Privacy Policy
1. Introduction
This Privacy Policy describes how Ranged.pro (“we,” “us,” “the Operator”) collects, uses, stores, and protects information in connection with the Ranged.pro automated liquidity management service (“Service”). It applies to all clients of the Managed and Premium White-Glove service tiers.
This policy should be read together with the Ranged.pro Integrated Client Agreement, which governs your use of the Service.
2. What Information We Collect
2.1 Information You Provide During Onboarding
| Data Type | Purpose |
|---|---|
| Legal name | Identity on the Client Agreement; required for contract execution |
| Email address | Service notices, billing, breach notifications, support |
| Jurisdiction of residence | Eligibility verification; OFAC compliance representation |
| Wallet address (public) | Identifying which on-chain positions belong to your managed instance |
We do not collect, request, or store:
- Private keys or seed phrases (ever)
- Payment card numbers or bank account details (payments are handled by Stripe, Inc.)
- Government-issued identification (unless required by future KYC obligations)
2.2 Automated Telemetry Data (Heartbeat)
Your bot software transmits an automated status payload (“heartbeat”) to our monitoring infrastructure approximately every 5 minutes. Each heartbeat contains:
| Data Field | Example Value | Sensitivity |
|---|---|---|
| Bot software version | 3.1.0 | Low |
| Bot uptime (seconds) | 172800 | Low |
| Position token ID | 155345 | Low (on-chain public data) |
| Pool address | 0xabc... | Low (on-chain public data) |
| In-range / out-of-range status | inRange | Low |
| Active strategy name | center_3pct | Low |
| Wallet address (public key only) | 0x123... | Low (on-chain public data) |
| Native token balance (amount only) | 1.24 PLS | Low |
| Sanitized error messages | “RPC timeout on provider 1” | Low — all sensitive content stripped |
Not included in heartbeats — ever:
- Private keys or seed phrases
- RPC API keys or credentials
- Dashboard passwords or JWT tokens
- Any configuration value marked as sensitive
Heartbeat data is transmitted over HTTPS (TLS 1.2+) from your VPS to our monitoring infrastructure.
2.3 Dashboard Analytics Data
When you log into your bot’s web dashboard, the dashboard generates and stores:
- Rebalance history (transaction hashes, timestamps, token amounts — all on-chain public data)
- Fee collection records
- Position performance analytics (calculated from on-chain events)
- Login timestamps (for session management)
The Operator has read-only access to your dashboard data for support and incident response purposes.
2.4 SSH Access Logs
Standard operating system audit logs on your VPS record SSH login events, including timestamps, source IP addresses, and the user account used. These logs are generated by the VPS operating system and remain on your server — they are not transmitted to or stored on Operator systems.
3. How We Use Your Information
| Data | How It’s Used |
|---|---|
| Name & email | Contract execution, billing, service notices, breach notification |
| Jurisdiction | Eligibility verification |
| Wallet address | Associating your on-chain positions with your managed instance |
| Heartbeat telemetry | Monitoring bot health, detecting outages, generating fleet status view |
| Dashboard analytics | Support, incident response, service quality monitoring |
We do not:
- Sell, rent, or trade your data to any third party
- Use your data for advertising or marketing to third parties
- Use your wallet address or position data to front-run your transactions
- Share your data with any party except as required by law or as described in Section 5
4. Data Retention
| Data Type | Retention Period |
|---|---|
| Heartbeat telemetry | 30 days rolling — automatically deleted after 30 days |
| Dashboard analytics | Retained for the duration of the service relationship + 30 days after termination |
| Contract and onboarding records | 7 years (standard business record retention) |
| Email correspondence | 3 years, or duration of service relationship + 1 year, whichever is longer |
Upon termination of the Service, we will delete all heartbeat telemetry within 30 days and make your analytics data available for download for 30 days, as described in the Client Agreement Section 8.4.
5. Disclosure to Third Parties
We do not sell your personal data. We may share data in the following limited circumstances:
5.1 Service Providers
We use the following third-party services that may process data on our behalf:
| Provider | Data Shared | Purpose |
|---|---|---|
| DigitalOcean | VPS infrastructure (data on your server only) | Hosting |
| Google Workspace (Gmail) | Email address | Service notifications |
| Stripe, Inc. | Billing information | Payment processing |
All service providers are required to handle your data only as directed by us and in accordance with applicable law.
5.2 Legal Requirements
We may disclose your information if required to do so by law, court order, or government authority, or if we believe in good faith that disclosure is necessary to protect our legal rights, prevent fraud, or protect the safety of any person.
5.3 Business Transfer
If Ranged.pro is acquired, merged with another entity, or its assets are transferred, your information may be transferred as part of that transaction. We will notify you by email and provide you an opportunity to terminate the Service before your data is subject to a materially different privacy policy.
6. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Correction | Request correction of inaccurate data |
| Deletion | Request deletion of your data (subject to legal retention requirements) |
| Portability | Receive your data in a machine-readable format |
| Objection | Object to specific processing activities |
| Withdrawal of consent | Where processing is based on consent, withdraw that consent at any time |
For California residents (CCPA): You have the right to know what personal information is collected, the right to delete, the right to opt-out of sale (we do not sell personal information), and the right to non-discrimination.
To exercise any of these rights, contact us at: team@ranged.pro
We will respond to verified requests within 30 days (GDPR) or 45 days (CCPA) of receipt.
7. Data Security
We implement the following security measures to protect your data:
- Heartbeat transmission: TLS 1.2+ encrypted HTTPS between your VPS and our monitoring infrastructure
- Monitoring control plane: Access-controlled, separately hosted from bot infrastructure
- Dashboard: JWT-authenticated session management; bcrypt-hashed passwords
- Private key: Never transmitted to or stored on Operator systems — remains on your dedicated VPS only
In the event of a confirmed breach of Operator systems that has materially compromised, or is reasonably likely to have compromised, your SSH credentials, heartbeat data, or dashboard access, we will notify you by email within 72 hours of discovery, as required by the Client Agreement and applicable breach notification law.
8. Data Location
The Operator operates from Utah, United States. Your data is processed on servers located in the United States (DigitalOcean infrastructure). The Service is currently offered to US-based clients only. If the Service is expanded to international clients in the future, this section will be updated to address cross-border data transfer requirements.
9. Children’s Privacy
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from anyone under 18. If we learn that we have collected personal data from a minor, we will delete it promptly. If you believe a minor has provided us with personal data, contact us at team@ranged.pro.
10. Cookies and Tracking
The Ranged.pro dashboard uses session cookies for authentication. We do not use tracking cookies, third-party analytics, or advertising pixels. The dashboard does not include Google Analytics, Facebook Pixel, or any equivalent tracking technology.
11. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or applicable law. Material changes will be communicated by email to your registered address at least 30 days before they take effect. Non-material changes (clarifications, typographical corrections) may be made without advance notice. The “Last Updated” date at the top of this document will always reflect the most recent version.
12. Contact
For privacy-related requests, questions, or complaints:
Email: team@ranged.pro
Subject line: “Privacy Request — Ranged.pro”
For California residents: if you are not satisfied with our response, you may contact the California Office of the Attorney General.
This Privacy Policy is version 1.0. It covers data collected in connection with the Ranged.pro Managed and Premium White-Glove service tiers.