Skip to main content
← Back to Home

Privacy Policy

Last updated: March 6, 2026

1. Overview

Foxxflow ("we," "our," or "us") is a software consulting company that operates the following platforms:

  • Foxxflow Portal (portal.foxxflow.com) -- an internal team collaboration platform featuring email, messaging (Vox), voice and video calls, file sharing, project management, calendar, and GitLab integration.
  • SwiftFX (swiftfx.foxxflow.com) -- an automated trading platform that connects to MetaTrader 4 and MetaTrader 5 brokers.

This Privacy Policy explains how we collect, use, store, and protect your information when you use our website, portal, or trading services. By using any Foxxflow service, you acknowledge the practices described in this policy.

2. Information We Collect

Account Information

  • Name, work email address, and personal email address
  • Job title and team assignment
  • Authentication credentials (passwords, passkeys, MFA tokens)
  • Avatar and profile information

Communication Content

  • Emails sent and received through the portal
  • Chat messages in Vox channels (text, attachments, reactions)
  • Voice and video call metadata (participants, duration, timestamps) -- calls are not recorded
  • File metadata for documents shared via integrated Google Drive

Trading Data (SwiftFX)

  • Broker account identifiers and server information
  • Trade execution records (symbol, volume, price, timestamps)
  • Account balance and equity snapshots
  • Terminal connection status and health metrics

Usage Data

  • Browser type, operating system, and device information
  • Pages visited, features used, and session duration
  • IP address (anonymized where possible)
  • Error logs and performance metrics

3. How We Use Information

  • Service delivery -- routing emails, delivering messages, connecting voice/video calls, executing trades, and syncing files
  • Authentication and security -- verifying identity via passwords, passkeys, MFA, and session tokens
  • System monitoring -- detecting errors, performance issues, and unauthorized access attempts
  • Analytics -- understanding usage patterns to improve our platforms (using privacy-respecting analytics)
  • Communication -- sending system notifications, security alerts, and service updates

4. Data Storage and Security

All data is hosted on Amazon Web Services (AWS) infrastructure in the United States (primarily us-east-2 Ohio and us-east-1 Virginia regions).

  • Data is stored in PostgreSQL databases with encryption at rest
  • All connections use TLS encryption in transit
  • Access to production systems requires SSH key authentication
  • Trading credentials are encrypted with dedicated encryption keys
  • Web traffic is proxied through Cloudflare for DDoS protection and edge caching

While we implement industry-standard security measures, no system is completely immune to threats. We promptly investigate and respond to any suspected security incidents.

5. Third-Party Services

We integrate with the following third-party services to deliver our platforms:

  • Google Workspace -- email delivery (SMTP/IMAP), Google Drive file access, and calendar integration
  • LiveKit -- real-time voice and video communication infrastructure
  • Cloudflare -- DNS, CDN, DDoS protection, and secure tunneling
  • GitLab -- source code management and CI/CD integration
  • Amazon Web Services -- compute (EC2), storage (S3), and systems management (SSM)
  • MetaTrader brokers -- trade execution through MT4/MT5 terminals (SwiftFX only); each broker has its own privacy policy governing trading account data

We do not sell, trade, or rent your personal information to any third party.

6. Data Retention

  • Emails -- synced from Google Workspace via IMAP and stored in our database for portal access; originals remain in Google Workspace
  • Chat messages -- stored persistently for team collaboration continuity
  • Voice and video calls -- not recorded; only metadata (participants, duration) is retained
  • Trading data -- trade records and account snapshots retained for the duration of your account for performance analysis
  • Usage analytics -- aggregated data retained for up to 12 months
  • Account data -- retained for the duration of your active account; deleted upon request after account termination

7. Your Rights

You have the right to:

  • Access -- request a copy of the personal data we hold about you
  • Correction -- request correction of inaccurate or incomplete information
  • Deletion -- request deletion of your personal data, subject to legal retention requirements
  • Export -- receive your data in a portable format
  • Restriction -- request that we limit processing of your data in certain circumstances

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Cookies and Authentication

Our platforms use the following cookies and tokens:

  • JWT session tokens -- used to maintain authenticated sessions on the portal; stored as secure HTTP-only cookies
  • Platform session cookies -- used for SwiftFX dashboard authentication
  • Theme preference -- stored in localStorage to remember your light/dark mode choice
  • Analytics cookies -- privacy-respecting analytics to understand page visits (no cross-site tracking)

We do not use third-party advertising cookies or cross-site tracking pixels. You can control cookie preferences through your browser settings.

9. Changes to This Policy

We may update this Privacy Policy as our services evolve. Changes will be posted on this page with an updated "Last updated" date. For significant changes, we will notify active users via the portal. Continued use of our services after changes constitutes acceptance of the updated policy.

10. Contact

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Privacy inquiries: [email protected]

General inquiries: [email protected]

Foxxflow
Cibolo, Texas, USA