Sign in Subscribe

Privacy Policy — Bull88 Protocol

Last updated: 2026-06-08

This Privacy Policy explains how the Bull88 Protocol application ("the App"),
provided by CoinTranscend ("we", "us"), handles your data. We designed the App
to keep your data on your device and under your control.

Plain-language summary: We run no servers and collect nothing about you. Your
data lives encrypted on your device. The App talks directly to the third-party
services you connect, using your own API keys. An optional backup goes to
your own Google Drive. We never see, collect, or sell your data.

1. We operate no backend and collect no personal data

The App has no server of ours. We do not have a database, we do not receive
telemetry or analytics, and we do not collect, store, or sell any of your personal
or financial information. There is no account with us to create, and we have no way
to identify you.

2. Data stored on your device

The following are stored locally on your device, encrypted at rest using
Android's EncryptedSharedPreferences (AES-256):

  • Your market-data provider API credentials and OAuth tokens.
  • Your optional Gemini, FRED, and Finnhub API keys.
  • Your trading journal, closed-position ledger, hedge ledger, trigger history,
    watchlist, and app settings.
  • The email address of the Google account you select (used as a sign-in label and
    as your backup target — see §4).

These never leave your device except as described below.

3. Data you send to third parties (using your own keys)

When you use features that require them, the App connects directly from your
device to the services you choose, authenticated with your own
keys/credentials. We are not a party to these connections and never receive this
data:

  • Your chosen brokerage market-data provider (currently Charles Schwab; the App
    is built to let you select additional providers) — authentication and market data
    (e.g., option chains, quotes, price history) for the symbols you analyze. The App
    uses this for market data only; it does not read your brokerage account positions,
    balances, or orders, and it places no trades.
  • Google Gemini API — the symbol you analyze (for sentiment) and your trade
    journal text (for the optional AI "Critic" feature), sent under your own Gemini key.
  • Finnhub API — the symbol (for the earnings/dividend calendar), under your own key.
  • FRED API — macroeconomic data series, under your own key.

Your use of these services is governed by their privacy policies and terms.

4. Optional Google Drive backup (non-secret data only)

If you choose to use cloud backup, the App uploads a snapshot of your non-secret
data — trading journal, closed ledger, hedge entries, trigger history, watchlist,
standing hedge, and climate reports — to your own Google Drive's hidden app-data
folder (the drive.appdata scope). This space is private to the App and to your
Google account; we have no access to it.

Your secrets are never backed up: your provider credentials, OAuth tokens, and
all API keys stay only on your device and must be re-entered on a new device. Backup
is opt-in (you tap "Back up now") and is pinned to the Google account you signed in
with.

5. Google user data — Limited Use

The App's use and transfer of information received from Google APIs adheres to the
Google API Services User Data Policy,
including its Limited Use requirements. Specifically, the Google account email
and the Google Drive app-data access are used only to provide the in-app backup
and restore feature you initiate. This data is not transferred to others except
as needed to provide that feature, is not used for advertising, and is not
used for any other purpose. We do not allow humans to read this data unless we have
your affirmative consent, it is necessary for security or to comply with law, or the
data is aggregated and anonymized.

6. No advertising, no tracking

The App contains no advertising SDKs, no third-party analytics, and no tracking
identifiers used by us.

7. Children

The App is not directed to children and is intended for adults managing their own
brokerage accounts.

8. Security

Local data is encrypted at rest; all network traffic uses HTTPS. No method of
storage or transmission is 100% secure, and you are responsible for the security of
your device and your accounts.

9. Your control

You can delete all local data by clearing the App's data or uninstalling it. You can
delete the Drive backup from your own Google Drive at any time. Removing the App
removes all on-device data.

10. Changes

We may update this Policy; the "Last updated" date above will change accordingly.

11. Contact

Questions: sunny@bull88protocol.com