Skip to content
AQUILATRADER
Why Aquila Platform Roadmap
Join the beta

Legal

Privacy Policy

Last updated: 14 July 2026

Aquila is a desktop application that runs on your computer. Your trading data never leaves your machine. We cannot see your positions, your balance, or your trades.

The only personal data we hold is your waitlist email address, if you chose to give us one — stored securely and used only to email you about the launch. The only server we operate is a stateless token-exchange service that exists for a single technical reason, explained below. It stores nothing.

01 Who we are

Aquila is operated by Aquila Trader Ltd (England & Wales). Contact: admin@aquila-trader.com.

02 What Aquila does on your device

Aquila connects directly from your computer to your broker via the cTrader Open API. The following are processed and stored locally on your device only:

  • Market data (prices, historical bars)
  • Your account balance, positions, orders, and trade history
  • Your trade journal, notes, and any screenshots you add
  • Your settings, workspace layout, and chart configurations
  • Your access and refresh tokens (stored in your operating system's secure credential store — Windows Credential Manager or macOS Keychain)

None of this is transmitted to us. We have no ability to read it.

03 The token exchange service — the one server involved

Why it exists

cTrader's authentication requires a confidential credential (a "client secret") to exchange your authorisation code for an access token. A desktop application cannot safely contain this secret — anyone could extract it from the program file. We therefore keep it on a small server, and your authorisation code passes through that server so the secret can be applied.

The alternative would be requiring every user to register their own developer application with cTrader and wait for approval. We consider that unacceptable friction.

What passes through it

  • The short-lived authorisation code issued by cTrader when you approve access (valid for 60 seconds).
  • Your refresh token, when Aquila periodically renews your access token.

What it stores

Nothing. The service receives the code or refresh token, forwards it to cTrader with our client secret attached, returns the response to your copy of Aquila, and retains no record of it.

Specifically, we do not store:

  • Authorisation codes
  • Access tokens or refresh tokens
  • Your cTrader ID, account numbers, or any identifier
  • Your positions, balance, trades, or any market or trading data

We keep aggregate operational counts (e.g. "number of token exchanges this hour") for reliability monitoring. These contain no personal data and cannot be linked to you.

Your alternative

If you would prefer that we are not involved at all, Aquila includes an option to supply your own cTrader application credentials in settings. In that mode, your authorisation code and tokens never touch any server of ours. This requires registering your own application with cTrader.

04 What we collect on the website

aquila-trader.com sets no tracking cookies and uses no cross-site trackers. For traffic measurement we use Cloudflare Web Analytics, which is cookieless and collects no personal data, and the waitlist form is protected by Cloudflare Turnstile — a privacy-preserving bot check that likewise sets no tracking cookies.

The waitlist

If you join the waitlist, we collect your email address. To keep the list lawful and free of abuse, we also record the consent and origin details below — nothing more.

  • Why: solely to notify you when a desktop build is available, and about significant milestones leading up to it.
  • What we store: your email address, the date and time you consented and the exact wording you agreed to, and the country your signup came from (from Cloudflare's CF-IPCountry header). We do not store your IP address.
  • Lawful basis: your consent, given when you tick the box and submit the form.
  • Where it's stored: in a Cloudflare D1 database. Confirmation and notification emails are sent through Resend. Cloudflare and Resend act as our data processors — they handle your email only to store the list and deliver these emails on our behalf, never for their own purposes.
  • Sharing: we do not sell, rent, or share your email address with anyone beyond the processors named above.
  • Retention: we keep your address until you unsubscribe, or until the waitlist is closed and the build has shipped.
  • Removal: email admin@aquila-trader.com at any time and we will delete your address. Every email we send also includes a one-click unsubscribe link, which takes effect immediately with no login or confirmation step.

This is the only personal data we hold. It is entirely separate from the application — joining the waitlist does not create an account, and your email address is never connected to any trading data.

05 AI features

Aquila's AI features are optional and off by default.

  • If you configure a local AI model, no data leaves your machine.
  • If you configure a third-party AI provider (such as Anthropic or OpenAI), the specific data required for the task you requested — for example, the trades you asked it to review — is sent to that provider under their terms and privacy policy. Aquila always shows you which provider is active.
  • Credentials, tokens, and full account identifiers are stripped before any data is sent to an AI provider.
  • We never send your data to an AI provider without your explicit configuration. There is no silent fallback to a cloud provider.

06 Your rights (UK GDPR)

The only personal data we hold is your waitlist email address, if you provided one. You have the right to access it, correct it, or have it deleted — email admin@aquila-trader.com and we will action it.

We hold no other personal data. We cannot access your trading data, because it never reaches us.

You can revoke Aquila's access to your trading accounts at any time from your cTrader ID settings. This is effective immediately and does not require any action from us.

Your broker and cTrader (Spotware) are separate data controllers with their own privacy policies. Your relationship with them is not governed by this policy.

07 Security

  • The client secret is held server-side and never distributed in the application.
  • Tokens are stored in your operating system's secure credential store, never in plaintext files.
  • Secrets and tokens are never written to logs.
  • All communication with cTrader and with our token exchange service uses TLS.
  • Because we store no tokens, a compromise of our infrastructure cannot expose your trading accounts.

08 Changes

We will update the "last updated" date above when this policy changes. Material changes will be communicated in the application.

09 Contact

admin@aquila-trader.com

← Back to home

AQUILATRADER
Privacy Terms Contact

v0.1.0 · © 2026 Aquila Trader

Sample market data shown throughout. Trading carries risk of loss; nothing here is financial advice.