⚠ Document Status
FINAL DRAFT · AWAITING FOUNDATIONAL COUNSEL REVIEW
This document is a final draft. Algonet's full legal framework has been drafted and submitted for foundational counsel review under the Algonet BH LLC / CFTC Rule 4.7 structure. Formal confirmation is expected within six weeks. Until that review is returned, this document is not yet executed and existing client engagements remain governed by the prior version signed at onboarding. Published here in full for transparency and for the review of prospective qualified investors and their counsel.
Working draft v0.2 — 2026-04-22. Dual-jurisdiction framework (U.S. GLBA Regulation P + Israel Privacy Protection Law 1981). Adapted from Cornix Privacy Policy (cornix.io, 2024, Israeli anchor) + 3Commas Privacy Notice (eff. 29 Dec 2024) + Talos Privacy Policy + Goldenwise GLBA Privacy Policy exhibit (2017). Previous v0.0 Hebrew-origin content archived at /opt/backups/algonet-legal-originals-pre-v02-*.
Legal · II — TEST
What data we collect, how we use it, how we protect it — pending legal review.
This Privacy Policy describes how Algonet BH LLC (Florida) and אלגונט — פתרונות אלגוריתמים (Israel) (together, 'Algonet', 'we', 'us', or 'our') collect, use, disclose, and protect personal information when you interact with us through the algonet-trade.com website, the client portal, our onboarding workflow, and the execution service.
I — Chapter
Information We Collect
We collect only the personal information reasonably necessary to operate the Services, comply with legal obligations, and maintain a compliant Client record:
(a) Identity and contact — full legal name, date of birth, government-issued photo ID, residential address, email address, phone number, country of residence, country of citizenship, and, for non-U.S. clients, a foreign tax identification number. U.S. clients' Form W-9 is collected separately at first fee payment; we do not store SSNs in our onboarding database.
(b) Qualification information — net worth range, annual income range, portfolio size bracket, source-of-funds classification, and Politically Exposed Person status (to the extent voluntarily disclosed), collected via the QEP Certification.
(c) Account and transactional — Exchange account identifier, encrypted API Credentials, risk-group election, signature events (document acknowledgments with timestamps and IP address), trade history as pulled from the Exchange, monthly fee statements, and payment confirmations.
(d) Device and connection — IP address, user agent, browser fingerprint, and portal session metadata collected automatically when you use the site or portal. We do not use third-party advertising trackers.
(e) Communications — records of email, WhatsApp, phone, and video-call communications, including support tickets.
II — Chapter
How We Use Information
We use personal information only for these purposes:
(a) Onboarding and compliance — verify Client identity, determine QEP eligibility, screen against OFAC and equivalent sanctions lists, conduct source-of-wealth analysis, and discharge records-retention obligations (CFTC Rule 1.31, Israeli tax law, AML obligations).
(b) Service delivery — route trading signals to the Client's Exchange account, calculate fees, prepare monthly statements, and respond to Client support requests.
(c) Security — detect, prevent, and investigate fraud, unauthorized access, or operational incidents, including rolling re-screening against sanctions lists.
(d) Legal and regulatory — respond to lawful requests from governmental or regulatory authorities, comply with court orders, defend or assert legal claims.
(e) Communication — send monthly statements, risk-change confirmations, re-certification reminders, kill-switch notifications, and (only where opted in) marketing or research updates.
We do NOT use personal information for targeted advertising. We do NOT sell personal information. We do NOT trade or share Client information with data brokers.
III — Chapter
How We Protect Information
We implement administrative, technical, and physical safeguards:
(a) Encryption — all sensitive credentials (including Exchange API keys) encrypted at rest using industry-standard symmetric-encryption algorithms with keys resident only on our execution server. All portal communications protected by TLS 1.2 or higher.
(b) Access controls — access limited to personnel with reasonable need; authenticated (multi-factor where applicable) and audit-logged.
(c) Vendor management — third-party service providers contractually bound by confidentiality obligations.
(d) Incident response — written incident-response plan covering suspected data breach, sanctioned-person discovery, and regulatory inquiry.
No security measure is perfect. No system connected to the internet can be guaranteed against unauthorized access.
IV — Chapter
When We Disclose Information
We disclose personal information only in these circumstances:
(a) To the Exchange — to the extent necessary to route trading signals. Limited to information the Exchange's API requires for order routing. Does not include identity documents, QEP attestations, or internal Algonet records.
