1. Introduction
JorgAI LLC (“JorgAI,” “we,” “us,” or “our”) is a California limited liability company that operates an AI-powered algorithmic trading platform. Our services are available through our website at jorgai.com and our application portal at portal.jorgai.com (collectively, the “Platform”).
This Privacy Policy describes how we collect, use, disclose, store, and protect your personal information when you access or use the Platform, create an account, connect a brokerage account, or otherwise interact with our services.
By creating an account, accessing the Platform, or using any of our services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein. If you do not agree with this Privacy Policy, you must discontinue use of the Platform immediately.
This Privacy Policy applies to all users of the Platform, including visitors, registered account holders, and any other individuals who interact with our services.
2. Information We Collect
We collect several categories of information in order to provide, maintain, and improve our services. The types of information we collect include the following:
2.1 Account Information
When you create an account on JorgAI, we collect your first name, last name, email address, and date of birth. We also collect a password, which is cryptographically hashed using industry-standard one-way hashing before storage. We never store your password in plaintext and cannot retrieve your original password.
2.2 Brokerage Information
If you choose to connect a brokerage account to the Platform, we collect your brokerage API key and API secret. These credentials are encrypted using industry-standard encryption before being stored. Your brokerage credentials are never stored in plaintext and are only decrypted in-memory when required to execute trades on your behalf. JorgAI does not hold, custody, or have direct access to your funds. All trading is executed through your own brokerage account.
2.3 Trading Data
We collect and store data related to your trading activity on the Platform, including trade records (symbol, quantity, side, entry and exit prices, timestamps, and profit/loss), current and historical portfolio positions, AI-generated predictions and their outcomes, watchlists you create, and your platform settings and preferences.
2.4 Usage Data
We automatically collect certain information about how you interact with the Platform, including pages visited within the application, features accessed and frequency of use, session duration and activity timestamps, Internet Protocol (IP) addresses, and referring URLs.
2.5 Device Information
We may collect technical information about the device you use to access the Platform, including browser type and version, operating system, and screen resolution. This information is collected solely for analytics and to optimize your experience on the Platform.
2.6 Cookies and Tracking Technologies
We use session cookies to maintain your authenticated session on the Platform. We may also use analytics tools, such as Google Analytics and Microsoft Clarity, to collect anonymized usage data and behavioral analytics (including heatmaps and session replays). Analytics cookies are only placed with your explicit consent. Microsoft Clarity is configured with input masking enabled so that sensitive form fields and personal information are not captured in session recordings. We do not use cookies for advertising or behavioral profiling. You may manage your cookie preferences through your browser settings or through any cookie consent mechanism provided on the Platform.
3. How We Use Your Information
We use the information we collect for the following purposes:
3.1 Providing and Operating the Platform
- Authenticating your identity and managing your account
- Connecting to your brokerage account and executing trades on your behalf
- Displaying your portfolio, positions, trade history, and performance metrics
- Managing your watchlists, preferences, and platform settings
3.2 AI-Powered Predictions and Analysis
- Generating AI-driven trading predictions based on market data, technical indicators, and news sentiment
- Tracking prediction accuracy and outcomes to improve our models
- Providing personalized insights based on your trading activity
3.3 Security and Fraud Prevention
- Detecting and preventing unauthorized access to your account
- Monitoring for suspicious activity and potential security threats
- Maintaining audit logs of significant account actions for security purposes
- Enforcing applicable trading rules and platform policies
3.4 Platform Improvement and Analytics
- Analyzing usage patterns to improve features and user experience
- Identifying and resolving technical issues, bugs, and performance bottlenecks
- Conducting internal research and development
3.5 Communications
- Sending transactional notifications related to your account and trading activity
- Providing customer support in response to your inquiries
- Sending platform updates, security alerts, and policy changes
- Delivering marketing communications only if you have opted in to receive them
We do not use your personal information for third-party advertising. We do not sell, rent, or lease your personal information to any third party.
4. Third-Party Services and Data Sharing
JorgAI integrates with select third-party services to provide our Platform’s functionality. We are committed to limiting the data shared with third parties to what is strictly necessary for the operation of the Platform.
