Privacy Policy – AmpFi App LLC

Last updated: December 22, 2025

AmpFi App LLC (“AmpFi App,” “we,” “our,” or “us”) values your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our website, mobile app, or services (collectively, the “Service”).

By using the Service, you agree to the practices described in this Privacy Policy.

1. Information We Collect

Account Information: Name, email address, and billing details when you subscribe.

API Credentials: Exchange API keys you provide to enable the Service.
✅ We only request permissions necessary for spot trading and never request withdrawal permissions.

Usage Data: IP address, browser type, device info, pages visited, and log data.

Support Communications: Information you provide when contacting support.

2. How We Use Information

We use your information to:

• Operate and improve the Service,
• Connect to your exchange per your instructions,
• Process subscription payments,
• Provide technical support,
• Monitor security and prevent abuse,
• Comply with legal obligations.

3. Email Communications and Marketing Consent

3.1 Types of Email Communications

We send two types of email communications:

Operational and Bot Alert Emails

These are essential service-related communications necessary for the Service to function properly. You will receive these emails regardless of your marketing preferences, including:

• Account verification and security notifications
• Bot trading alerts and performance updates
• Risk management notifications and warnings
• Subscription and billing confirmations
• Service updates and critical system notifications
• Support responses and account-related communications

These operational emails cannot be disabled as they are necessary for account security and service functionality.

Marketing Communications

Marketing communications include promotional emails, newsletters, product updates, educational content, special offers, case studies, success stories, and other marketing materials. We will only send you marketing communications if you have provided your explicit consent to receive them.

3.2 Your Marketing Consent and Preferences

Default Setting: Marketing communications are enabled by default when you create an account. You may opt-out at any time through your account settings or by using the unsubscribe link in any marketing email.

Manage Your Preferences: You can enable or disable marketing email notifications at any time through the Settings page of your dashboard. Changes to your preferences will be processed within 48 hours.

Opt-Out Rights: You have the right to opt-out of marketing communications at any time by:

• Adjusting your email preferences in your account Settings page
• Clicking the unsubscribe link included in every marketing email
• Contacting us at io@ampfi.app with your request

Opt-Out Processing: We will process your opt-out request promptly and will stop sending marketing emails within 48 hours of your request. Please note that you may continue to receive marketing emails that were already in transit at the time of your opt-out request.

3.3 Legal Compliance

We comply with applicable email marketing laws and regulations, including:

• CAN-SPAM Act (United States): We include clear sender identification, accurate subject lines, and unsubscribe mechanisms in all marketing emails.
• GDPR (European Union): We obtain explicit consent before sending marketing emails to EU users and provide clear information about data processing.
• CCPA (California): California users have the right to opt-out of the sale of personal information (we do not sell email addresses) and to opt-out of marketing communications.
• Other Jurisdictions: We comply with applicable email marketing laws in all jurisdictions where we operate.

3.4 Third-Party Email Service Providers

We may use third-party email service providers to send marketing emails on our behalf. These providers are bound by strict confidentiality agreements and are only authorized to use your email address for the purpose of sending emails on our behalf. We do not sell or rent your email address to third parties for their own marketing purposes.

3.5 Email Tracking

Marketing emails may include tracking pixels or similar technologies to measure email open rates, click-through rates, and engagement. This helps us improve our email communications and understand what content is most valuable to you. You can disable image loading in your email client to prevent some tracking, though this may affect email display.

4. Advertising, Analytics, and Tracking Technologies

3.1 Cookie Consent and Your Choices

We use a cookie consent management system that allows you to control which types of tracking technologies are used. When you first visit our website, you will be presented with a cookie consent banner where you can:

• Accept All: Enable all analytics and marketing tracking
• Reject All: Only allow essential cookies necessary for site functionality
• Customize: Choose specific categories of cookies (analytics, marketing, functional)

Your consent preferences are stored in your browser's local storage and will be remembered for future visits. You can change your preferences at any time by clicking the cookie settings icon in the footer or by clearing your browser's local storage.

Important: We do not share your API keys, trading data, or account credentials with any third-party tracking services.