(b) To service providers — limited categories necessary for delivery (e.g., email subject and recipient to our email provider; file metadata to our encrypted storage provider). Providers contractually bound.
(c) To governmental and regulatory authorities — where required by law, court order, subpoena, or lawful regulatory request, including OFAC compliance reporting, Israeli tax reporting, and NFA or CFTC examination responses.
(d) To professional advisers — to accountants, legal counsel, and independent auditors, subject to professional confidentiality obligations.
(e) In connection with a business transaction — Algonet acquisition, merger, or sale of assets, subject to Client right to terminate and request deletion before transfer.
(f) With the Client's explicit consent — in any case not covered above.
V — Chapter
Client Rights
Under applicable privacy law, the Client has the following rights:
Right of access — obtain a copy of personal information held, purposes, and recipients.
Right to correction — correct inaccurate or incomplete information.
Right to deletion — request deletion, subject to regulatory retention obligations (longer of five years or the period required by applicable tax law, notwithstanding a deletion request).
Right to portability — transfer to the Client or another service provider in a commonly used electronic format.
Right to object — object to uses not strictly necessary for delivery of the Services.
Rights may be exercised by emailing privacy@algonet-trade.com. Algonet will respond within thirty (30) calendar days.
VI — Chapter
Cross-Border Transfers
Algonet operates entities in the United States and Israel and may transfer personal information between these jurisdictions in the ordinary course. Israel has been recognized by the European Commission as providing an adequate level of data protection. Transfers from Israel to the U.S. are conducted under appropriate contractual safeguards.
Clients resident elsewhere consent to the transfer of personal information to these two jurisdictions for the purposes described.
VII — Chapter
Retention
Algonet retains Client personal information for the longer of (i) five years following termination (CFTC Rule 1.31 / Israeli tax law minimum) or (ii) any longer period required by a regulatory authority, a pending legal claim, or Client-specific consent.
At the end of the applicable retention period, we securely destroy or anonymize personal information. Aggregate or anonymized information that cannot be re-linked may be retained indefinitely for research, backtesting, and statistical purposes.
VIII — Chapter
GLBA (United States) Notice
This chapter constitutes the initial privacy notice required by the Gramm-Leach-Bliley Act and Regulation P (17 C.F.R. Part 160) for U.S. Clients. Algonet does not share nonpublic personal information about Clients with non-affiliated third parties for marketing purposes and therefore no opt-out notice under Regulation P is required.
Information sharing with service providers, the Exchange, regulators, and professional advisers is limited to purposes permitted under Regulation P §160.14 and §160.15.
IX — Chapter
Israel Privacy Protection Law 1981 Notice
For Israeli-law purposes, the database controller is Toi Campbell Holdings Ltd (Israeli company no. 517110987), trading as אלגונט — פתרונות אלגוריתמים, with registered address at Bar Kochva 23, V Tower, Bnei Brak 5126002. Personal information is collected and processed lawfully for the purposes described above, with Client consent expressed via acknowledgment during onboarding.
The Client is entitled, at any time, to inspect information held, request correction of inaccuracies, and, subject to regulatory retention obligations, request deletion. Requests to privacy@algonet-trade.com. The database will be registered with the Israeli Privacy Protection Authority as required.
X — Chapter
Cookies and Analytics
The Website uses essential cookies for portal session management, security, and language preference. The Website does not use third-party advertising cookies or trackers.
The User may disable cookies via the browser settings; doing so may affect the User experience of the portal.
XI — Chapter
Updates to This Policy
We may update this Privacy Policy to reflect operational changes, regulatory developments, or new security measures. Material updates notified by email at least thirty (30) calendar days before the effective date. Continued use constitutes acceptance; the User may terminate at any time if an update is not accepted.
The current version is always available at algonet-trade.com/legal/privacy-policy. Version and effective date appear in the footer.
Privacy Policy v0.2 · 2026-04-22 · Contact: privacy@algonet-trade.com · Toi Campbell Holdings Ltd (Israel, company no. 517110987), trading as אלגונט — פתרונות אלגוריתמים · Bar Kochva 23, V Tower, Bnei Brak. Algonet BH LLC (Florida) held for future US framework — does not currently accept mandates.
Back to legal index