← Back to inertiax.ioLegal

Privacy Policy

Effective date: April 24, 2026 Last updated: April 24, 2026

This Privacy Policy describes how InertiaX Technologies LLC (a Wyoming, USA limited liability company – “Inertiax”, “we”, “our”, or “us”) collects, uses, stores, and shares information when you use our mobile applications, web application at https://inertiax.io, related APIs, and any other services that link to this policy (collectively, the “Service”).

By creating an account, connecting a broker, or otherwise using the Service, you confirm that you have read and understood this policy.

If you do not agree with this policy, please do not use the Service.

1. Who we are

| Item | Value | |------|-------| | Legal entity | InertiaX Technologies LLC | | Jurisdiction | State of Wyoming, United States of America | | Trading name | Inertiax | | Website | https://inertiax.io | | Support / privacy contact | support@inertiax.io |

InertiaX Technologies LLC acts as the data controller for personal information processed in connection with the Service, except where the policy states otherwise.

2. Summary (plain English)

  • We only collect information that is needed to run the app: your account email, your profile settings, the MT5 broker credentials you choose to connect, and the trading data returned by your broker.
  • We do not sell your personal information.
  • We do not show third-party advertising inside the app.
  • We do not run analytics SDKs, crash-reporting SDKs, or advertising SDKs. We do not embed Facebook, TikTok, Adjust, AppsFlyer, or similar tracking libraries.
  • Your broker password is encrypted at rest on our server before it is stored.
  • You can delete your account and associated personal data at any time by emailing support@inertiax.io.

The rest of this policy explains each of these in detail.

3. Scope

This policy applies to:

  • The Inertiax mobile app for Android (and iOS, where applicable).
  • The Inertiax web application at https://inertiax.io.
  • Any API, edge function, or broker-connector service operated by Inertiax that is used by the mobile or web app.

It does not apply to:

  • Third-party websites or apps that we link to (including your broker’s website, broker affiliate programs, and charts embedded from TradingView). Those services have their own privacy policies and you should review them directly.
  • Information you provide to your broker outside the Service.

4. Age requirement

The Service is intended only for users who are at least 18 years old and who are legally permitted to open a trading account in their jurisdiction. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected personal information from a person under 18, we will delete that information.

If you are a parent or guardian and believe a child under 18 has given us personal information, please contact us at support@inertiax.io.

5. What information we collect

We only collect what we need. The categories below describe everything the current Service collects. If we add new categories in the future, we will update this policy and the Google Play Data Safety form.

5.1 Information you give us directly

Account information

  • Email address.
  • Password (handled by Supabase Auth; we never see or store your password in plaintext; it is hashed by Supabase before storage).
  • Optional profile fields you choose to fill in: display name, avatar image, user role, and feature preferences (e.g. whether the auto-trade feature is enabled for your account).

Broker / MT5 connection information (only if you choose to connect a broker)

  • MetaTrader 5 account login.
  • MetaTrader 5 account password.
  • Broker server name.
  • Account nickname / alias you provide.
  • Optional tags you provide.

Support information

  • Any content you send us when you email support@inertiax.io (your email address, message body, screenshots, account identifiers).

5.2 Information generated by your use of the Service

Trading-related data (pulled from your broker via the MetaTrader 5 connector)

  • Account balance, equity, margin, and free margin snapshots.
  • Open positions, historical positions, and trade orders (symbol, volume, entry/exit prices, timestamps, profit/loss, etc.).
  • Watchlist symbols, live prices, and market data streamed from the broker.
  • Signal configurations, force alerts, and trading-signal events that you create or interact with.

AI analysis interactions

  • Messages you type into the AI chat screens.
  • Market context that the app attaches to your message automatically (e.g. recent price data for the symbol you are asking about, technical indicator values, relevant economic-calendar events).
  • These messages are sent through our Supabase Edge Function to the OpenAI API so the AI can generate a reply. See Section 7 for how OpenAI processes this data.
  • Chat history in the current session is kept in the app’s memory so the AI has context for follow-up questions. We do not currently persist individual chat messages in a dedicated database table on our side, except to the extent logs are produced for debugging and security (see Section 6).

Session and technical information

  • Supabase session tokens (stored on your device by the Supabase SDK so you stay signed in).
  • Device identifiers that you explicitly tie to the app (for example, the selected_mt5_account_id value saved in local preferences so the app remembers your active account).
  • A flag indicating that you acknowledged the compliance disclaimer.

5.3 Information collected automatically when you access our servers

When the app or website contacts our servers (Supabase, the MT5 connector, or our web app), our infrastructure and hosting providers automatically receive:

  • IP address.
  • User-Agent string (operating system, browser or app version).
  • Approximate geographic location inferred from IP.
  • Timestamps of requests.
  • Request paths and status codes.

These records are used for security, abuse prevention, debugging, and infrastructure operations. They are retained according to our hosting providers’ default retention windows.

