Privacy Policy

Last updated: December 31, 2026

Introduction

At Muckard, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our automated cryptocurrency trading platform.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site or use our services.

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us when you:

  • Register for an account
  • Express an interest in obtaining information about our services
  • Participate in activities on our platform
  • Contact us via email or other communication channels

Trading Data

We collect information related to your trading activities, including but not limited to trading history, portfolio performance, API keys (encrypted), and exchange connection details.

Wallet and API Information

When you connect your cryptocurrency exchange accounts to our platform, we collect and process:

  • API Keys: Your exchange API keys are collected and stored using bank-level AES-256 encryption. We never store API keys in plain text.
  • Exchange Account Data: Account balances, trading pairs, order history, and transaction records necessary to execute automated trading strategies.
  • Wallet Addresses: Public wallet addresses associated with your exchange accounts for transaction tracking and reporting purposes.
  • Trading Performance Metrics: Profit/loss calculations, win rates, and strategy performance data derived from your trading activity.

Important: Muckard NEVER has custody of your cryptocurrency assets. Your funds always remain in your exchange account. We only access your account via API to execute trades on your behalf based on your selected strategies.

Automatically Collected Information

We automatically collect certain information when you visit, use, or navigate our platform, including device information, browser type, IP address, and usage patterns.

How We Use Your Information

We use the information we collect or receive to:

Provide Services

Execute trades and manage your automated trading strategies

Improve Platform

Analyze usage patterns to enhance user experience

Send Communications

Notify you about important updates and changes

Ensure Security

Protect against fraud and unauthorized access

Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Bank-level encryption (AES-256) for all sensitive data
  • API keys are encrypted and never stored in plain text
  • Regular security audits and penetration testing
  • Two-factor authentication (2FA) for account access
  • Secure data centers with 24/7 monitoring

User Responsibility for API Access

You Are Responsible for Managing Your API Keys and Exchange Account Security

When you grant Muckard access to your cryptocurrency exchange account via API keys, you acknowledge and agree that you are solely responsible for:

  • API Key Configuration: Ensuring your API keys are configured with appropriate permissions (trading only - never withdrawal permissions). You should disable withdrawal, transfer, and deposit permissions on all API keys connected to Muckard.
  • API Key Security: Maintaining the confidentiality and security of your API keys. Never share your API keys with unauthorized parties.
  • Exchange Account Security: Implementing strong security measures on your exchange accounts, including two-factor authentication (2FA), strong passwords, and IP whitelisting where available.
  • Monitoring Access: Regularly reviewing API key access logs on your exchange account and revoking access immediately if you notice any unauthorized or suspicious activity.
  • Revoking Access: You can revoke Muckard's API access at any time by deleting the API keys from your exchange account or disconnecting the API connection in your Muckard account settings.

Disclaimer of Liability for API Misuse

While Muckard implements industry-standard security measures to protect your API keys, we cannot guarantee absolute security. You acknowledge that you use our services at your own risk and that Muckard is not liable for any losses resulting from unauthorized access to your exchange account, API key compromise, or exchange security breaches. It is your responsibility to ensure your API keys are configured correctly and securely managed.

Best Practices for API Security

  • Only grant "read" and "trade" permissions - never "withdraw" or "transfer"
  • Enable IP whitelisting on your exchange if supported
  • Regularly rotate your API keys (monthly recommended)
  • Use unique API keys for each service - never reuse API keys across multiple platforms
  • Monitor your exchange account activity regularly for any unusual trades

Data Retention

Minimum 5-Year Data Retention Period

Muckard retains your personal information and trading data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements.

Retention Periods

  • Account Information: We retain your account information, including name, email, and account settings, for a minimum of 5 years after account closure or last activity.
  • Trading Data and Transaction History: All trading records, transaction history, portfolio performance data, and API activity logs are retained for a minimum of 5 years to comply with financial regulations and tax reporting requirements.
  • Payment and Billing Records: Payment information, subscription history, and billing records are retained for a minimum of 7 years as required by tax laws and financial regulations.
  • API Keys: Encrypted API keys are stored for as long as your account is active and the API connection is maintained. When you disconnect an exchange or delete your account, API keys are securely deleted from active systems but may be retained in encrypted backups for 5 years.
  • Communication Records: Customer support tickets, emails, and other communications are retained for 3 years for quality assurance and legal compliance.
  • Analytics and Usage Data: Aggregated and anonymized usage data may be retained indefinitely for platform improvement and research purposes.

Legal and Regulatory Compliance

We may be required to retain certain data for longer periods to comply with legal obligations, including but not limited to:

  • Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations
  • Tax reporting and financial record-keeping requirements
  • Securities and cryptocurrency trading regulations
  • Legal proceedings, investigations, or regulatory inquiries

Data Deletion After Retention Period

After the applicable retention period has expired, we will securely delete or anonymize your personal information in accordance with our data retention schedule and applicable laws. However, we may retain certain information in anonymized or aggregated form that does not identify you personally.

