SATURIAAI Crypto Command Center
Start Free
Back to index
Account & Settings

Saturia account privacy and security

In brief

  • Saturia does not custody funds.
  • Exchange API keys must always be configured as read-only.
  • Your portfolio data is never sold or shared with third parties.
  • You can delete your account at any time, as per GDPR.
  • Passwords have standard minimum requirements, hashed on the backend.

In depth

What "does not custody funds" means

Saturia is an analytics dashboard. It's not an exchange, not a wallet, not a broker. We never receive your funds and have no tools to move them. Any real operation stays on your exchanges or wallets.

Exchange integrations are used only to read balances and operation history to compute portfolio, P&L and risk score. No function exists that could execute orders on your behalf via your API keys, and we have no interest in building one.

Exchange API key management

When you connect an exchange, we ask for a read-only API key. Fundamental rules:

  • Never enable trade, withdrawal, margin/futures-trading permissions.
  • Never put the API secret in email, screenshots, public chats.
  • Label the key with a clear name on the exchange (e.g. "Saturia-Read").

API keys are stored encrypted on our servers. Support doesn't need to read them to help you: if someone impersonating support asks for them, it's a scam.

Data handling

Data collected:

  • Email, name, password (hashed).
  • Account preferences (language, theme, dashboard layout).
  • Any balances and transactions from connected exchanges.
  • Alert and notification configuration.

What we do NOT do:

  • We don't sell data to third parties.
  • We don't share your portfolio with other users or ad networks.
  • We don't publish portfolio content without your explicit consent (e.g. if you join the leaderboard, only public metrics are shown).

GDPR and right to be forgotten

Under GDPR, you have the right to:

  • Access your data.
  • Correct it in case of errors.
  • Delete it (right to be forgotten).
  • Export it in readable format.

To exercise these rights, use profile functions where available, or write to support with a formal request.

Communications

Email communications mainly cover: configured alerts, payment receipts, security notifications and important service updates. You can regulate non-essential communications from profile settings.

What you can do to protect your account

  1. Unique password, never reused from other sites.
  2. API keys always read-only on exchanges.
  3. Be wary of private messages on Telegram/Discord/Twitter posing as support: we never proactively DM you asking for credentials or passwords.
  4. Periodically update the password if you suspect unauthorized access.

Roadmap features

Some advanced security features (two-factor authentication, active-session list, custom IP whitelist) are useful features but not yet implemented at the time of writing. If released, you'll find them in the profile screen and this page will be updated.