This Privacy Policy describes how Zero Drift ("we," "us," or "our") collects, uses, stores, and protects your personal information when you access our website at https://usezerodrift.com or use our execution platform and related services (collectively, the "Services"). By using our Services, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide

We collect information you voluntarily provide when you interact with our Services:

  • Account registration details: name, email address, company name, and job title

  • Identity verification information required for institutional onboarding (KYC/KYB documentation)

  • API credentials and exchange account connection details necessary to execute trades on your behalf

  • Communication records: emails, support tickets, and messages you send to us

  • Payment and billing information processed through our third-party payment providers

1.2 Information Collected Automatically

When you access our Services, we automatically collect certain technical and usage data:

  • Device and browser information: IP address, browser type, operating system, and device identifiers

  • Usage data: pages visited, features used, timestamps, click patterns, and session duration

  • Log data: server logs, error reports, and performance metrics

  • Cookies and similar tracking technologies (see Section 5)

1.3 Trade and Execution Data

To provide our execution services, we process the following trade-related data:

  • Order parameters: pair, size, direction, execution bounds, and venue preferences

  • Execution data: fill prices, routing decisions, venue allocations, and timestamps

  • Post-trade reports: slippage metrics, fee breakdowns, and on-chain verification references

Trade data is essential to delivering our core service and generating auditable execution reports.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, and maintain our execution platform and related services

  • To execute trades according to your instructions and within your defined bounds

  • To generate post-trade reports and execution analytics

  • To verify your identity and complete institutional onboarding requirements

  • To communicate with you about your account, support requests, and service updates

  • To detect, prevent, and address fraud, security incidents, and technical issues

  • To comply with applicable legal and regulatory obligations

  • To improve and develop our Services based on aggregated, anonymized usage patterns

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

3.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including cloud hosting providers, payment processors, identity verification services, and analytics platforms. These providers are contractually obligated to use your information only to perform services for us and to maintain appropriate security measures.

3.2 Exchange and Venue Partners

To execute trades on your behalf, we transmit order data to the centralized exchanges, OTC desks, and on-chain protocols you have connected and authorized. We transmit only the data necessary to execute your orders.

3.3 Legal and Compliance

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

3.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

4. Data Security

We implement industry-standard technical and organizational measures to protect your information, including:

  • Encryption of data in transit (TLS 1.3) and at rest (AES-256)

  • API credential storage using hardware-backed encryption and key management services

  • Role-based access controls and multi-factor authentication for internal systems

  • Regular security assessments, penetration testing, and vulnerability scanning

  • Incident response procedures and breach notification protocols

While we strive to protect your information, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to operate our Services effectively:

Essential Cookies: Required for authentication, session management, and security. These cannot be disabled.

Analytics Cookies: Help us understand how users interact with our platform. You can opt out of these through your browser settings or our cookie preferences.

We do not use advertising or third-party tracking cookies. We do not sell data to advertisers.

6. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes described in this policy:

  • Account data: retained for the duration of your account and for 12 months after closure

  • Trade and execution data: retained for 7 years to comply with financial record-keeping obligations

  • Communication records: retained for 3 years after the last interaction

  • Technical logs: retained for 90 days

When data is no longer needed, we securely delete or anonymize it.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you

  • Correction: Request correction of inaccurate or incomplete information

  • Deletion: Request deletion of your personal information, subject to legal retention requirements

  • Portability: Request a machine-readable copy of your data

  • Objection: Object to certain processing activities

  • Restriction: Request restriction of processing in certain circumstances

To exercise any of these rights, contact us at hello@usezerodrift.com. We will respond within 30 days.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we implement appropriate safeguards including standard contractual clauses and ensure adequate levels of protection.

9. Children's Privacy

Our Services are intended for institutional and professional use and are not directed to individuals under 18. We do not knowingly collect personal information from children. If we learn that we have collected information from a child, we will promptly delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website at least 30 days before the changes take effect. Your continued use of our Services after the effective date constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this policy, please contact us:

Email: hello@usezerodrift.com

Website: https://usezerodrift.com