Requesting Early Deletion

You may request deletion of your personal data at any time by contacting us at privacy@muckard.com. However, please note that we may be unable to delete certain data if we are required to retain it for legal, regulatory, or legitimate business purposes. We will inform you if we cannot fulfill your deletion request and explain the reasons why.

Children's Privacy

Our Services Are Not Intended for Minors Under 18

Muckard does not knowingly collect, solicit, or maintain personal information from anyone under the age of 18, nor do we knowingly allow such persons to register for or use our services. Our platform is designed for adults who are legally capable of entering into binding contracts.

Age Requirement: 18 Years or Older

By using our services, you represent and warrant that you are at least 18 years of age. If you are under 18 years old, you are not permitted to use or register for the Muckard platform under any circumstances.

COPPA Compliance (Children Under 13)

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect any information from children under 13 years of age. Our website, products, and services are all directed to adults and are not designed to attract children under 13.

Parental Notice and Data Removal

If we learn that we have collected personal information from a child under 18 without proper verification of parental consent, we will take immediate steps to delete that information as quickly as possible. If you are a parent or guardian and you believe that your child under 18 has provided us with personal information, please contact us immediately at:

Email: privacy@muckard.com

Please include "Child Privacy Concern" in the subject line and provide details about the account in question. We will investigate and take appropriate action within 48 hours.

Why We Have Age Restrictions

Cryptocurrency trading involves significant financial risk and requires the legal capacity to enter into binding contracts. Age restrictions are in place to:

  • Comply with legal requirements for financial services
  • Protect minors from high-risk financial activities
  • Ensure all users can legally consent to our Terms of Service
  • Comply with privacy laws protecting children's personal information

Legal Basis for Processing Personal Data

If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with similar data protection laws, we process your personal data only when we have a valid legal basis to do so. Our legal bases for processing include:

1. Contractual Necessity

Processing is necessary to perform our contract with you (our Terms of Service) and to provide the automated trading services you have requested.

Examples:

  • Creating and managing your account
  • Executing trades via API connections
  • Processing payments and subscriptions
  • Providing customer support
  • Sending transaction confirmations and account notifications

2. Legitimate Interests

Processing is necessary for our legitimate business interests, provided these interests are not overridden by your data protection rights.

Examples:

  • Improving and optimizing our platform and trading algorithms
  • Detecting and preventing fraud, security threats, and abuse
  • Conducting analytics to understand user behavior and preferences
  • Marketing our services to existing customers
  • Maintaining business records and enforcing legal rights

3. Legal Compliance

Processing is necessary to comply with legal obligations under applicable laws and regulations.

Examples:

  • Complying with tax reporting requirements
  • Responding to legal requests and court orders
  • Maintaining records for financial audits
  • Complying with anti-money laundering (AML) regulations
  • Meeting data retention requirements

4. Consent

In some cases, we rely on your explicit consent to process your personal data.

Examples:

  • Sending marketing emails and promotional communications
  • Using cookies and tracking technologies (where consent is required)
  • Processing sensitive personal data (if applicable)
  • Sharing data with third parties for purposes not covered by other legal bases

Note: You have the right to withdraw your consent at any time. Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal.

5. Vital Interests

In rare cases, processing may be necessary to protect your vital interests or those of another person (e.g., in emergency situations involving health or safety).

Your Rights Under GDPR and Similar Laws

If we process your personal data based on legitimate interests, you have the right to object to such processing. You also have the right to access, rectify, erase, restrict processing, and port your data. To exercise these rights, please contact us at privacy@muckard.com.

International Data Transfers

Muckard is based in the United States (Wyoming). If you access our services from outside the United States, please be aware that your personal data may be transferred to, stored, and processed in the United States or other countries where we or our service providers operate.

These countries may have data protection laws that differ from the laws of your country. By using our services, you consent to the transfer of your data to the United States and other jurisdictions as necessary to provide our services.

Safeguards for International Transfers

When we transfer personal data from the EEA, UK, or Switzerland to countries without adequate data protection laws, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission to protect your data.

Your Privacy Rights

Access Your Data

You have the right to request copies of your personal data

Correct Your Data

You can request correction of inaccurate or incomplete information

Delete Your Data

You can request deletion of your personal information

Opt-Out

You can opt-out of marketing communications at any time

Third-Party Services

We may share your information with third-party service providers who perform services on our behalf, including:

  • Cryptocurrency exchanges (via API connections)
  • Payment processors
  • Analytics providers
  • Cloud hosting services

We ensure all third parties agree to keep your information secure and confidential.

Contact Us

If you have questions or comments about this Privacy Policy, please contact us at:

Email: privacy@muckard.com

Address: 1603 Capitol Ave, Cheyenne, WY 82001, United States

Important Notice

We reserve the right to update this Privacy Policy at any time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.