3.2 Analytics Services

We use the following analytics services to understand how visitors use our website:

Google Analytics 4 (GA4)

Google Analytics helps us understand website traffic, user behavior, and conversion events. GA4 collects anonymized data including:

• Page views and navigation paths
• Time spent on pages
• Device and browser information
• Geographic location (country/city level)
• Conversion events (trial signups, registration starts, logins)
• UTM parameters from marketing campaigns

Google Analytics uses cookies and may use other tracking technologies. Data is processed according to Google's Privacy Policy andHow Google uses data when you use our partners' sites.

Cross-Domain Tracking: We use Google Analytics cross-domain tracking to measure user journeys across ampfi.app and winu.ampfi.app. This allows us to attribute conversions accurately and understand the complete user experience.

Hotjar

Hotjar provides website heatmaps, session recordings, and user feedback tools to help us improve user experience. Hotjar may collect:

• Mouse movements and clicks
• Scroll behavior
• Form interactions
• Device and browser information

Hotjar processes data according to their Privacy Policy. You can opt out at https://www.hotjar.com/legal/compliance/opt-out.

3.3 Marketing and Advertising Services

We use the following advertising and marketing platforms to deliver relevant advertisements and measure campaign performance. These services use cookies, pixels, and similar technologies to track conversions and serve personalized ads.

Google Ads

Google Ads helps us deliver relevant advertisements and measure conversion performance. Google Ads may:

• Track conversions (trial signups, registrations, logins)
• Use remarketing to show ads to previous visitors
• Create custom audiences based on website behavior
• Measure ad performance and attribution

Google Ads is integrated with Google Analytics 4 for enhanced conversion tracking. Data is processed according to Google's Privacy Policy.

Facebook/Meta Pixel

The Facebook Pixel helps us measure ad performance, create custom audiences, and deliver relevant ads on Facebook and Instagram. The pixel tracks:

• Page views
• Conversion events (trial signups, registrations, logins)
• Custom events for campaign optimization

Facebook processes data according to their Data Policy. You can manage your ad preferences at https://www.facebook.com/settings?tab=ads.

LinkedIn Insight Tag

LinkedIn Insight Tag helps us measure conversion performance and deliver relevant ads on LinkedIn. It tracks:

• Page views
• Conversion events
• Website visitor demographics (anonymized)

LinkedIn processes data according to their Privacy Policy. You can opt out at https://www.linkedin.com/psettings/advertising.

Twitter/X Pixel

Twitter Pixel helps us measure ad performance and deliver relevant ads on Twitter/X. It tracks conversion events and website visits.

Twitter processes data according to their Privacy Policy. You can manage your ad preferences at https://twitter.com/settings/account/personalization.

Reddit Pixel

Reddit Pixel helps us measure ad performance and deliver relevant ads on Reddit. It tracks page views and conversion events.

Reddit processes data according to their Privacy Policy. You can opt out at https://www.reddit.com/personalization.

TikTok Pixel

TikTok Pixel helps us measure ad performance and deliver relevant ads on TikTok. It tracks page views, conversion events, and user interactions.

TikTok processes data according to their Privacy Policy. You can manage your ad preferences in TikTok app settings.

Microsoft/Bing UET Tag

Microsoft UET Tag helps us measure conversion performance and deliver relevant ads on Microsoft Advertising (Bing). It tracks page views and conversion events.

Microsoft processes data according to their Privacy Statement. You can opt out at https://account.microsoft.com/privacy/ad-settings.

Pinterest Tag

Pinterest Tag helps us measure ad performance and deliver relevant ads on Pinterest. It tracks page views and conversion events.

Pinterest processes data according to their Privacy Policy. You can manage your ad preferences at https://www.pinterest.com/settings.

3.4 Conversion Tracking

We track conversion events to measure the effectiveness of our marketing campaigns and improve our services. Conversion events include:

• Trial Signup: When you click "Start Free Trial"
• Registration Start: When you begin the registration process
• Login: When you log into your account
• Registration Complete: When you complete account registration (tracked server-side)
• Subscription Started: When a trial converts to a paid subscription (tracked server-side)
• Payment Completed: When a payment is successfully processed (tracked server-side)

These events are tracked using event IDs to prevent duplicate counting and ensure accurate attribution. Conversion data is shared with our advertising partners (Google Ads, Facebook, LinkedIn, etc.) to optimize ad delivery and measure campaign performance.

