Privacy Policy – Volarixs

Volarixs ("Volarixs," "we," "our," or "us") operates a professional quantitative research platform available at volarixs.com (the "Service").

This Privacy Policy describes how we collect, use, store, disclose, and protect personal data and other information when you access or use the Service.

By using the Service, you acknowledge that your information will be processed in accordance with this Privacy Policy and applicable data protection laws, including the General Data Protection Regulation (GDPR) where applicable.

2.1 Account and Identity Information

When you create or maintain an account, we collect:

• Email address
• Authentication credentials (stored only in hashed/encrypted form)
• Account identifiers and internal user IDs
• Profile information you voluntarily provide
• Authentication tokens, session identifiers, and login metadata

We do not store plaintext passwords.

2.2 Usage, Activity, and Technical Data

We automatically collect information relating to your interaction with the Service, including:

• Pages viewed, features accessed, and actions performed
• Experiments created, configurations used, and models executed
• API requests, responses, and execution metadata
• Job execution logs, runtime metrics, and error traces
• Device and browser characteristics
• IP address and inferred geographic region (not precise location)
• Timestamped access and usage records

This data is essential to operate the Service, enforce usage limits, ensure security, and comply with contractual and legal obligations.

2.3 Research and Platform Data

When you use the Service for quantitative research, we process:

• Asset identifiers (e.g., tickers, instruments, universes)
• Experiment parameters, features, and configurations
• Model outputs, predictions, metrics, and backtest results
• Metadata describing execution context and performance

We do not collect or store:

• Brokerage credentials
• Trading account balances
• Live trading positions
• Personally identifiable financial account information

2.4 Communications

If you contact us, we may collect:

• Your contact details
• Message content
• Support interaction history

We process personal data and related information for the following purposes:

3.1 Service Operation

• Provide, operate, and maintain the Service
• Authenticate users and manage access
• Execute experiments and store results

3.2 Security, Integrity, and Abuse Prevention

• Detect and prevent fraud, abuse, misuse, or unauthorized access
• Enforce rate limits, quotas, and contractual restrictions
• Monitor system integrity and performance

3.3 Analytics and Improvement

• Analyze usage patterns
• Improve performance, reliability, and usability
• Develop new features and capabilities

3.4 Legal and Compliance

• Comply with legal obligations
• Respond to lawful requests
• Enforce Terms of Service and other agreements

Where GDPR applies, we rely on the following legal bases:

• Contractual necessity: To provide the Service
• Legitimate interests: Security, abuse prevention, service improvement
• Legal obligation: Compliance with applicable laws
• Consent: Where explicitly obtained (e.g., optional communications)

5.1 Storage Locations

Data may be stored and processed using the following systems:

• Authentication & Identity: Supabase or equivalent provider
• Primary Databases: PostgreSQL (experiment metadata, configurations)
• Object Storage: S3-compatible storage (datasets, model artifacts, logs)
• Application Infrastructure: Backend services, orchestration systems, and logs

Data is logically isolated by user and access-controlled.

5.2 Security Measures

We implement technical and organizational safeguards, including:

• Encryption in transit (TLS/HTTPS)
• Encryption at rest for sensitive data
• Secure password hashing (e.g., bcrypt or Argon2)
• Role-based access controls
• Audit logging and monitoring
• Network security and firewalls

No system is perfectly secure, but we take reasonable measures consistent with industry standards.

To protect the Service and its users, we explicitly reserve the right to:

• Monitor usage patterns and activity
• Log and analyze access, execution, and export behavior
• Apply automated or manual restrictions
• Investigate suspected violations of our Terms of Service

Such monitoring is limited to what is necessary for security, compliance, and enforcement.

We do not sell personal data.

We may share information only in the following circumstances:

7.1 Service Providers

With trusted third-party providers acting as processors (e.g., cloud hosting, authentication, monitoring), under contractual obligations consistent with this Policy.

7.2 Legal and Regulatory

When required by law, regulation, court order, or lawful government request.

7.3 Corporate Transactions

In connection with a merger, acquisition, restructuring, or asset sale, subject to appropriate safeguards and notice.

7.4 With Your Consent

Where you explicitly authorize disclosure.

We use cookies and similar technologies to:

• Maintain authentication sessions
• Preserve user preferences
• Analyze platform usage and performance

You can control cookies via browser settings, but disabling them may impair functionality.

We retain data only as long as necessary for the purposes described above, including:

• While your account remains active
• As required to operate the Service
• To comply with legal or regulatory obligations
• To resolve disputes or enforce agreements

Upon account deletion, personal data is deleted or anonymized within a reasonable period (generally within 30 days), except where retention is legally required.

Aggregated or anonymized data may be retained for analytical purposes.

Depending on your jurisdiction, you may have the right to:

• Access your personal data
• Rectify inaccurate or incomplete data
• Request erasure ("right to be forgotten")
• Restrict or object to processing
• Request data portability
• Withdraw consent where applicable

Requests may be subject to identity verification and legal limitations.

To exercise your rights, contact: privacy@volarixs.com

Your information may be processed in jurisdictions outside your country of residence.

Where required, we implement appropriate safeguards, including contractual protections, to ensure lawful data transfers.

The Service is intended for professional users and is not directed to individuals under 18.

We do not knowingly collect personal data from minors.

We may update this Privacy Policy from time to time.

Material changes will be communicated by:

• Posting the updated policy
• Updating the "Last Updated" date
• Email notification where appropriate

Continued use of the Service constitutes acceptance of the updated Policy.

• Email: privacy@volarixs.com
• Website: volarixs.com