HYPERCOPY

Privacy Policy

Last updated: April 14, 2026

1. Overview

HyperCopy ("we", "us", "our") is a free, open-source copy trading platform for HyperLiquid. This policy explains what data we collect, why, and how it is protected. We collect only what is strictly necessary to operate the service.

2. Data We Collect

  • Wallet address — your Ethereum-compatible wallet address, used as your account identifier. Never stored with a name or email unless you choose to authenticate via Google or Telegram.
  • Telegram account ID — if you sign in via Telegram, we store your numeric Telegram chat ID to identify your account. We do not store your phone number.
  • Google email — if you sign in via Google, your email is used to deterministically generate an internal wallet address. Your email is not stored in our database.
  • HyperLiquid trading key — if you enable copy trading, your HyperLiquid private key is encrypted with AES-256-GCM before storage and is never accessible in plaintext.
  • Trading activity — positions opened and closed on your behalf, stored to display your performance history.
  • Session token — a short-lived JWT stored in your browser to keep you logged in.

3. How We Use Your Data

  • Authenticating your account and maintaining your session.
  • Executing copy trades on HyperLiquid on your behalf.
  • Displaying your performance history and positions.
  • Sending you notifications via Telegram if you have connected your account.
We do not sell, rent, or share your data with third parties for marketing purposes.

4. Data Storage & Security

All data is stored on servers located in the European Union. Private keys are encrypted at rest using AES-256-GCM with keys derived via PBKDF2 (100,000 iterations). Session tokens are stored in Redis with a 7-day TTL and invalidated on logout. We use HTTPS for all communications.

5. Third-Party Services

  • HyperLiquid — trade execution is performed via the HyperLiquid API. Their terms apply to trading activity.
  • Telegram — used for authentication and notifications if you opt in. Telegram's privacy policy applies.
  • Google — used for authentication if you opt in. Google's privacy policy applies.
  • WalletConnect — used to connect mobile wallets. Their privacy policy applies.

6. Data Retention

Your account data is retained as long as your account is active. You may request deletion of your account and all associated data by contacting us at the address below. Encrypted private keys are deleted immediately upon request.

7. Your Rights

You have the right to: access the data we hold about you, correct inaccurate data, request deletion of your data, and withdraw consent for data processing. To exercise these rights, contact us at privacy@hypercopy.online.

8. Cookies

We do not use tracking cookies. We use a single session token stored in your browser's localStorage to keep you logged in.

9. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated date. Continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact

For privacy-related questions, contact us at privacy@hypercopy.online.
← Back to HyperCopy