Privacy & Data Policy
Last updated: May 22, 2026. Learn how our local-first architecture keeps your credentials and trading strategies strictly private on your own hardware.
At Strat Ai, we prioritize the absolute sovereignty of your trading configurations and credentials. Because our software terminal operates entirely inside a sandboxed desktop client, we do not monitor, compile, or sell your trading logs, watchlist entries, or ML indicator configurations.
1. No Cloud Storage for Brokerage or Exchange Credentials
Strat Ai is a local desktop application. Your Zerodha Kite Connect API keys, daily access tokens, and Crypto exchange API secrets are stored locally on your own machine. We do not operate cloud databases to host or mirror your credentials, rendering centralized leaks impossible.
2. Tauri Stronghold Encryption Standards
All sensitive files, including credentials and user watchlist paths, are written to local disk directories encrypted inside a Tauri Stronghold vault using Argon2id master key derivation and AES-GCM-256 encryption. Memory is zeroed out immediately after API requests complete to prevent RAM scraper exploits.
3. Direct-to-Broker & Exchange WebSocket Pipeline
When connecting your feed, the client initiates a direct connection from your computer to the official broker gateway (wss://ws.kite.trade) or direct Crypto exchange WebSockets. Ticks are parsed locally, queued on your local Redpanda bus, and cached on your local QuestDB instance. No telemetry or transaction details are routed through intermediary servers.
4. Anonymized Diagnostic Audits
If you explicitly toggle 'Submit Diagnostics' in the developer panel, the application will periodically send anonymized system crash telemetry (e.g. system memory allocation locks or Tokio stream panics) to our support system. These reports never contain API keys, trading decisions, or custom strategy parameters.