4.1 Alpaca Markets
We integrate with Alpaca Markets for brokerage execution services. Your brokerage API credentials are transmitted directly to Alpaca’s servers to execute trades, retrieve account data, and access market information. JorgAI does not hold or custody your funds. All trading activity occurs within your own Alpaca brokerage account, subject to Alpaca’s own terms of service and privacy policy. For more information, please review Alpaca’s privacy policy at alpaca.markets.
4.2 AI Service Provider (Anthropic, PBC)
We use Anthropic, PBC's Claude AI (“Anthropic”) as our underlying AI provider for two distinct purposes:
(a) Trading predictions and market analysis. When the Platform generates trading predictions or runs the auto-trader, JorgAI sends Anthropic only market data, technical indicators, and news sentiment data relevant to the symbol being analyzed. No personal information, account data, brokerage credentials, or individually identifiable trading data is transmitted for this purpose.
(b) The Jorg AI Assistant chat. When you send a message to the in-app Jorg AI Assistant, the contents of your message are transmitted to Anthropic so that Claude can generate a response. You should not enter sensitive personal information, credentials, or financial account details into the Assistant. Before the Assistant is first used, the Platform displays an in-app notice and asks for your explicit acknowledgment to enable this feature.
Anthropic processes data sent to it in accordance with its own privacy and data-handling policies, available at anthropic.com/legal/privacy. Per Anthropic's standard API terms, inputs sent via the API are not used to train Anthropic's models. You can disable the Jorg AI Assistant at any time in your account settings, in which case no further chat data will be sent to Anthropic from your account.
4.3 Market Data Providers
We use third-party market data and news aggregation services to provide real-time and historical market data, financial news, and related information. These services receive only stock ticker symbols and market-related queries. No personal user information is shared with these providers.
4.4 Analytics
We may use Google Analytics, Microsoft Clarity, or similar analytics services to collect anonymized, aggregated usage data about how users interact with the Platform. Microsoft Clarity is used for heatmaps and session replays with input masking enabled so that sensitive information (such as form inputs, account balances, and credentials) is automatically obscured. Analytics tracking is consent-based and can be opted out of at any time. Anonymization techniques are applied to prevent individual identification.
4.5 Email Communications
If you subscribe to our newsletter or marketing communications, we may use a third-party email service provider to deliver those messages. You may unsubscribe at any time using the link provided in each email.
4.6 Our Commitment: We Never Sell Your Data
JorgAI does not sell, trade, or otherwise transfer your personal information to third parties for monetary or other valuable consideration. We do not participate in data brokering. We do not share your personal information with third parties for their own marketing purposes. We only share information with third parties as described in this section, to the extent necessary to operate the Platform and provide our services to you.
4.7 Legal Disclosures
We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, the safety of others, or to investigate fraud or respond to a government request.
5. Data Security
JorgAI takes the security of your personal information seriously. We implement a combination of technical, administrative, and organizational safeguards designed to protect your data from unauthorized access, alteration, disclosure, or destruction.
5.1 Encryption
Sensitive data, including brokerage credentials, is encrypted at rest using industry-standard encryption. Passwords are stored using a one-way cryptographic hashing algorithm, meaning they cannot be reversed or retrieved. All data transmitted between your browser and our servers is protected using HTTPS/TLS encryption.
5.2 Authentication and Access Controls
User sessions are managed through token-based authentication with automatic expiration. We offer optional two-factor authentication (TOTP) to provide an additional layer of account security. Access to your account is restricted to authenticated sessions, and sessions are invalidated upon password changes.
5.3 Audit Logging
We maintain append-only audit logs that record significant account actions, including logins, trades, and settings changes. These logs include timestamps and relevant metadata and are used for security monitoring and compliance purposes.
5.4 Infrastructure Security
We employ industry-standard practices to secure our infrastructure, including parameterized database queries to prevent injection attacks, environment-based credential management, role-based access controls, and regular security reviews.
