QDS Sentinel

Privacy Policy

Quantum Data Solutions, LLC ("QDS") · Effective June 21, 2026 · Version 1.0

QDS Sentinel is currently in invite-only closed beta. This policy covers how we collect, use, and protect information during the beta and beyond.

1. Who We Are

QDS Sentinel is an AI trading oversight and guardrails platform operated by Quantum Data Solutions, LLC ("QDS," "we," "us," or "our"). We are not a registered investment advisor or broker-dealer. Nothing in Sentinel constitutes investment advice.

Contact: hello@qdsventures.com

2. What We Collect

We collect only what is necessary to provide the service:

Account information: email address and a securely hashed password (PBKDF2-SHA256, 600,000 iterations). We never store your plain-text password.
Broker read-only data: portfolio snapshots (positions, orders, balances) fetched via SnapTrade, a regulated OAuth broker aggregator. We store snapshots in encrypted form (AES-256-GCM) at rest. We do not receive or store your broker login credentials.
Oversight events: policy evaluation results (allow, flag, block) for each agent action we review. These form your audit trail.
Usage data: timestamps, IP addresses, and error logs used to operate and secure the service. We do not use third-party analytics trackers.
Billing data: payment processing is handled entirely by Stripe. QDS never sees or stores your card number.

3. How We Use Your Data

To provide, operate, and improve the QDS Sentinel service.
To detect and prevent abuse, fraud, and security threats.
To send you transactional emails (account verification, password reset, billing receipts). We do not send marketing emails without your explicit opt-in.
To comply with applicable law.

We do not sell, rent, or share your personal data with third parties for advertising.

4. Broker Data and SnapTrade

Sentinel connects to your brokerage accounts via SnapTrade, a registered Money Services Business. When you connect a broker, you authorize SnapTrade (not QDS) to access your account in read-only mode. QDS receives periodic portfolio snapshots from SnapTrade and uses them solely to evaluate your AI agent's proposed trades against your guardrail policy. We do not place trades on your behalf.

5. Data Retention

Account data: retained while your account is active. You may request deletion at any time by emailing us.
Broker snapshots: retained for the duration of your subscription to support your audit history.
Oversight events (audit log): retained for the duration of your subscription. You may export your full audit log at any time from the app.
Deleted accounts: data is purged within 30 days of account deletion except where we are required by law to retain it.

6. Security

We take security seriously:

Passwords are hashed with PBKDF2-SHA256 (600,000 iterations) — we cannot recover your password.
Broker tokens and portfolio snapshots are encrypted at rest using AES-256-GCM with HKDF-derived keys.
All data in transit is protected by TLS 1.2+.
The API enforces rate limiting and account lockout to defend against brute-force attacks.
The audit log is hash-chained to detect tampering.

No system is perfectly secure. If you discover a vulnerability, please disclose it responsibly to hello@qdsventures.com.

7. Cookies and Local Storage

Sentinel uses browser local storage solely to hold your session token on your device. We do not use advertising cookies or tracking pixels. We use Cloudflare Turnstile for CAPTCHA on signup; Turnstile is designed to protect user privacy and does not use tracking cookies.

8. Third-Party Services

Cloudflare: infrastructure, DNS, and edge security. Cloudflare Privacy Policy.
SnapTrade: broker OAuth aggregation. SnapTrade Privacy Policy.
Stripe: payment processing. Stripe Privacy Policy.
Resend: transactional email delivery. Resend Privacy Policy.

9. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data. To exercise any of these rights, email us at hello@qdsventures.com. We will respond within 30 days.

10. Children's Privacy

Sentinel is not directed at or intended for use by individuals under 18 years of age. We do not knowingly collect personal data from minors.

11. Changes to This Policy

We may update this policy as the service evolves. Material changes will be communicated by email or an in-app notice at least 14 days before they take effect. Continued use of Sentinel after the effective date constitutes acceptance of the updated policy.

12. Contact

Questions about this policy? Email hello@qdsventures.com. We aim to respond within 5 business days.