Nyria

Privacy Policy

Last updated: January 24, 2026

Introduction

Nyria, Inc. ("Nyria," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our trade automation platform and related services (the "Platform").

By accessing or using the Platform, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Platform.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, password, and other registration details.
  • Payment Information: Billing address, payment method details (processed by our third-party payment processors).
  • Trading Configuration: Strategy settings, bot configurations, instrument selections, and position sizing preferences.
  • Integration Credentials: OAuth tokens, API keys, and access tokens for connected brokerages and exchanges (stored encrypted).
  • Communication Data: Messages sent through support channels, feedback, and survey responses.
  • Discord/Telegram Data: Server IDs, channel IDs, and message content from channels you configure for alert monitoring.

1.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system, device identifiers.
  • Usage Data: Pages visited, features used, actions taken, timestamps, and session duration.
  • Log Data: Server logs including requests, responses, errors, and performance metrics.
  • Trading Activity: Alerts received, orders placed, execution results, and transaction history.
  • Cookies and Similar Technologies: See our Cookie Policy for details.

1.3 Information from Third Parties

  • Brokerage Data: Account balances, positions, order status, and execution details from connected brokers.
  • OAuth Providers: Profile information from Google, Discord, or other OAuth providers you use to authenticate.
  • Payment Processors: Transaction status and billing confirmations from Stripe or other payment providers.
  • Alert Sources: Webhook data, alert content, and metadata from TradingView, Discord, Telegram, and other connected services.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Services: Operate the Platform, process alerts, execute trades, and manage your account.
  • Process Payments: Handle billing, subscriptions, and payment processing.
  • Communicate: Send service notifications, security alerts, support responses, and important updates.
  • Improve the Platform: Analyze usage patterns, diagnose issues, and develop new features.
  • Security: Detect and prevent fraud, abuse, and security threats.
  • Legal Compliance: Comply with applicable laws, regulations, and legal processes.
  • Analytics: Generate aggregated, anonymized statistics about Platform usage.
  • Marketing: With your consent, send promotional communications (you can opt out at any time).

3. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Service Providers

We share information with trusted third-party service providers who assist us in operating the Platform. These providers are contractually obligated to protect your information and use it only for the purposes we specify. Categories of service providers include:

  • Cloud Infrastructure: Hosting, storage, and computing services
  • Payment Processing: Stripe and other payment processors for subscription billing
  • Analytics: Usage analytics and performance monitoring
  • Customer Support: Help desk and communication tools
  • Email Services: Transactional and marketing email delivery
  • Authentication: OAuth providers (Google, Discord) for sign-in
  • Security: Fraud prevention and security monitoring

3.2 Connected Services

When you connect your brokerage, exchange, or other third-party accounts, we transmit necessary information to those services to execute trades and sync data. Your use of these third-party services is governed by their own privacy policies.

3.3 Legal Requirements

We may disclose your information if required to do so by law, subpoena, court order, or other legal process, or if we believe in good faith that such disclosure is necessary to: (a) comply with legal obligations; (b) protect and defend our rights or property; (c) prevent fraud or illegal activity; (d) protect the safety of users or the public; or (e) protect against legal liability.

3.4 Business Transfers

If Nyria is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and your choices regarding your information.

3.5 Aggregated Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for any purpose, including research, marketing, and analytics.

3.6 With Your Consent

We may share your information for other purposes with your explicit consent.

4. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Secure Storage: API keys and OAuth tokens are stored using industry-standard encryption with key rotation.
  • Access Controls: Strict access controls, multi-factor authentication, and principle of least privilege for internal systems.
  • Security Reviews: Regular security assessments, penetration testing, and vulnerability scanning.
  • Incident Response: Established procedures for detecting, responding to, and reporting security incidents.
  • Employee Training: Regular security awareness training for all personnel with data access.
  • Vendor Management: Security assessments of third-party service providers handling sensitive data.

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security. You are responsible for maintaining the security of your account credentials.

4A. Financial Data and Brokerage Credentials

4A.1 Brokerage OAuth Tokens

When you connect a brokerage account via OAuth, we receive and store an access token and refresh token. We do NOT receive or store your brokerage username, password, or security questions. Tokens are encrypted using AES-256 encryption with regularly rotated encryption keys. Tokens grant limited permissions as defined by each broker's OAuth scope.

4A.2 API Keys

When you provide API keys for brokerages that do not support OAuth, these keys are encrypted immediately upon receipt. We recommend creating API keys with the minimum necessary permissions (trading only, no withdrawal capabilities where possible). You are responsible for revoking API keys if you believe they have been compromised.

4A.3 Transaction Data

We receive order execution data from your broker, including order status, fill prices, quantities, and timestamps. This data is used to provide platform functionality, generate activity logs, and improve our services. We do not share individual transaction data with third parties except as required by law.

