Systemly Logo

Legal

Privacy Policy

Last updated: 8 October 2025  ·  Effective: 8 October 2025

Good Market Trader LTD (“we”, “us”, “our”) is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use Systemly.ai (the “Platform”). Please read it carefully. If you do not agree with its terms, please discontinue use of the Platform.

1. Information We Collect

We collect several types of information to provide and improve the Platform.

1.1 Personal Information You Provide

  • Account Details: name, email address, username, and password
  • Profile Information: trading experience level, account size preferences, trading goals, and risk tolerance
  • Payment Information: billing address (payment card details are processed directly and securely by our third-party payment processor — we do not store card numbers)
  • Communications: support enquiries, feedback, survey responses, and email correspondence
  • Onboarding Data: responses to questions about trading experience, goals, and preferences

1.2 Trading Strategy Data

  • Custom strategy configurations and parameters
  • Backtesting settings and historical analysis requests
  • Risk management preferences and position sizing parameters
  • Preferred trading styles, timeframes, and instruments
  • Alert preferences and notification settings
  • Community-shared strategies (only if you choose to share them)

1.3 Automatically Collected Information

  • Usage Data: features accessed, time spent on the Platform, interaction patterns, and click behaviour
  • Device Information: IP address, browser type, operating system, device identifiers, and screen resolution
  • Cookies & Tracking Technologies: session data, preferences, and analytics data (see Section 9 and our Cookie Policy)
  • Performance Data: platform performance metrics, error logs, and crash reports
  • Approximate Location: derived from IP address only

1.4 Third-Party Integration Data

  • MT4/MT5 connection status and authorisation tokens (encrypted at rest and in transit)
  • Integration logs and error reports
  • We do not access your trading account credentials, balances, or transaction history

2. How We Use Your Information

2.1 Service Delivery

  • Provide and maintain Platform functionality
  • Generate AI-powered trade analysis and alerts based on your configured strategies
  • Process subscriptions and payments
  • Deliver customer support and respond to enquiries
  • Send transactional communications about your account and service

2.2 Service Improvement

  • Analyse usage patterns to enhance features and user experience
  • Develop and test new AI models and algorithms
  • Conduct research and statistical analysis
  • Optimise Platform performance and reliability
  • Personalise your experience based on stated preferences

2.3 Communications

  • Transactional emails: account updates, password resets, and billing notifications
  • Customer support responses
  • Marketing communications, including newsletters and product updates (only with your consent)
  • Educational content and trading insights (only with your consent)

2.4 Legal & Safety

  • Comply with applicable legal obligations and regulations
  • Enforce our Terms of Service
  • Detect and prevent fraud, abuse, and security threats
  • Respond to lawful requests from courts or regulatory authorities
  • Protect our rights, property, and the safety of our users

3. Legal Basis for Processing (UK GDPR)

We process personal data only where we have a lawful basis to do so. The bases we rely on are:

  • Contractual Necessity: to perform services you have subscribed to
  • Consent: for marketing communications and optional features — you may withdraw consent at any time without detriment
  • Legitimate Interests: for service improvement, fraud prevention, security, and anonymised analytics, where those interests are not overridden by your rights
  • Legal Obligation: to comply with UK and applicable international law

4. Data Sharing and Disclosure

We do not sell your personal information to third parties.

4.1 Service Providers

We share data with trusted third-party service providers who assist us in operating the Platform. Current categories include:

  • Payment Processors: Stripe (subscription billing)
  • Cloud Hosting: AWS, Vercel, or equivalent providers (data storage and platform hosting)
  • Email Services: SendGrid, Mailgun, or equivalent (transactional and marketing emails)
  • Analytics: Google Analytics, Mixpanel, or equivalent (anonymised usage data only)
  • Customer Support Tooling: Intercom, Zendesk, or equivalent

All service providers are bound by data processing agreements that restrict their use of your data to the purposes for which it was shared.

4.2 Legal Requirements

  • To comply with court orders, subpoenas, or other legal processes
  • To respond to lawful requests from law enforcement or regulatory authorities
  • To protect our rights, property, or the safety of our users
  • To prevent or investigate fraud or security incidents
  • In connection with a business transaction such as a merger, acquisition, or sale of assets (subject to appropriate confidentiality obligations)

4.3 Anonymised and Aggregated Data

We may share aggregated, anonymised data that cannot identify any individual. This may include platform usage statistics, industry research, and product development insights.

4.4 Community-Shared Content

If you choose to share strategies with the community, your username and shared strategy details will be visible to other users. Personal details are not automatically shared. You may delete shared content at any time.

5. Data Security

We implement industry-standard technical and organisational measures to protect your data, including:

  • Encryption in Transit: TLS/SSL encryption for all data transmission
  • Encryption at Rest: database-level encryption for stored data
  • Access Controls: role-based access controls and multi-factor authentication for internal systems
  • Security Monitoring: continuous logging, anomaly detection, and periodic vulnerability assessments
  • Password Security: passwords hashed using bcrypt or equivalent algorithms — we never store plaintext passwords
  • Two-Factor Authentication: available to users for enhanced account security

No method of electronic transmission or storage is completely secure. While we take all reasonable steps to protect your data, we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for notifying us promptly if you suspect unauthorised access.

