Privacy Policy
Effective Date: March 19, 2026
The team operating hltape.xyz ("we", "us", "our") provides the hltape.xyz application ("Service"). This Privacy Policy explains how we collect, use, and protect information when you use our Service.
1. Information We Collect
1.1 Wallet Information
When you authenticate using Sign-In with Ethereum (SIWE) via RainbowKit, we collect:
- Your public wallet address (e.g., Ethereum/Arbitrum address).
- Cryptographic signatures for authentication verification (these are not permanently stored).
- Hyperliquid Agent/Session keys authorized by you to allow our bot to manage your orders.
We never collect, store, or have any access to your Layer 1 private keys or seed phrases.
1.2 Trading Configuration
When you create or manage orders through our Service, we store:
- Order parameters you configure (asset, size, leverage, trailing distance, stop-loss and take-profit levels).
- Order execution history and status.
- Timestamps of actions taken by you and our automated systems.
1.3 Technical Data
We automatically collect:
- IP address (strictly for rate limiting, security purposes, and abuse prevention).
- Browser type and version.
- Device information.
- Error logs and performance data to diagnose issues.
1.4 Information We Do NOT Collect
- Personal identification information (name, email, phone number) unless explicitly provided by you for support purposes.
- Financial information beyond what is publicly visible on-chain or available via the Hyperliquid API for your connected account.
- Location data beyond basic regional inference from your IP address.
2. How We Use Your Information
We use the collected information strictly to:
- Provide the Service — Execute and manage trailing stop-loss and take-profit orders on the Hyperliquid DEX on your behalf.
- Authenticate — Verify your identity and secure your session via wallet signatures.
- Improve the Service — Analyze usage patterns, diagnose technical issues, and optimize bot performance.
- Ensure Security — Detect and prevent fraud, abuse, and unauthorized access to our infrastructure.
3. Data Storage and Security
- Trading configurations, Agent keys, and order data are stored securely in our databases.
- We implement industry-standard security measures, including encryption and strict access controls, to protect your data.
- Data is retained for as long as your account is active and for a reasonable period thereafter for legal, security, and operational purposes.
4. Third-Party Services
We use the following strictly vetted third-party services that may process portions of your data to help us operate the Service:
| Service | Purpose | Data Handled |
|---|---|---|
| Hyperliquid DEX | Order execution & blockchain interactions | Wallet address, order parameters, Agent signatures |
| RainbowKit / WalletConnect | Wallet connection handling & UI | Wallet address, connection status |
| Vercel | Frontend hosting and web infrastructure | IP address, browser data, request logs |
| Fly.io | Backend server hosting for bot execution | IP address, encrypted application data |
| Neon | Serverless PostgreSQL database hosting | Encrypted user and trading data |
| Sentry | Error tracking and application monitoring | Technical data, anonymized error logs, browser info |
| Better Stack | Infrastructure logging and uptime monitoring | Server logs, technical performance data |
Each third-party service operates under its own privacy policy. We encourage you to review them.
5. Blockchain Data
Please note that transactions executed on the Hyperliquid DEX and underlying blockchains are publicly visible by design. Your wallet address and trading activity on-chain are public records and are entirely outside of our control.
6. Data Retention
- Active accounts — Data is retained for the duration of your use of the Service.
- Inactive accounts — Order history and configuration data may be retained for up to 12 months after your last activity to resolve any potential disputes.
- Technical logs — Server and error logs are typically purged automatically after 30 to 90 days.
You may request the deletion of your account data at any time (see Section 8).
7. Cookies and Local Storage
We use minimal browser local storage and cookies strictly for essential functions:
- Session management — Maintaining your authenticated secure session via SIWE.
- Preferences — Storing your UI/UX application preferences.
We do not use tracking cookies, cross-site advertising cookies, or invasive analytics cookies.
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access — Request a copy of the data we hold about you.
- Correction — Request correction of inaccurate data.
- Deletion — Request deletion of your data (subject to technical limitations regarding immutable blockchain data).
- Restriction — Object to certain processing of your data.
To exercise any of these rights, contact us through the official channels provided on hltape.xyz.
9. Children's Privacy
The Service is not intended for anyone under the age of 18. We do not knowingly collect information from minors.
10. International Data Transfers
Our servers and third-party processors may be located in jurisdictions outside your country of residence. By using the Service, you consent to the transfer and processing of your technical data in these locations.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the Service UI. Continued use of the Service after changes constitutes your acceptance of the updated Policy.
12. Contact
For privacy-related inquiries, data deletion requests, or questions about this policy, please reach out to us through the channels provided on hltape.xyz.