Triple Gem Trading

Privacy Policy

Last updated: February 23, 2026

1. Introduction

Triple Gem Trading ("we," "us," or "our") operates the website at triplegemtrading.com and the Triple Gem Trading web application (collectively, the "Service"). This Privacy Policy explains how we collect, use, and protect information when you use our Service.

Our core principle is simple: we collect as little data as possible, and your sensitive data never leaves your device.

2. Information We Do NOT Collect

Triple Gem Trading does not collect, store, or transmit:

  • Brokerage account credentials (username, password)
  • API keys, API secrets, or OAuth tokens
  • Account balances, positions, or trading activity
  • Personal financial information
  • Browsing behavior, usage analytics, or device fingerprints
  • Cookies for tracking or advertising purposes

All brokerage credentials and tokens are encrypted client-side using AES-256-GCM and stored exclusively in your browser's localStorage. They are never transmitted to any server operated by Triple Gem Trading.

3. Information We Do Collect

We collect only the minimum information necessary to operate the Service:

  • License key validation: When you enter a license key, we hash it using SHA-256 and compare it against stored hashes. The plaintext key is not stored server-side.
  • License cookie: A session cookie (tgt_license) is set in your browser to maintain your authenticated session. This cookie contains no personal information.
  • Server logs: Our hosting infrastructure (Cloudflare) may automatically collect standard web server logs including IP addresses, request timestamps, and HTTP headers. These logs are managed by Cloudflare under their own privacy policy and are not accessed by us for tracking purposes.

4. How Your Data is Protected

  • All connections use HTTPS with TLS encryption
  • Sensitive credentials are encrypted with AES-256-GCM client-side
  • Encryption keys are derived using PBKDF2 with unique salts
  • No third-party analytics, tracking scripts, or advertising networks are used
  • OAuth tokens communicate directly between your browser and your brokerage

5. Third-Party Services

Triple Gem Trading communicates with your brokerage's Trader API on your behalf using credentials you provide. This communication occurs directly between your browser and your brokerage's servers. We do not act as an intermediary.

Our website is hosted on Cloudflare Workers. Please refer to Cloudflare's Privacy Policy for information about their data handling practices.

6. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.

7. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

8. Contact

If you have questions about this Privacy Policy, please contact us through our contact page.