brand and partial card details where provided by the processor. We do not need to store full card numbers to operate subscriptions.

6. Cookies and similar technologies

We may use essential cookies and local storage for login sessions, security, consent choices, preferences and core website operation. We may use optional analytics, performance or marketing technologies only where configured and permitted. Cookie choices can be managed through browser controls and any consent tools made available on the site.

7. How we use information

We use information to provide, secure, personalize, maintain and improve Dome Terminal; operate accounts and subscriptions; display market workflows; support AI and automation features; provide Academy progress; deliver alerts; process support requests; debug errors; prevent abuse; comply with law; enforce terms; and protect users, the product and third-party providers.

8. Legal bases where GDPR applies

Where the GDPR or similar law applies, processing may rely on contract performance, legitimate interests, consent, legal obligations or protection of vital interests depending on the feature and context. Examples include providing account services under contract, securing the product under legitimate interests, using optional cookies with consent, retaining billing records for legal obligations and responding to rights requests as required by law.

9. Sharing and disclosures

We may share information with service providers that help operate the product, including hosting, storage, analytics, email, support, payment, security, crash reporting, AI infrastructure, data providers and integration providers. We may disclose information if required by law, legal process, security investigation, fraud prevention, business transfer, enforcement of terms or protection of rights, safety and property.

Dome Terminal does not sell personal information in the ordinary meaning of selling user data for money. We also do not need to sell trader data to make the product valuable. If a law treats certain analytics or advertising disclosures as a “sale” or “sharing,” applicable choices will be provided where required.

10. Data retention

We retain information for as long as needed to provide the service, maintain account history, meet legal and tax obligations, resolve disputes, enforce agreements, secure the product, maintain audit logs, support backups and preserve business records. Retention periods vary by data type, feature, account status, legal requirement and operational need.

Deletion requests may be limited where retention is required for security, fraud prevention, billing, legal compliance, dispute resolution, backups, audit records or legitimate operational purposes. Backups may take additional time to expire.

11. Security

We use administrative, technical and organizational safeguards designed to protect information, including access controls, scoped permissions, monitoring, encrypted transport where appropriate and operational security practices. No system is perfectly secure. You are responsible for device security, account credentials, exchange permissions, API key scope and safe handling of sensitive trading information.

12. International transfers

Dome Terminal and its providers may process information in countries other than your own. Where required, international transfers may rely on adequacy decisions, standard contractual clauses, contractual safeguards, consent or other lawful transfer mechanisms.

13. Your privacy rights

Depending on your location, you may have rights to access, correct, delete, export, restrict or object to processing of your personal information, withdraw consent, opt out of certain sharing, limit certain sensitive information uses, or appeal a decision. These rights may be limited by law, identity verification, security, fraud prevention, billing, legal obligations and product integrity.

GDPR-region users may have rights including access, rectification, erasure, restriction, portability, objection and withdrawal of consent. California users may have rights under the CCPA/CPRA, including rights to know, delete, correct, opt out of sale or sharing where applicable, limit use of sensitive personal information where applicable and non-discrimination for exercising rights.

14. Children

Dome Terminal is not intended for children. Users must be legally able to use trading-related software and form a binding agreement. We do not knowingly collect personal information from children where parental consent is required.

15. Automated decision-making

Dome Terminal may provide automated analysis, alerts, scores, AI outputs and risk workflow suggestions. These features are decision-support tools and do not remove user responsibility. Where a law grants rights related to solely automated decisions with legal or similarly significant effects, you may contact us to exercise applicable rights.

16. Changes to this Policy

We may update this Privacy Policy as the product, providers, legal requirements and processing practices evolve. Material changes will be communicated by reasonable means where required. Continued use after the effective date means the updated Policy applies.

17. Contact and requests

Privacy requests, security concerns and questions should be submitted through the contact page. To protect accounts, we may need to verify your identity before responding. Do not include private keys, seed phrases, exchange secrets, passwords or full payment card details in privacy requests.