Privacy Policy

1. Who we are

HedgePilot is a macOS application developed and published by HighRoad Software, a software company registered in Belgium. We build tools for independent investors and researchers who want AI-assisted analysis on their own hardware.

When this policy refers to "we," "us," or "HighRoad Software," it means HighRoad Software. When it says "the app" or "HedgePilot," it means the macOS desktop application.

2. What we collect

License validation

When you activate a paid license, the app sends your license key to our licensing server to verify its validity and tier. The server records the key hash, activation timestamp, and the number of active installations. No personal name, email address, or payment detail is sent from the app itself — those are handled entirely by our payment processor (see §5).

Crash reports (opt-in)

If macOS crash reporting is enabled on your system, Apple may forward anonymized crash logs to us through App Store Connect. These logs contain stack traces and device type (e.g., "Apple M2, macOS 15.4") but no personally identifiable information. You can disable this in System Settings → Privacy & Security → Analytics & Improvements.

3. What we do not collect

HighRoad Software does not collect, receive, or process any of the following:

• Your portfolio holdings, trades, or financial positions
• Your research runs, AI outputs, or analysis results
• Your watchlists or ticker selections
• Your API keys (OpenAI, Yahoo Finance, Whale Alert, Infura, FRED)
• Your brokerage credentials or account identifiers
• Your IP address (beyond what any HTTPS connection inherently carries)
• Behavioral telemetry, feature-usage events, or session recordings

The app is designed from the ground up so that sensitive data never leaves your machine en route to HighRoad infrastructure.

4. Local data storage

macOS Keychain

API keys you enter in Settings are stored exclusively in the macOS Keychain, protected by your system credentials. HighRoad Software cannot access your Keychain. The keys are used locally to make API calls on your behalf directly from your machine to the respective third-party services.

Application data

Run history, watchlists, strategy scripts, backtest results, and all other application state are stored in the app's sandboxed container on your local disk. They are not synced to any HighRoad server.

Local AI models

If you download a local AI model through the app, the model files are stored in a folder you designate on your local disk. Inference runs entirely on your machine using the MLX framework. No prompts or outputs are sent to HighRoad Software.

Deleting your data

Uninstalling the app removes its sandboxed container. To also remove Keychain entries, open the Keychain Access app and delete items labelled "HedgePilot." If you have an active license, contact support@highroadsoftware.com to request deactivation of your license key.

5. Third-party services

HedgePilot integrates with several third-party services using API keys you supply. When you run a research analysis, the app makes calls directly from your machine to these services. Your use of those services is governed by their own privacy policies:

• OpenAI — used for cloud LLM inference when you select the Cloud routing mode. OpenAI's privacy policy governs how they handle prompts you send.
• Yahoo Finance (unofficial) — used for free-tier market data. No API key required; standard HTTPS requests are made from your machine.
• Financial Datasets API — used for premium OHLCV data and fundamentals. Requests are authenticated with your key and sent directly from your device.
• Whale Alert — used for on-chain transaction monitoring. Requests are authenticated with your key and sent directly from your device.
• Infura — used for Ethereum node access. Requests use your key and originate from your device.
• FRED (St. Louis Fed) — used for macroeconomic data. Requests are authenticated with your key and sent directly from your device.
• Alpaca / Interactive Brokers / Coinbase — optional brokerage integrations for paper and live trading. Credentials are stored in your Keychain and used only when you initiate an action.

HighRoad Software does not proxy, log, or store any data exchanged between your machine and these services.

Payment processing

License purchases are handled by the App Store (Apple) or Gumroad, depending on the channel. HighRoad Software does not process or store payment card information. Refer to Apple's and Gumroad's privacy policies for details.

6. Analytics and diagnostics

The app does not include any third-party analytics SDK (e.g., Mixpanel, Amplitude, Firebase). We do not track feature usage, button clicks, or navigation patterns.

The only diagnostic data we may receive is through Apple's opt-in crash reporting system described in §2.

7. Children's privacy

HedgePilot is a professional financial research tool intended for adults. The app is not directed at children under 13 (or under 16 in the EU/EEA). We do not knowingly collect personal information from children. If you believe a child has provided information through the app, contact us at privacy@highroadsoftware.com and we will investigate promptly.

8. Your rights

Because we hold minimal personal data (only your license key hash and any crash logs forwarded by Apple), the practical scope of data-subject rights is narrow. Nevertheless, you may:

• Request deletion of your license key records by contacting us. This will deactivate your license.
• Request a copy of any data we hold linked to your license key.
• Object to processing — disabling Apple crash reporting (see §2) opts you out of diagnostic data entirely.

Residents of the European Economic Area have additional rights under the GDPR, including the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is the Belgian Data Protection Authority (Autorité de protection des données).

To exercise any right, email privacy@highroadsoftware.com. We respond within 30 days.

9. Changes to this policy

We may update this policy when we add new features or integrations. Material changes will be noted in the app's release notes and reflected in the "Effective date" at the top of this page. Continued use of the app after the effective date constitutes acceptance of the updated policy.

10. Contact

Questions about privacy, data deletion requests, or GDPR inquiries: