This Privacy Notice describes how Amarcode Studios Limited, trading as dotQuant ("we", "us" or "our"), collects, uses, shares, and protects your personal data when you use the dotQuant website, APIs, software, and related services (collectively, the "Service"). We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Last updated: February 22, 2026
1. Data Controller
The data controller responsible for your personal data is Amarcode Studios Limited, trading as dotQuant, a company registered in England & Wales.
If you have any questions about how we process your data, you can contact us at support@dotquant.io.
2. Information We Collect
We collect and process the following categories of personal data:
a. Information You Provide
When you register for an account, contact us, or use our Service, you may provide:
Your name and email address;
Account credentials (managed via our authentication provider, Hanko);
Broker API credentials you choose to link (encrypted at rest — see our Documentation for details);
Any correspondence or support requests you send us.
b. Information Collected Automatically
When you access our website or Service, we may automatically collect:
IP address, browser type, operating system, and device information;
Pages visited, time spent on pages, and referral URLs;
Log data including timestamps of webhook signals processed by the Service.
c. Cookies and Tracking Technologies
We use essential cookies to operate the Service (e.g., authentication session cookies). For full details, see our Cookie Policy.
3. Legal Basis for Processing
Under the UK General Data Protection Regulation (UK GDPR), we process your personal data on the following legal bases:
Contract: Processing necessary to provide the Service you have signed up for.
Legitimate interests: Improving our Service, preventing fraud, and ensuring security.
Legal obligation: Complying with applicable laws and regulations.
Consent: Where you have given explicit consent (e.g., marketing communications), which you may withdraw at any time.
4. How We Use Your Information
We use your personal data for the following purposes:
To provide, operate, and maintain the Service;
To authenticate your identity and manage your account;
To transmit trading signals to your connected broker accounts at your direction;
To communicate with you, including responding to support requests and sending service-related notices;
To monitor and improve the performance, security, and reliability of the Service;
To comply with legal obligations and enforce our Terms of Service.
5. How We Share Your Information
We do not sell your personal data. We may share your information in the following limited circumstances:
Service providers: Third-party providers who help us operate the Service (e.g., hosting, authentication, analytics), bound by contractual data protection obligations.
Broker APIs: When you link a broker account, your encrypted credentials are used solely to transmit signals at your direction. We do not share your credentials with any other party.
Legal requirements: If required by law, regulation, legal process, or governmental request.
Business transfers: In connection with a merger, acquisition, or sale of company assets, with appropriate data protection safeguards.
6. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes described in this notice, or as required by law. Specifically:
Account data: Retained for the duration of your account and deleted upon request or account closure, subject to any legal retention obligations.
Signal and order logs: Retained for a reasonable period to support your trading journal and audit trail, after which they are anonymised or deleted.
Support correspondence: Retained for up to 24 months after your last interaction.
7. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including:
AES-256 encryption for broker API credentials, managed via a Hardware Security Module (HSM);
Encrypted connections (TLS) for all data in transit;
Access controls limiting employee access to personal data on a need-to-know basis.
No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
8. International Transfers
Your data may be processed on servers located outside the United Kingdom. Where we transfer personal data internationally, we ensure appropriate safeguards are in place, such as:
Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO);
Transfers to countries recognised as providing an adequate level of data protection.
You may contact us for further details about the specific safeguards applied to any transfer.
9. Your Rights
Under the UK GDPR, you have the following rights regarding your personal data:
Right of access: Request a copy of the personal data we hold about you.
Right to rectification: Request correction of inaccurate or incomplete data.
Right to erasure: Request deletion of your personal data ("right to be forgotten").
Right to restrict processing: Request that we limit how we use your data.
Right to data portability: Receive your data in a structured, commonly used format.
Right to object: Object to processing based on legitimate interests or for direct marketing.
Right to withdraw consent: Where processing is based on consent, withdraw it at any time.
To exercise any of these rights, please contact us at support@dotquant.io. We will respond within one month of receiving your request, as required by law.
10. Cookies
We use essential cookies required for the Service to function (e.g., session authentication). We do not use advertising or third-party tracking cookies.
For full details, please see our Cookie Policy.
11. Children's Privacy
The Service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take steps to delete it.
12. Changes to This Privacy Notice
We may update this Privacy Notice from time to time to reflect changes in our practices or applicable law. We will post the revised notice on this page and update the "Last updated" date. We encourage you to review this notice periodically.
For material changes, we will make reasonable efforts to notify you (e.g., via email or a notice within the Service).
13. Complaints
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Website: ico.org.uk
Telephone: 0303 123 1113
We would appreciate the opportunity to address your concerns before you contact the ICO, so please reach out to us first at support@dotquant.io.
14. Contact Us
If you have any questions about this Privacy Notice or our data practices, please contact us at:
support@dotquant.io
dotQuant is a trading name of Amarcode Studios Limited, a company registered in England & Wales.