10 Days Free · No Credit CardBook My Call
Back to home
Trust Center

Trust & Security at Gixodia

We treat your trust as the product. This page documents exactly how we protect your data, your broker credentials, and your peace of mind — with no marketing gloss and no empty promises.

Security Overview

Six engineering practices that make Gixodia one of the safest pieces of trading software you can install.

Code Signing

All Gixodia binaries are digitally signed with an EV code signing certificate issued by DigiCert. Every release is reproducible and verifiable.

No Broker Credentials

We never see, store, or transmit your broker credentials. The bot runs locally on your machine and interacts with your terminal — we have zero access.

TLS 1.3 Everywhere

All communications — website, license server, update channel — are encrypted with TLS 1.3 and modern AEAD cipher suites. HSTS preload enabled.

Local-Only Execution

Strategies execute entirely on your machine. No cloud dependency for order flow. Your trades never route through Gixodia infrastructure.

Annual Audits

Independent security firms perform a full penetration test and code review every 12 months. Latest audit: March 2026 by an external security firm.

Bug Bounty Program

Responsible researchers are rewarded up to $10,000 USD for valid critical findings. All submissions acknowledged within 48 hours.

Compliance & Certifications

We are transparent about what is certified today and what is still in progress. No misleading badges.

Compliant
GDPR
Compliant
CCPA / CPRA
Compliant
UK-GDPR
Compliant
LGPD (Brazil)
Compliant
PIPEDA (Canada)
Compliant
WCAG 2.2 AA
In progress (Q4 2026)
ISO 27001
In progress (Q3 2026)
SOC 2 Type I
All systems operational

Live Status

Current uptime: 99.9% over the trailing 90 days. Real-time incident history, scheduled maintenance, and subsystem health are all public.

status.gixodia.com

Privacy at a Glance

Minimal
Data we collect
None
Data we sell
7
Subprocessors
24 months max
Data retention

Legal Documents

Our full legal library — written to be read, not buried.

Privacy Policy
Updated: April 15, 2026
Terms and Conditions
Updated: April 15, 2026
Risk Disclaimer
Updated: April 15, 2026
End User License Agreement
Updated: April 15, 2026
Cookie Policy
Updated: April 15, 2026
Data Processing Agreement
Updated: April 15, 2026
Accessibility Statement
Updated: April 15, 2026
Anti-Money Laundering & Counter-Terrorism Financing Policy
Updated: April 15, 2026
Subprocessors
Updated: April 15, 2026

Subprocessors

The short list of third parties that touch any Gixodia data. Every entry below is under a GDPR-compliant DPA.

Cloudflare
CDN, DNS, DDoS protection
Groq
AI inference (support)
Cal.com
Strategy call scheduling
FormSubmit
Contact form relay
Binance API
Market data (read-only)
View full subprocessor list

Security Contact

Found a vulnerability? Reach the security team directly. PGP key and policy published at /.well-known/security.txt.

security@gixodia.comsecurity.txt

Responsible Disclosure

  • 48-hour acknowledgement for all reports.
  • 90-day coordinated disclosure window.
  • Safe harbor: we will not pursue legal action against good-faith researchers.
  • Hall of Fame for first-time valid reports.
Last external audit: March 18, 2026

Request our full audit report

Under NDA, we share the executive summary and remediation log from our most recent third-party penetration test.

Request report