Privacy Policy

How we protect your personal information in compliance with Kenyan law and Islamic finance principles.

Last updated: April 2026
Kenya Data Protection Act (DPA) 2019 Compliant

1. Who We Are

AutoNom Trading is a Sharia-compliant copy trading service based in Mombasa, Kenya. We connect your Islamic swap-free broker account to our EA/AI master account. When we trade, your account copies automatically.

We are a data controller under the Kenya Data Protection Act (DPA) 2019. This means we decide how and why your personal data is processed.

📍 Our Contact Details:
AutoNom Trading
Bawazir Complex, Mombasa, Kenya
privacy@autonom.trading
+254 702 112909

2. Information We Collect

To provide our copy trading services, we collect the following information:

Category Examples Why We Need It
Identity Full name, phone number, email address, government ID Verify your identity (KYC)
Financial Bank account details, payment information Process your $335 registration and $35 monthly fees
Trading MT5 login credentials, trading history, position sizes Provide copy trading service and improve our EA/AI
Verification Proof of address, source of funds documents Comply with anti-money laundering requirements
Technical IP address, browser type, device information Secure our platform and prevent fraud

Islamic Compliance Note: We also collect confirmation of your swap-free account status to ensure all trades comply with Sharia principles.

3. How We Use Your Information

We process your personal data only for legitimate business purposes:

  • To provide our service — Execute trades, manage your account, and enable copy trading
  • To process payments — Collect your $335 upfront and $35 monthly subscription fees
  • To verify your identity — Meet KYC/AML legal requirements
  • To improve our EA/AI — Analyze trading patterns to optimize performance
  • To communicate with you — Send account updates, performance reports, and support responses
  • To secure our platform — Prevent unauthorized access and detect fraud
  • To comply with Kenyan law — Tax reporting and regulatory obligations

Legal Basis (Kenya DPA 2019): We process your data based on:

  • Contract — To provide the service you requested
  • Legal obligation — For KYC, tax, and regulatory requirements
  • Legitimate interest — To improve and secure our service
  • Consent — For optional communications (you can withdraw anytime)

4. Who We Share Your Data With

We never sell your personal information. We share data only when necessary to provide our service or comply with the law:

  • Your Broker — AvaTrade Kenya, IC Markets, or your chosen Islamic broker (for trade execution). All trading is done via read-only API — we cannot withdraw your funds.
  • Payment Processors — To process your registration and monthly fees (encrypted, no data storage)
  • Cloud Infrastructure — Secure hosting providers (data protection agreements in place)
  • Kenyan Authorities — If required by law (court order, tax audit, anti-money laundering investigation)
  • Sharia Supervisory Board — Anonymized data for Islamic compliance certification

All third parties are under strict confidentiality agreements and only process data for the specific purposes outlined above.

5. How We Protect Your Data

We take security seriously. Your funds stay in YOUR control through read-only API access — we can copy trades but cannot withdraw money. Your data is protected by:

  • Encryption in transit — TLS 1.3 with 256-bit SSL for all data transmission
  • Encryption at rest — AES-256 for stored trading credentials
  • Read-only API access — We can execute trades but cannot withdraw funds
  • Access controls — Only authorized personnel can access your data
  • Regular updates — Security patches and vulnerability monitoring

Important: Your money never leaves your broker account. AutoNom only has trade-copying access — no withdrawal capability.

6. How Long We Keep Your Data

We keep your data only as long as necessary:

Data Type Retention Period Reason
Active account data Duration of your subscription + 30 days To provide ongoing service
Trading records 5 years after account closure Kenyan tax and regulatory requirements
KYC/ID documents 5 years after account closure Anti-money laundering compliance
Islamic compliance records 5 years after account closure Sharia audit requirements
Communication logs 2 years Customer support and dispute resolution
Inactive accounts Deleted after 2 years of no login Data minimization

After retention periods expire, data is securely deleted from our systems.

7. Your Legal Rights (Kenya DPA 2019)

Under Kenyan law, you have the following rights regarding your personal data:

  • Right to Access — Request a copy of all data we hold about you
  • Right to Rectification — Correct inaccurate or incomplete information
  • Right to Erasure (Right to be Forgotten) — Request deletion of your data (subject to legal retention requirements)
  • Right to Restrict Processing — Limit how we use your data in certain circumstances
  • Right to Data Portability — Receive your data in a machine-readable format
  • Right to Object — Object to processing based on legitimate interests, including marketing
  • Right to Withdraw Consent — Withdraw any consent you've given at any time

How to exercise your rights:
Email us at privacy@autonom.trading with "Data Subject Request" in the subject line. We will verify your identity and respond within 30 days (as required by the Kenya Data Protection Act). All requests are free of charge.

If you are unsatisfied with our response, you have the right to lodge a complaint with the Office of the Data Protection Commissioner (ODPC) at www.odpc.go.ke.

8. Cookies & Tracking

We use essential cookies only to keep you logged in and secure your session. We do not use tracking cookies or sell your browsing data.

Cookie Type Purpose Duration Required?
Session Keep you logged in Until you log out Yes
Security Prevent fraud and protect against attacks Session Yes

You can disable cookies in your browser settings, but this may affect functionality (you may need to log in more frequently).

9. Children's Privacy

Our services are for adults aged 18 years and above. We do not knowingly collect data from anyone under 18. If we become aware of such data, we will delete it immediately.

10. Changes to This Privacy Policy

We may update this policy occasionally to reflect changes in the law or our practices.

  • Minor changes: Updated on this page with a new "Last updated" date
  • Material changes: We will notify you by email at least 14 days before the changes take effect

Continued use of our services after changes constitutes acceptance of the updated policy. If you disagree with changes, you may close your account and request data deletion.

11. Contact Us

📧 Data Protection Questions

Email: privacy@autonom.trading

☪️ Sharia Compliance Questions

Email: sharia@autonom.com

📍 Postal Address

AutoNom Trading
Bawazir Complex
Mombasa, Kenya

📞 Phone

+254 702 112909

Complaints: If you believe we have not handled your data properly, you have the right to complain to the Office of the Data Protection Commissioner (ODPC) at www.odpc.go.ke.

Risk & Sharia Compliance Notice: Forex trading involves substantial risk and may not be suitable for all investors. Our platform has been reviewed for compliance with Islamic finance principles. Past performance is not indicative of future results.