This Privacy Policy describes how AlphaNex di Natuzzi Sante collects, uses and protects the personal data of users accessing the Alphanex platform. Processing takes place in compliance with the Swiss Federal Act on Data Protection (nFADP) and, where applicable, the EU Regulation 2016/679 (GDPR).
The controller of personal data processing is:
For any privacy-related request, you can contact us at the email address indicated.
We collect the following categories of personal data:
| Category | Specific data | Source |
|---|---|---|
| Account data | Email address, username, password (hashed), registration date | Provided by the user |
| Payment data | Subscription information (plan, status, renewal date). Card/IBAN data never passes through our servers | Payment processor |
| Usage data | Backtest sessions, saved settings, shared strategies, activity logs | Automatically generated during use |
| Technical data | IP address, browser type, operating system, timezone, pages visited, session duration | Automatically collected |
| Communications | Content of emails sent to support | Provided by the user |
| User-uploaded CSV | CSV files voluntarily uploaded for personal analysis. Processed transiently during the analysis session; not permanently archived or shared with third parties. Ownership remains exclusively with the User. | Voluntarily uploaded by the user |
We do not collect sensitive data (health, political orientation, religion, biometrics) or data of unregistered third-party individuals.
| Purpose | Legal basis |
|---|---|
| Account creation and management | Performance of contract (Art. 6.1.b GDPR / nFADP) |
| Provision of backtest and analysis service | Performance of contract |
| Payment management | Performance of contract + legal obligation |
| Sending service communications (updates, invoices) | Performance of contract |
| Sending promotional communications and newsletters | Consent (revocable at any time) |
| Security, fraud and abuse prevention | Legitimate interest |
| Product improvement and aggregated analysis | Legitimate interest |
| Compliance with tax and legal obligations | Legal obligation |
| Processing of user-uploaded CSV for analysis and backtest | Performance of contract (transient processing; no permanent archival) |
We retain personal data for the time strictly necessary for the indicated purposes:
After these periods, data is deleted or anonymized irreversibly.
We do not sell or rent your personal data to third parties. We share data exclusively with the following parties and only to the extent necessary:
| Provider | Role | Shared data |
|---|---|---|
| Stripe (Stripe Payments Europe Ltd. — Ireland / Stripe Inc. — USA) | Payment processing and subscription management | Email, subscription plan, country, billing data. |
| Hetzner Online GmbH (Germany, EU) | Server infrastructure / hosting | Technical data logged on the server |
| Namecheap Private Email (Namecheap Inc. — USA) | Sending transactional / service emails | Email address, message content |
| Anthropic PBC (USA) | AI processing for optional AI features (Pattern Analysis, Trade Coach, Edge AI, Strategy Builder, AI Journal) | Chart screenshots, trade data and journal text submitted when you actively use an AI feature. Processed only to generate the response; not used to train AI models. |
All providers are selected for their compliance with the nFADP and/or GDPR and are bound by contractual data processing agreements.
We may communicate data to public authorities when required by Swiss law or judicial orders.
Data may be transferred and processed in countries outside Switzerland or the European Union. In such cases, we ensure that:
Specifically, some sub-processors are located in the United States: Stripe (payment processing), Namecheap (transactional email) and Anthropic (optional AI features). These transfers are governed by Standard Contractual Clauses and, where applicable, the EU-US / Swiss-US Data Privacy Framework. Our hosting provider (Hetzner) is located in the European Union (Germany).
Data sent to AI features is transmitted to Anthropic only when you actively trigger an AI function, solely to generate the requested analysis, and is not used to train models.
We use a minimal number of cookies strictly necessary for the operation of the service:
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
session_token |
Technical / necessary | Maintain authenticated session | 30 days (or until logout) |
| Payment processor cookies | Technical / payment | Checkout and subscription management | Variable |
We do not use profiling cookies or third-party advertising cookies. We do not install marketing trackers (Facebook Pixel, Google Ads, etc.).
Since we only use strictly necessary technical cookies, prior consent is not required for their use under applicable regulations.
We adopt appropriate technical and organizational measures to protect personal data from unauthorized access, loss, alteration or disclosure:
In case of a personal data breach that poses a risk to the rights and freedoms of data subjects, we undertake to: (i) notify the breach to the competent supervisory authority within 72 hours of discovery, where required by GDPR (Art. 33) or nFADP; (ii) communicate the breach directly to affected Users without undue delay when the breach is likely to result in a high risk to their rights.
Under the Swiss nFADP and GDPR (for users residing in the EU) you have the following rights:
To exercise your rights, write to support@alphanex.io. We will respond within 30 days of receiving the request. We may ask you to verify your identity before proceeding.
You can delete your account at any time from the platform settings. Deletion results in the removal of all usage data within 30 days, subject to tax retention obligations.
If you believe your rights have not been respected, you have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) in Switzerland, or with the supervisory authority of your country of residence if you reside in the EU.
Alphanex is intended exclusively for users who have reached 18 years of age. We do not knowingly collect personal data of minors. If we become aware of having collected data of a minor, we will proceed with immediate deletion. If you are the parent or guardian of a minor who has created an account, contact us at support@alphanex.io.
The platform may contain links to third-party websites (e.g. educational resources). We are not responsible for the privacy practices of such sites. We recommend reading their privacy notices before providing personal data.
We reserve the right to update this Privacy Policy at any time to reflect regulatory, technological or operational changes. Substantial changes will be communicated through:
The date of the last update is always indicated at the top of this document. Continued use of the service after notification constitutes acceptance of the updated version.
For any question, request or complaint regarding the processing of your personal data:
For formal complaints to the Swiss supervisory authority: Federal Data Protection and Information Commissioner (FDPIC) — www.edoeb.admin.ch