5.4 What we do not collect

The Android app declares only the following Android permissions:

  • INTERNET
  • ACCESS_NETWORK_STATE

Based on the current build:

  • We do not access your device’s precise or approximate GPS location, camera, microphone, contacts, calendar, SMS, phone state, photo library, or files outside our app’s sandbox.
  • We do not run third-party analytics SDKs (e.g. Firebase Analytics, Mixpanel) or advertising SDKs.
  • We do not run third-party crash-reporting SDKs (e.g. Firebase Crashlytics, Sentry) inside the shipped mobile app.
  • We do not use cross-app or cross-device tracking identifiers (advertising ID, IDFA).
  • We do not sell personal information to third parties.
  • We do not use the information we collect to build an advertising profile about you.

If we ever add any of the above (for example, opt-in crash reporting or push notifications), we will update this policy and Google Play’s Data Safety declaration before the feature is enabled.

6. How we use your information

We use the information described above to:

| Purpose | Examples | |---------|---------| | Provide the Service | Create your account, authenticate you, keep you signed in, remember preferences. | | Connect your broker | Encrypt and store your MT5 credentials so the connector can log into your broker on your behalf to show balances, positions, and to place the trades you confirm. | | Operate core trading features | Stream live prices, display positions, execute the orders you confirm, deliver watchlist and signal data. | | Generate AI analysis | Send your question plus the attached market context to the OpenAI API via our Edge Function and return the response to you. | | Security and abuse prevention | Detect suspicious sign-ins, brute-force attempts, and irregular API usage; respond to security incidents; enforce rate limits. | | Comply with law | Respond to lawful requests from courts or regulators, enforce our Terms of Use, and defend against legal claims. | | Improve the Service | Investigate bugs, diagnose errors in server logs, measure reliability of infrastructure. | | Communicate with you | Send transactional emails (password resets, security alerts, important service notices). |

We do not use your information for behavioral advertising, for profiling unrelated to the Service, or for any purpose not listed in this policy without first obtaining your consent and updating this policy.

7. How we share your information

We share personal information only in the limited situations described below. We do not sell your information.

7.1 Service providers (“processors”) we rely on

| Provider | What we share | Why | Transfer / location | |----------|----------------|----|---------------------| | Supabase, Inc. | Account email, hashed password, profile fields, trading-related rows (signals, alerts, account metadata), session tokens. | Authentication, database, realtime updates, edge functions. | Processed on Supabase infrastructure; data may be stored outside your country, including the United States. Subject to Supabase’s privacy policy. | | OpenAI, L.L.C. | Your AI chat messages and the market context the app attaches to each message. | To generate the AI reply. Calls are made server-side from our Supabase Edge Function. | OpenAI’s API processors (including United States). Subject to OpenAI’s API data usage policy. | | Inertiax MetaTrader 5 connector host (Railway) | MT5 login, MT5 password (encrypted at rest), broker server, account metadata, and the trading data needed to execute your requests. | Hosts the server that connects to MetaTrader 5 on your behalf. | Railway data centers; subject to Railway’s privacy policy. | | MetaTrader 5 infrastructure / API | Your broker credentials (decrypted in-memory only for the duration of each broker call), order requests, account queries. | Executes trades and reads account state from your broker. | The MetaTrader 5 infrastructure we use is operated by a specialist third-party provider and is subject to that provider’s policies. | | Netlify / Vercel (web hosting) | Standard server access logs (IP, User-Agent, request path). | Hosts https://inertiax.io. | Subject to the host’s privacy policy. | | Google LLC (Google Fonts) | Your IP address and User-Agent, when your device fetches a font file for the app’s splash screen. | Renders the brand typography. | Google Fonts service; subject to Google’s privacy policy. | | TradingView, Inc. | Your IP address, User-Agent, and any cookies set while viewing charts inside the in-app TradingView WebView. | Renders charts and technical analysis. | Subject to TradingView’s privacy policy. |

We enter into written agreements, or rely on the provider’s standard terms, that require each service provider to use the data only for the purposes we instruct.

7.2 Your broker and broker affiliate programs

When you connect a MetaTrader 5 account, the Service logs into your broker using the credentials you provide so that it can read your account data and send the orders you confirm. Your broker receives:

  • The login information required by MetaTrader 5 (login, password, broker server).
  • Order instructions you confirm in the app (symbol, volume, side, stop loss, take profit, etc.).

If you follow a broker-connect or invite link from within the Service, you may be redirected to a broker’s own website. That broker is an independent third party with its own privacy policy, and any information you provide on the broker’s site is collected by the broker, not by us.

7.3 Legal, safety, and business transfers

We may disclose information:

  • If we are required to do so by law, regulation, legal process, or governmental request (for example, a subpoena).
  • If we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Inertiax, our users, or the public, or to investigate fraud, security, or technical issues.
  • In connection with a merger, acquisition, reorganization, financing, or sale of assets, in which case personal information may be transferred as part of that transaction. We will notify you of any such transfer by updating this policy and, where required by law, contacting you directly.

7.4 With your consent

We may share information in other ways if you ask us to or give us clear consent to do so.

8. International data transfers

Inertiax is based in the United States. The service providers listed in Section 7.1 may also process data in the United States and in other countries. If you are located outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States and other countries whose data-protection laws may be different from those in your jurisdiction.

By using the Service, you consent to the transfer of your information to the United States and to the service providers we use.

Where required by applicable law (for example, the GDPR), we rely on appropriate safeguards such as standard contractual clauses with our processors or their equivalent.

9. How we store and protect information

  • Transport encryption: The app and website use HTTPS for all communication with our servers. The Android build explicitly disables cleartext HTTP traffic.
  • At-rest encryption of broker credentials: Your MT5 login and MT5 password are encrypted server-side using AES-256-GCM with a key held only by our MT5 connector (CREDENTIALS_ENCRYPTION_KEY). Only an encrypted representation is written to the database.
  • Password storage: Account passwords are hashed by Supabase Auth. We cannot recover or read them.
  • Access controls: Database access is restricted by Supabase Row Level Security so that each user can only read rows associated with their own account. Administrative access is limited to authorized personnel.
  • Backups and device-transfer: The Android app is configured to exclude its sandboxed data (shared preferences, databases, files) from automatic cloud backup and from device-to-device transfer, so that session tokens and broker identifiers are not copied off-device without a fresh sign-in.
  • No end-to-end encryption claim: We do not claim end-to-end encryption. Broker credentials are decrypted in-memory on our servers when they are needed to execute a broker call, then discarded.

No method of transmission or storage is perfectly secure. We cannot guarantee absolute security, but we work to protect personal information using reasonable administrative, technical, and physical safeguards.

10. How long we keep information

  • Account data (email, profile, preferences): Kept for as long as your account is active. Deleted on your request (see Section 11) or after prolonged inactivity, subject to any legal obligations we may have to retain it.
  • Broker credentials: Kept while the corresponding broker connection is active. Deleted when you remove that broker account from the Service, or when the account is fully deleted.
  • Trading data (positions, orders, signals, alerts): Retained for operational and historical-display purposes for the life of the account. You can request deletion of your account, which removes this data subject to applicable record-keeping obligations.
  • AI chat input/output: The in-app chat window lives only in memory for the session; closing the app discards it. Server-side processing logs from OpenAI and our Edge Function may be retained by the respective providers for abuse-prevention and debugging purposes per their own policies.
  • Server logs: Retained according to the default retention windows of our hosting providers (Supabase, Railway, Netlify/Vercel).

11. Your rights

Depending on where you live, you may have some or all of the following rights in relation to your personal information:

  • Access. Request a copy of the personal information we hold about you.
  • Correction. Ask us to correct inaccurate or incomplete information.
  • Deletion. Ask us to delete your account and associated personal information, subject to limited exceptions (for example, information we must keep for legal reasons).
  • Portability. Ask us to provide your data in a structured, commonly used, machine-readable format.
  • Restriction / Objection. Ask us to restrict or object to certain processing, including processing based on our legitimate interests.
  • Withdraw consent. Where we rely on your consent, you may withdraw that consent at any time.
  • Complaint. Lodge a complaint with your local data-protection authority. We encourage you to contact us first so we can try to resolve the issue.

To exercise any of these rights, email support@inertiax.io from the email address associated with your account. We will respond within the time required by applicable law. We may need to verify your identity before we act on your request.

11.1 California residents (CCPA / CPRA)

California residents have additional rights, including:

  • The right to know what categories of personal information we have collected about you and the sources, purposes, and third parties with whom we have shared it.
  • The right to delete personal information, subject to exceptions.
  • The right to correct inaccurate personal information.
  • The right to opt out of the sale or sharing of personal information for cross-context behavioral advertising. We do not sell or share personal information for cross-context behavioral advertising, so there is nothing to opt out of.
  • The right not to receive discriminatory treatment for exercising any of these rights.

11.2 European Economic Area / United Kingdom / Swiss residents

If you are located in the EEA, the UK, or Switzerland, the legal bases we rely on to process your personal information are:

  • Contract – to provide the Service you signed up for.
  • Legitimate interests – to keep the Service secure, detect abuse, debug errors, and communicate important service information, where those interests are not overridden by your interests and rights.
  • Legal obligation – where we are required to process information to comply with the law.
  • Consent – where required by law (for example, optional marketing communications). You can withdraw consent at any time.

12. Children

The Service is not directed to children under 18, and we do not knowingly collect personal information from anyone under 18. See Section 4.

13. Third-party links

The app and website may contain links to third-party websites (for example, broker sign-up pages, TradingView, our hosted legal pages). This policy does not cover those third parties. We encourage you to read the privacy policies of any third-party services you use.

14. Push notifications

The current build does not send push notifications. The code contains scaffolding that may be enabled in a future release. If we enable push notifications, we will update this policy and the Google Play Data Safety form before that feature is activated, and push notifications will be opt-in where required by applicable law.

15. Changes to this policy

We may update this policy from time to time. When we do, we will update the “Last updated” date at the top of this page and, if the changes are material, we will provide an additional notice (for example, an email or an in-app banner). Your continued use of the Service after an updated policy takes effect means you accept the updated policy.

16. Contact us

For any questions, requests, or complaints about this policy or how your information is handled, please contact:

InertiaX Technologies LLC Attn: Privacy Email: support@inertiax.io Website: https://inertiax.io

A physical mailing address for formal legal notices is available on request.