6. Data Retention

  • Active Accounts: data retained for as long as your account remains active
  • Inactive Accounts: accounts inactive for more than 24 months may be deleted following advance notice to you
  • Deleted Accounts: personal data deleted within 30 days of account deletion, except where retention is required by law
  • Financial Records: billing and payment records retained for 7 years in compliance with UK tax and accounting obligations
  • Anonymised Data: may be retained indefinitely for research, analytics, and service improvement

7. Your Rights Under UK GDPR

You have the following rights in relation to your personal data. To exercise any of these rights, email us at info@systemly.ai with “Data Subject Request” in the subject line. We will verify your identity and respond within 30 days (extendable to 60 days for complex requests). No fee is charged unless a request is manifestly unfounded or excessive.

7.1 Right of Access

  • Request a copy of all personal data we hold about you
  • Receive information about how and why we process it

7.2 Right to Rectification

  • Request correction of inaccurate or incomplete personal data
  • Update your profile information directly through account settings

7.3 Right to Erasure

  • Request deletion of your personal data
  • Subject to any legal retention obligations (e.g. financial records)
  • Anonymised data derived from your data may be retained for statistical purposes

7.4 Right to Restrict Processing

  • Ask us to limit how we process your data in certain circumstances
  • Data will be retained but not actively processed during any restriction period

7.5 Right to Data Portability

  • Receive your personal data in a structured, commonly used, machine-readable format (JSON or CSV)
  • Request direct transfer of your data to another controller where technically feasible

7.6 Right to Object

  • Object to processing based on our legitimate interests
  • Opt out of direct marketing at any time, without giving a reason

7.7 Right to Withdraw Consent

  • Withdraw consent for marketing communications at any time via the unsubscribe link in any email or by emailing us
  • Adjust cookie preferences at any time through our cookie banner
  • Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal

You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe we have not handled your personal data in accordance with applicable law.

8. International Data Transfers

Our primary servers are located within the United Kingdom and/or the European Economic Area. Where we transfer personal data outside these territories, we ensure an adequate level of protection is in place through:

  • UK International Data Transfer Agreements (IDTAs) for transfers to countries not covered by an adequacy decision
  • EU Standard Contractual Clauses (SCCs) where applicable
  • Adequacy decisions recognised under UK GDPR or EU GDPR
  • Encryption and security measures for all data in transit and at rest

We comply with both UK GDPR and, where applicable, EU GDPR requirements.

9. Cookies and Tracking Technologies

We use cookies and similar technologies. For full details, please see our Cookie Policy. In summary:

9.1 Types of Cookies We Use

  • Strictly Necessary: essential for core Platform functionality and security — these cannot be disabled
  • Analytics: help us understand how users interact with the Platform (e.g. Google Analytics) — requires your consent
  • Marketing: used to deliver relevant advertising and measure campaign performance — requires your consent

9.2 Managing Cookies

  • Use our cookie consent banner to set your preferences when you first visit the Platform
  • Adjust or withdraw consent at any time via the cookie settings link in the footer
  • Configure or block cookies through your browser settings — note that disabling necessary cookies may affect Platform functionality

10. Children's Privacy

The Platform is intended solely for users aged 18 and over. We do not knowingly collect personal data from individuals under 18. If we become aware that we have collected data from a minor, we will delete it promptly. Parents or guardians who believe their child has provided us with personal data should contact us immediately at info@systemly.ai.

11. Marketing Communications

11.1 Transactional Emails (cannot be opted out of)

  • Account confirmations and password reset emails
  • Payment receipts and billing notices
  • Security alerts and account notifications
  • Material changes to these legal terms

11.2 Marketing Emails (opt-in, can be opted out of)

  • Newsletters and trading education content
  • Product updates and new feature announcements
  • Educational articles and strategy insights
  • Promotional offers

11.3 How to Opt Out of Marketing

  • Click the 'Unsubscribe' link in any marketing email
  • Adjust email preferences in your account settings
  • Email info@systemly.ai with an opt-out request

Opting out of marketing emails does not affect transactional communications.

12. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms:

  • We will notify affected users without undue delay and, where feasible, within 72 hours of becoming aware of the breach
  • Notification will describe the nature of the breach and the categories of data affected
  • We will outline the steps being taken to contain and remediate the breach
  • We will recommend protective actions you should take
  • We will notify the relevant supervisory authority as required by applicable law

13. Third-Party Websites and Services

The Platform may contain links to third-party websites or integrate with third-party services (such as MT4/MT5 platforms or social media). We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing personal information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Where changes are material, we will notify you by email or via a prominent notice on the Platform prior to the change taking effect. The updated policy will display a revised “Last Updated” date. Continued use of the Platform after that date constitutes acceptance of the revised policy. We encourage you to review this page periodically.

15. Contact Us

For privacy enquiries, data subject requests, or concerns about how we handle your data, please contact us:

  • Email: info@systemly.ai (subject line: 'Privacy Inquiry' or 'Data Subject Request')
  • Post: Data Protection, Good Market Trader LTD, 128 City Road, London, EC1V 2NX, United Kingdom

We aim to respond to general enquiries within 5 business days and formal data subject requests within 30 days.

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection supervisory authority in your jurisdiction.

Good Market Trader LTD
Company Registration Number: 16249980
128 City Road, London, EC1V 2NX, United Kingdom

This Privacy Policy is effective as of 8 October 2025 and applies to all users of Systemly.ai. For questions, please visit our Cookie Policy or our Terms of Service.