4A.4 No Access to Funds

Nyria cannot withdraw funds from your brokerage account, transfer securities, or initiate ACH/wire transfers. Our access is limited to placing trades and viewing account information. Your funds remain with your broker and are protected by your broker's security measures and applicable regulatory protections (such as SIPC for securities).

4B. Data Breach Notification

In the event of a security breach that affects your personal information, we will:

  • Notify affected users within 72 hours of becoming aware of the breach (or as required by applicable law)
  • Provide details about the nature of the breach and types of data affected
  • Describe steps we are taking to address the breach and prevent future incidents
  • Provide guidance on steps you can take to protect yourself
  • Notify relevant regulatory authorities as required by law

If you believe your account has been compromised, immediately: (1) change your Nyria password, (2) revoke broker authorizations through the Platform and your broker's interface, (3) review your brokerage account for unauthorized activity, and (4) contact us at security@nyria.io.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We may retain certain information for longer periods as required by law or for legitimate business purposes, including:

  • Transaction records and trading history (for compliance and audit purposes)
  • Communications and support tickets (to improve our services)
  • Anonymized or aggregated data (indefinitely, for analytics)
  • Information necessary to resolve disputes or enforce agreements

After account deletion, we may retain backup copies for a reasonable period and retain anonymized data indefinitely.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

6.1 Access and Portability

You may request a copy of the personal information we hold about you in a structured, commonly used format.

6.2 Correction

You may request that we correct inaccurate or incomplete personal information.

6.3 Deletion

You may request deletion of your personal information, subject to certain exceptions (e.g., legal compliance requirements).

6.4 Opt-Out of Marketing

You may unsubscribe from marketing communications at any time by clicking the "unsubscribe" link in emails or contacting us.

6.5 Cookie Preferences

You may control cookies through your browser settings. See our Cookie Policy for details.

6.6 Do Not Track

We do not currently respond to "Do Not Track" browser signals.

To exercise these rights, contact us at privacy@nyria.io. We may require verification of your identity before processing requests.

7. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we collect, use, and disclose.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  • Right to Correct: Request correction of inaccurate personal information we maintain about you.
  • Right to Opt-Out of Sale/Sharing: We do not sell personal information or share it for cross-context behavioral advertising. If this changes, we will provide an opt-out mechanism.
  • Right to Limit Use of Sensitive Personal Information: You may limit certain uses of sensitive personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To submit a CCPA/CPRA request, contact us at privacy@nyria.io. We will verify your identity before processing requests. You may designate an authorized agent to make requests on your behalf.

7A. Additional State Privacy Rights

Virginia Consumer Data Protection Act (VCDPA)

Virginia residents have rights to access, correct, delete, and obtain a copy of their personal data, and to opt out of targeted advertising, sale of personal data, and profiling. To exercise these rights, contact privacy@nyria.io. You may appeal our decision by contacting us within 60 days.

Colorado Privacy Act (CPA)

Colorado residents have rights to access, correct, delete, and obtain a portable copy of their personal data, and to opt out of targeted advertising, sale of personal data, and certain profiling. To exercise these rights, contact privacy@nyria.io.

Connecticut Data Privacy Act (CTDPA)

Connecticut residents have rights to access, correct, delete, obtain a copy of, and opt out of processing for targeted advertising, sale, or profiling. To exercise these rights, contact privacy@nyria.io.

Nevada Privacy Law

Nevada residents may opt out of the sale of their personal information. We do not currently sell personal information. If this changes, we will provide an opt-out mechanism. Contact privacy@nyria.io with questions.

8. International Data Transfers

Nyria is based in the United States. If you access the Platform from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

These countries may have data protection laws that differ from those in your country. By using the Platform, you consent to the transfer of your information to the United States and other countries.

Where required by applicable law, we implement appropriate safeguards for international data transfers, such as Standard Contractual Clauses approved by the European Commission.

9. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process your data based on: contract performance, legitimate interests, consent, or legal obligations.
  • Right to Object: You may object to processing based on legitimate interests.
  • Right to Restrict Processing: You may request restriction of processing in certain circumstances.
  • Right to Lodge a Complaint: You may file a complaint with your local data protection authority.

For GDPR-related inquiries, contact our Data Protection Officer at dpo@nyria.io.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and provide certain features. For detailed information about our use of cookies, please see our Cookie Policy.

Types of cookies we use:

  • Essential Cookies: Required for platform operation, authentication, and security.
  • Analytics Cookies: Help us understand usage patterns and improve the Platform.
  • Preference Cookies: Remember your settings and preferences.

11. Children's Privacy

The Platform is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will promptly delete that information. If you believe we have collected information from a child under 18, please contact us at privacy@nyria.io.

12. Third-Party Links and Services

The Platform may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through the Platform.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last updated" date at the top of this page
  • Notify you via email or prominent notice on the Platform
  • Provide a summary of key changes where appropriate

Your continued use of the Platform after any changes constitutes acceptance of the updated Privacy Policy.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all privacy-related inquiries within 30 days.