Privacy and Data Handling
Data categories
Stockey may process account data, strategy inputs, uploaded scripts, CSV files, broker historical-data session metadata, historical testing reports, AI-assisted review inputs, generated package metadata, billing records, support messages, and security logs.
Counsel review
Public legal copy requires qualified counsel review before production reliance.
Storage posture
- No permanent broker-secret storage by default.
- No permanent raw market-data storage by default.
- Broker session tokens should expire after the user-requested workflow or explicit disconnect.
- CSV uploads should be temporary unless saved by user action or needed for a saved report.
- AI-assisted prompts and outputs may be retained with account/project history where enabled, but users should avoid submitting restricted or confidential data.
- Generated package artifacts should be short-lived download artifacts.
- Support messages may be retained for troubleshooting, audit, security, and legal needs.
- Payment, tax, legal, dispute, and security records may be retained where required.