Security & Compliance
Last Updated: June 4, 2026 Contact: info@algotradingsoftware.net
Overview
At AlgoTradingSoftware, security is not an afterthought — it is built into every layer of our infrastructure. This page outlines the technical and organizational measures we have in place to protect client data, trading operations, and system integrity.
1. Hosting Infrastructure
Our trading bot and client systems are hosted on enterprise-grade Virtual Private Server (VPS) infrastructure. Key hosting attributes include:
- Dedicated VPS with isolated environment per client deployment
- 99.9% uptime SLA with redundant network connectivity
- Automated daily backups with offsite storage
- DDoS protection at network level
- Regular OS and dependency patching
2. Data Encryption
All data in transit is protected using TLS 1.2/1.3 encryption. Sensitive credentials such as MT4 investor passwords are stored using AES-256 encryption at rest. We never store withdrawal-capable broker credentials — only read-only investor access is used.
3. Access Control
- Role-based access control (RBAC) for internal team members
- Multi-factor authentication (MFA) required for all administrative access
- SSH key-based authentication for VPS access — password login disabled
- Principle of least privilege applied across all systems
4. Penetration Testing
Our systems undergo regular security assessments including:
- Automated vulnerability scanning using industry-standard tools
- Manual penetration testing conducted periodically
- OWASP Top 10 review for all client-facing web applications
- Findings are remediated and documented internally
To request a summary of our latest security assessment, email info@algotradingsoftware.net with subject line “Security Brief Request”.
5. GDPR Compliance
We are committed to GDPR compliance for all EU-based clients. Our GDPR measures include:
- Lawful basis documented for all data processing activities
- Data minimization — we only collect what is necessary
- Right to erasure supported — data deleted within 30 days of request
- Data Processing Agreements (DPA) available on request
- No data sold or transferred to unauthorized third parties
6. Broker & Platform Security
- We operate exclusively via MT4 investor credentials — we cannot withdraw funds
- Client broker accounts remain 100% in the client’s name at all times
- All trading activity is independently verified and publicly visible on Myfxbook
- Broker partner XM is a globally regulated, multi-licensed broker
7. Incident Response
In the event of a security incident:
- Affected clients will be notified within 72 hours of confirmed breach
- Immediate steps will be taken to contain and remediate the issue
- A post-incident report will be shared with affected parties
- Regulatory authorities will be notified where legally required
8. Uptime SLA
| Component | Target Uptime |
|---|---|
| Trading Bot VPS | 99.9% |
| Client Dashboard | 99.5% |
| Myfxbook Sync | Subject to Myfxbook availability |
| Email Notifications | 99.9% |
Downtime caused by broker-side issues, MetaTrader platform outages, or force majeure is excluded from SLA calculations.
Request a Security Brief
Enterprise clients and institutional partners may request a detailed Security Brief document covering our full technical controls, compliance posture, and third-party assessment summaries.
📧 Email: info@algotradingsoftware.net Subject: Security Brief Request
We aim to respond within 2 business days.