Privacy Policy
Last updated: 24 April 2026
Photon Services Limited ("we", "us", "our"), a company registered in England and Wales, operates AlgoRecon (the "Service"). This Privacy Policy explains what personal data we collect, why we collect it, and how we use and protect it. We act as the data controller for the personal data described here.
1. What data we collect
| Data | Purpose | Legal basis (UK GDPR) |
|---|---|---|
| Email address | Identify your licence, send receipts and important service communications | Contract |
| First name, last name (optional) | Personalise communications and invoices | Contract |
| Device fingerprint (a one-way hash of your machine identifiers) | Activate your licence on a specific device, enforce the 2-device limit, and prevent trial abuse | Legitimate interest in preventing fraud and licence sharing |
| Licence activation history | Allow you to deactivate devices you no longer use | Contract |
| Payment information | Processed by Paddle, our merchant of record. We receive only transaction metadata (amount, date, last 4 digits of card) | Contract |
| Support correspondence | Respond to enquiries and improve the Service | Legitimate interest |
Data we do not collect. The AlgoRecon desktop app stores your trade history, strategy data, and broker information in a local SQLite database on your machine. None of that data is transmitted to our servers. Your MetaTrader 5 credentials are never entered into or stored by the Service.
2. Who we share data with
We share personal data only with a small number of processors that we need to operate the Service:
- Paddle.com Market Limited — our merchant of record. Handles payments, invoicing, VAT / sales tax, refunds, and chargebacks. Paddle Privacy Policy.
- Keygen LLC — our licensing service. Stores your email, fingerprint hash, and licence status. Keygen Privacy Policy.
- Cloudflare, Inc. — hosts our licensing API worker. Receives request metadata (IP address, request body) for the purpose of fulfilling licence operations and rate-limiting abuse. Cloudflare Privacy Policy.
We do not sell your personal data, and we do not share it with advertising networks.
In addition, the pages of this marketing site load static assets (CSS, fonts) from Tailwind Labs via its content delivery network. Like any content delivery network, this service receives your IP address and user agent to serve the asset — it does not set cookies, run analytics, or track users across sites.
3. International transfers
Some of our processors are based outside the UK or EEA. Where personal data is transferred internationally we rely on the UK International Data Transfer Agreement, EU Standard Contractual Clauses, or equivalent safeguards as required by UK GDPR.
4. How long we keep data
- Active licence data is kept for as long as your subscription is active.
- After cancellation we retain licence and transaction records for up to 7 years to comply with UK accounting and tax law.
- Trial accounts without a subsequent purchase are retained for up to 24 months, then deleted.
5. Your rights
Under UK GDPR you have the right to:
- Access the personal data we hold about you.
- Request that we correct inaccurate data.
- Request that we delete your data (subject to legal retention obligations above).
- Object to or restrict processing based on legitimate interest.
- Request a copy of your data in a portable format.
- Withdraw consent at any time, where we rely on consent.
- Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk).
To exercise any of these rights, email privacy@algorecon.com. We respond within 30 days.
6. Security
The Service uses HTTPS for all communications with our licensing worker. Your local licence cache is encrypted with AES-256-GCM using a key derived from your device's hardware fingerprint — this means the cache cannot be read if copied to another machine. We restrict employee access to personal data on a need-to-know basis.
7. Cookies
This website does not use tracking cookies, advertising cookies, or analytics cookies. Paddle's checkout page, hosted separately, uses functional cookies necessary to complete a purchase.
8. Children
The Service is not directed at children under 18. We do not knowingly collect personal data from children.
9. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be notified via the email address associated with your account. The "last updated" date at the top of this page indicates when the policy was most recently revised.
10. Contact
Photon Services Limited
Email: privacy@algorecon.com