← Back to Markets

Privacy Policy

Last Updated: May 11, 2026

1. Overview

This Privacy Policy explains how Ojo Network Inc. ("Turbine", "we", "us", or "our") collects, uses, discloses, and protects information when you use Turbine, Turbine Studio, our websites, and related services.

This Policy should be read together with our Terms of Service. If you do not agree with this Policy, do not use the Platform.

2. Information We Collect

Depending on how you use the Platform, we may collect:

  • Account information: wallet addresses, email addresses, authentication identifiers, referral codes, subscription status, and support communications.
  • Usage information: pages visited, features used, clicks, scrolls, navigation paths, device type, browser type, operating system, approximate region, and performance data.
  • Trading and strategy information: prompts, strategy descriptions, generated bot code, DSL specs, configuration values, backtest requests, backtest results, deployment status, runner health, logs, analytics, and strategy sharing settings.
  • Payment information: Stripe customer and subscription identifiers, payment status, invoices, refund and chargeback information, and affiliate attribution data. We do not store full card numbers.
  • Blockchain information: public wallet addresses, transaction hashes, signatures, balances, and other information visible on public blockchains.
  • Compliance information: geo-location signals, IP-derived country or region, sanctions screening results, and venue eligibility signals where needed to operate or protect the Platform.

3. Venue API Credentials and Locus Runners

Turbine Studio lets you deploy bots that trade through your own accounts at supported venues. To do that, you may enter venue API credentials into the Turbine frontend.

When you deploy a bot, the frontend uses your wallet to create a signed authorization to upload approved bot-running software and the credentials you provide to your Locus runner. The Turbine API is not in the credential upload path.

The Locus runner accepts your wallet signature, the venue credentials, and the approved bot software from the frontend. The Locus server that you manage then keeps those credentials available in memory or its runtime environment as needed to run trades. Ojo Network Inc. does not control your independent Locus account, server, wallet, or x402 payment relationship.

You are responsible for keeping your venue keys, venue accounts, wallet, and Locus server secure. You can manage your server through the Locus UI at buildwithlocus.com, and you should revoke or rotate venue API keys at the venue if you no longer want a bot or runner to trade.

4. How We Use Information

We use information to:

  • Provide, maintain, secure, and improve the Platform;
  • Create and manage accounts, subscriptions, trials, credits, referrals, and support requests;
  • Generate, test, deploy, monitor, and troubleshoot Studio strategies and bots;
  • Show backtests, strategy pages, dashboards, logs, and analytics;
  • Process payments, prevent fraud, and manage affiliate commissions;
  • Detect abuse, market manipulation, prompt injection, security incidents, and policy violations;
  • Comply with law, sanctions, export controls, venue rules, and legal process;
  • Send service, security, billing, and product communications.

5. Analytics and Session Recording

We use product analytics and debugging tools, including PostHog, to understand how users interact with the Platform, diagnose bugs, improve performance, and make the product easier to use.

Session recordings may capture mouse movements, clicks, scrolling, page navigation, browser and device information, and similar interaction data. We configure session recording to filter sensitive credential fields, but you should still avoid entering secrets anywhere except designated secret fields.

6. How We Share Information

We may share information with:

  • Service providers: hosting, analytics, authentication, email, payment, customer support, infrastructure, storage, security, and debugging providers.
  • Third-party trading and deployment services: supported venues and Locus when you choose to connect credentials or deploy bots.
  • Payment processors: Stripe and related payment, tax, fraud, and payout providers.
  • Compliance and legal recipients: regulators, law enforcement, courts, counterparties, or other parties where required by law or necessary to protect rights, safety, users, or the Platform.
  • Public surfaces: strategy pages, backtest pages, leaderboards, wallet activity, comments, or other information you choose to publish or that is already public on-chain.
  • Business transfers: parties involved in a merger, financing, acquisition, reorganization, bankruptcy, or sale of assets.

We do not sell personal information in the ordinary meaning of selling data for money. We also do not use venue API credentials for our own trading.

7. Public Blockchains and Third-Party Venues

Blockchain data is public, permanent, and outside our control. Wallet addresses, transaction hashes, token balances, and trading activity may be visible to anyone and may be linked to other information about you.

Third-party venues, Locus, Stripe, Privy, PostHog, and other providers process information under their own privacy policies and terms. We are not responsible for their independent privacy or security practices.

8. Security

We use reasonable administrative, technical, and organizational measures designed to protect information. No system is perfectly secure. You are responsible for securing your wallet, venue accounts, Locus account, API keys, devices, and authentication methods.

9. Retention

We retain information for as long as needed to provide the Platform, comply with legal, tax, accounting, and compliance obligations, resolve disputes, enforce agreements, prevent abuse, and improve the product. Public blockchain data and data held by third parties may persist independently of our systems.

10. Your Choices and Rights

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your information. You may also have the right to appeal a decision or lodge a complaint with a regulator.

You can manage some information directly in the Platform, your wallet, third-party venue accounts, Locus, Stripe, Privy, or other connected services. To request help with privacy rights, contact us through our official channels.

11. Children

The Platform is not intended for anyone under 18 years old or under the age of majority in their jurisdiction. We do not knowingly collect personal information from children.

12. International Users

We may process information in the United States and other jurisdictions. These jurisdictions may have data protection laws different from those where you live. By using the Platform, you understand that information may be transferred to and processed in those jurisdictions.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will update the "Last Updated" date and, where appropriate, provide notice by email, in-product notice, or other reasonable means.

14. Contact

If you have questions about this Privacy Policy or our data practices, please contact us through our official channels.