1. Introduction
Locimens Inc ("Locimens," "we," "us," or "our") operates the Locimens marketing website at https://locimens.com, account and billing services, the Locimens desktop application, and related marketplace and developer tools (collectively, the "Services").
This Privacy Policy explains what information we collect, how we use it, and the choices you have. By creating an account, downloading the desktop app, or otherwise using the Services, you acknowledge this policy.
Contact
- Privacy: [email protected]
- Support: [email protected]
- Mail: Locimens Inc, [REGISTERED ADDRESS TBD], New York, NY, United States
2. Scope
This policy applies to:
- The Locimens marketing website and account portal
- Subscription and one-time purchases processed through our site
- The Locimens desktop application when it connects to Locimens cloud services (authentication, licensing, entitlements, optional sync)
- Developer application and sales inquiry forms on our site
This policy does not govern third-party services you connect to Locimens on your own — including your broker, MetaTrader 5, or LLM providers you configure with your own API keys.
3. Local-first design
Locimens is built to keep sensitive trading workflow data on your machine by default. In normal use:
- Broker login passwords and trading credentials are not transmitted to Locimens cloud services.
- LLM and third-party API keys you configure in the desktop app are stored locally on your device.
- MCP bridge traffic, mailbox data, chat history, and strategy logic run locally unless you explicitly enable a cloud sync feature.
Cloud services primarily handle identity, licensing, billing, and entitlement enforcement — not your raw trading stream.
4. Information we collect
4.1 Account and authentication
When you create or sign in to an account, we collect:
- Email address
- Password (stored by our authentication provider as a secure hash; we do not store plain-text passwords)
- If you use Google sign-in: basic profile information provided by Google (such as your name and email)
Authentication is provided through Supabase Auth.
4.2 Subscriptions, billing, and purchases
When you subscribe to a paid plan or buy a digital product, we collect and store:
- Plan tier and entitlement status
- Purchase and subscription records (product IDs, dates, license state)
- Billing status (active, canceled, renewal dates)
Payment processing is handled by Stripe. Stripe collects payment card and billing details directly. We receive limited billing metadata from Stripe (such as customer ID, subscription status, and transaction references) — not your full card number.
4.3 Device registration
To enforce plan limits on desktop installations, the app may register:
- A device identifier
- Platform (operating system)
- An optional device label you provide
- Last-seen timestamp
4.4 MetaTrader 5 account metadata
To enforce MT5 account limits on your plan, the desktop app may register metadata about MT5 accounts you connect:
- MT5 login number
- Broker server name
- Account display name and currency
- Trade mode and last-seen timestamp
We do not collect your MT5 or broker account password through this registration flow.
4.5 Forms and applications
If you submit forms on our site, we collect the information you provide, such as:
- Sales inquiries (name, email, company, phone, team size, message)
- Developer applications (name, company, website, plugin description, experience, optional notes)
4.6 Optional cloud sync
If you enable features that sync settings or snapshots to the cloud, we may store the data those features explicitly upload (for example, plugin agent settings snapshots tied to your account). We do not enable these uploads by default.
4.7 Technical and security data
We and our infrastructure providers may automatically collect limited technical information necessary to operate and secure the Services, such as:
- IP address and browser type (website visits)
- Authentication session tokens
- Error and security logs
We do not use third-party advertising or analytics trackers on the marketing site.
5. How we use information
We use the information described above to:
- Create and manage your account
- Authenticate you across the website and desktop app
- Deliver licensed software, agents, and digital products
- Enforce subscription tiers, device limits, and MT5 account limits
- Process payments and maintain billing records
- Respond to support requests and sales inquiries
- Review developer applications
- Protect against fraud, abuse, and security incidents
- Improve reliability and comply with legal obligations
We do not sell your personal information.
6. Legal bases (where applicable)
Depending on your location and the activity, we process personal information based on:
- Performance of a contract — to provide the Services you signed up for
- Legitimate interests — to secure, maintain, and improve the Services
- Consent — where required (for example, when you submit optional forms)
- Legal obligation — where we must retain or disclose records by law
7. Service providers
We use trusted third parties to operate the Services. They process data on our behalf under contractual obligations:
| Provider | Purpose |
|---|---|
| Supabase | Authentication, database, and backend APIs |
| Stripe | Payment processing and subscription billing |
| Optional OAuth sign-in | |
| Cloudflare | Website hosting and content delivery |
| Cloud storage (e.g., R2) | Secure delivery of desktop installer artifacts to authenticated users |
When you configure your own LLM or data providers in the desktop app (such as OpenRouter or a local model), those providers operate under your relationship with them, not ours.
8. Cookies and similar technologies
Our website uses essential cookies and local storage to maintain your sign-in session and remember navigation preferences. We do not use cookies for cross-site advertising.
You can control cookies through your browser settings. Disabling essential session cookies may prevent you from staying signed in.
9. Data retention
We retain personal information for as long as your account is active or as needed to provide the Services. After account deletion or a deletion request, we delete or anonymize personal data within a reasonable period, except where we must retain records for:
- Billing, tax, and accounting requirements
- Fraud prevention and dispute resolution
- Legal compliance
Backup systems may retain deleted data for a limited time before automatic purging.
10. Security
We implement administrative, technical, and organizational measures designed to protect your information, including:
- Encryption in transit (HTTPS/TLS)
- Row-level security and access controls on cloud database tables
- Separation of cloud identity data from local trading workflow data
No method of transmission or storage is completely secure. You are responsible for securing your device, account credentials, and any API keys you configure locally.
11. Your choices and rights
Depending on where you live, you may have rights to:
- Access a copy of personal information we hold about you
- Correct inaccurate information
- Delete your account and associated personal data
- Export certain account-linked data
- Opt out of non-essential communications
To exercise these rights, contact [email protected] or [email protected] from the email address on your account. We may need to verify your identity before fulfilling a request.
You may sign out of the website at any time. You may uninstall the desktop app and remove registered devices and MT5 accounts through the app or your account settings where available.
California residents (CCPA/CPRA)
If you are a California resident, you have additional rights under California law, including the right to know what personal information we collect, request deletion, and not receive discriminatory treatment for exercising privacy rights. We do not sell personal information. To submit a request, email [email protected].
12. International users
Locimens is operated from the United States. If you access the Services from outside the U.S., your information may be processed in the U.S. and other countries where our service providers operate. Those countries may have different data protection laws than your home jurisdiction.
13. Children
The Services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will delete it.
14. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy on this page and update the "Last updated" date above. Continued use of the Services after changes become effective constitutes acceptance of the revised policy where permitted by law.
15. Related documents
See also our Terms of Service.