3.5 URL Parameters and Cross-Domain Tracking

To ensure accurate attribution and maintain your consent preferences across domains, we may include tracking parameters in URLs when you navigate between ampfi.app and winu.ampfi.app. These parameters include:

• UTM Parameters: Campaign source, medium, term, content, and campaign name
• Google Analytics Parameters: _gl (cross-domain linker), _ga (client ID), _gcl_au (Google Ads click ID)
• Consent Parameters: consent_analytics and consent_marketing to preserve your cookie preferences

These parameters help us:

• Attribute conversions to the correct marketing campaigns
• Maintain your consent preferences across domains
• Provide accurate analytics and reporting
• Improve user experience by preserving session context

3.6 Opt-Out Options

You can opt out of personalized advertising and tracking through the following methods:

• Cookie Consent Settings: Use our cookie consent banner to reject non-essential cookies
• Google Ads: https://www.google.com/settings/ads
• Network Advertising Initiative: https://optout.networkadvertising.org/
• Digital Advertising Alliance: https://optout.aboutads.info/
• Browser Settings: Configure your browser to block third-party cookies or use private/incognito mode

Note: Opting out of tracking may limit our ability to provide personalized content and may affect the functionality of some website features.

5. How We Protect Your Information

• API keys and sensitive data are encrypted at rest and in transit.
• Access is limited through role-based permissions.
• We maintain industry-standard administrative, technical, and physical safeguards.

6. Sharing of Information

We do not sell or rent your personal information. We may share information:

• With trusted service providers (e.g., payment processors) bound by confidentiality,
• When required by law or legal process,
• In connection with a merger, acquisition, or sale of assets.

7. Your Responsibilities

• Keep your API keys confidential,
• Regularly review your exchange account permissions,
• Notify us immediately if you suspect unauthorized use.

8. Your Rights

Depending on your location, you may request:

• Access to your data,
• Correction or deletion of data,
• Restriction of processing,
• Opt-out from marketing communications (see Section 3 for details on managing your email preferences).

To exercise these rights, email io@ampfi.app. For information about managing your marketing email preferences, please refer to Section 3 (Email Communications and Marketing Consent) above.

9. International Users & GDPR Compliance

If you access the Service from outside the U.S., your data may be transferred to and processed in the U.S. For users in the European Union (EU), we comply with the General Data Protection Regulation (GDPR).

Your GDPR Rights: You have the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data. You also have the right to withdraw consent at any time.

Data Protection Officer: For GDPR-related inquiries, contact our Data Protection Officer at privacy@ampfi.app.

10. Data Retention & Deletion

We retain information only as long as needed to provide the Service and meet legal obligations. Our data retention policies are as follows:

Account Data Retention

• Active Accounts: Data retained while account is active
• Inactive Accounts: Data deleted after 3 years of inactivity
• Closed Accounts: Data deleted within 30 days of account closure
• API Keys: Deleted immediately upon account closure

Specific Data Types

• Personal Information: Deleted within 30 days of account closure
• Trading Data: Deleted within 90 days of account closure
• Analytics Data: Anonymized after 2 years
• Support Communications: Deleted after 1 year

Legal Retention Requirements

Some data may be retained longer if required by law, including:

• Tax reporting requirements (7 years)
• Regulatory compliance (5 years)
• Legal proceedings (as required)
• Fraud prevention (3 years)

Data Deletion Process

Upon account closure or data deletion request:

• Immediate deletion of API keys and sensitive data
• Anonymization of analytics data within 30 days
• Complete deletion of personal data within 30 days
• Confirmation email sent upon completion

Right to Data Portability

You have the right to receive your data in a structured, commonly used format. Contact us to request your data export.

11. Children's Privacy

The Service is not intended for children under 18. We do not knowingly collect data from children. Contact us if you believe a child has provided information.

12. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or through the Service.

13. Contact Us

AmpFi App LLC
701 Tillery Street Unit 12-3272
Austin, Texas 78702
United States
(Mailing Address)
Email: io@ampfi.app