5.5 Limitations
While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee the absolute security of your data. You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.
6. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
6.1 Active Accounts
For active accounts, we retain your account information, trading data, AI predictions, watchlists, and preferences for the duration of your account’s existence. This data is necessary to provide our services and maintain your trading history.
6.2 Account Deletion
If you request deletion of your account, we will remove your personal data, including account information, brokerage credentials, trading records, and AI prediction data, from our systems within thirty (30) days of your request. Certain anonymized or aggregated data that cannot be used to identify you may be retained for analytical purposes.
6.3 Audit Logs
Audit logs may be retained for an extended period beyond account deletion for security monitoring, fraud prevention, and regulatory compliance purposes. Audit logs may reference your account identifier but do not contain sensitive credentials or brokerage information.
6.4 Session Data
Authentication tokens expire automatically after their designated validity period. Expired session data is not retained.
7. Your Rights Under California Law (CCPA)
If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) regarding your personal information. JorgAI is committed to honoring these rights.
7.1 Right to Know
You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which your personal information was collected, the business or commercial purpose for collecting your personal information, and the categories of third parties with whom we share your personal information.
7.2 Right to Delete
You have the right to request that we delete the personal information we have collected about you, subject to certain exceptions permitted by law (such as data necessary for completing a transaction, detecting security incidents, or complying with legal obligations).
7.3 Right to Opt Out of Data Sales
You have the right to opt out of the sale of your personal information. However, JorgAI does not sell your personal information and has never sold personal information. As such, there is no need to submit an opt-out request, though you are welcome to confirm this by contacting us.
7.4 Right to Non-Discrimination
We will not discriminate against you for exercising any of your privacy rights. You will not receive different pricing, a different quality of service, or be denied access to the Platform for exercising your rights under the CCPA.
7.5 Right to Correct
You have the right to request correction of inaccurate personal information that we maintain about you.
7.6 How to Exercise Your Rights
To exercise any of the rights described above, please submit a request by emailing us at support@jorgai.com. In your request, please describe your inquiry in detail and provide sufficient information for us to verify your identity. We will respond to verified requests within forty-five (45) days, as required by applicable law. If we require additional time, we will notify you of the extension and the reason for it.
You may also designate an authorized agent to make a request on your behalf. If you use an authorized agent, we may require additional verification to confirm that the agent has been properly authorized.
8. Children’s Privacy
JorgAI is not intended for use by individuals under the age of eighteen (18). You must be at least 18 years old to create an account and use the Platform. Brokerage accounts required for live trading have their own age and eligibility requirements as established by the brokerage provider and applicable financial regulations.
We do not knowingly collect, solicit, or maintain personal information from anyone under the age of 18. If we become aware that we have collected personal information from a minor, we will take prompt steps to delete that information from our systems.
If you believe that a minor has provided us with personal information, please contact us immediately at support@jorgai.com so that we can take appropriate action.
9. International Users
JorgAI is operated from and its services are provided within the United States. All data collected through the Platform is stored and processed in the United States.
If you access the Platform from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Platform, you consent to the transfer, storage, and processing of your information in the United States.
If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with data protection laws that provide rights beyond those described herein, please contact us at support@jorgai.com to discuss how we can accommodate your rights.
10. Changes to This Policy
We reserve the right to update or modify this Privacy Policy at any time. When we make material changes to this Privacy Policy, we will update the “Last Updated” date at the top of this page and take reasonable steps to notify you, such as posting a notice on the Platform or sending you an email notification.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Platform following the posting of changes to this Privacy Policy constitutes your acceptance of those changes.
If we make changes that materially affect how we handle your personal information or significantly expand the ways in which we use your data, we will provide prominent notice and, where required by law, seek your consent before applying the changes to data previously collected.
11. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
JorgAI LLCState of Organization: California
Email: support@jorgai.com
We aim to respond to all inquiries within a reasonable timeframe. For privacy-related requests under the CCPA, we will respond within forty-five (45) days as required by law.
For general platform support, product inquiries, or account assistance, you may also reach us at support@jorgai.com.