Trust & Security

KoinIQ is non-custodial. We analyze your portfolio with read-only access, never moving funds. Below is how we handle data, protect privacy, and how to contact us for security matters.

At a glance

  • Read-only connections — no trading, no transfers, no withdrawals.
  • Minimal data collection — used only for analytics and personalization.
  • Industry-standard encryption in transit and at rest.
  • No custodial control — we never hold your private keys or assets.
  • Delete or disconnect anytime.

Read-Only Access

KoinIQ connects via read-only wallet permissions and, where applicable, read-only exchange APIs. We cannot transfer, trade, or withdraw your assets. We never request or store private keys, seed phrases, or signing authority. You can revoke access at any time from your wallet/exchange or within KoinIQ.

Data Handling & Retention

We store only what’s needed to power portfolio analytics and personalize your experience (e.g., balances, token identifiers, basic account preferences). We do not store wallet private keys or sensitive signing material.

  • Purpose-limited: Data is used for performance analytics, feature reliability, and personalization.
  • Retention: We retain your data while your account is active. When you disconnect a source or delete your account, associated data is removed from active systems; limited backups may persist briefly as part of routine disaster-recovery cycles.
  • Your control: You can request data deletion at any time by emailing security@koiniq.com. We’ll confirm when the request is complete.

Security Practices

  • Encryption: All connections are protected with modern TLS; data at rest is encrypted. Wallet data is never stored in plain text.
  • Non-custodial by design: KoinIQ provides analytics only. We do not take custody of funds or keys.
  • Least-privilege access: Strict role-based access controls, audit logging, and secrets management.
  • Secure development lifecycle: Code review, dependency monitoring, and routine patching.
  • Vendor due diligence: Third-party providers are assessed for equivalent security controls.
  • Incident response: We monitor for anomalies and follow a documented process to investigate, contain, and notify affected users where required by law.

Contact for Security or Privacy Issues

If you believe you’ve found a vulnerability or have a privacy concern, please contact us:

Email: security@koiniq.com

Responsible Disclosure (guidelines)
  • Share steps to reproduce and the affected area; do not access other users’ data.
  • No DDoS, social engineering, or privacy-impacting tests against live users.
  • Allow a reasonable time for us to investigate and remediate before public disclosure.
  • If you need to exchange sensitive details, request our PGP key in your email.

KoinIQ is committed to transparency and user control. This page will be updated as our practices evolve.

Last updated:

Scroll to Top