EN flag

Security Policy

At Psyll.com, protecting your account and personal data is one of our highest priorities. This Security Policy explains in detail the measures we take to safeguard your information, the technologies we use, and the actions you can take to maintain the highest level of security for your account. By using Psyll, you acknowledge and agree to follow these guidelines, which are designed to create a safe and reliable environment for trading, account management, and data handling.

We believe security is a shared responsibility. While Psyll provides advanced tools and systems to protect your account, your vigilance and adherence to best practices are essential to maintain your account’s safety.

1. Two-Factor Authentication (2FA)

We strongly recommend that all users enable two-factor authentication (2FA) for their accounts. 2FA adds an extra layer of protection by requiring a one-time password generated by an authenticator app in addition to your regular login credentials.

  • 2FA ensures that even if your password is compromised, unauthorized access to your account is prevented.
  • Recovery codes are provided when setting up 2FA; store them securely in case you lose access to your device.
  • Accounts without 2FA may be more vulnerable to attacks and could have limited access to certain premium features or security-sensitive actions.
  • Psyll may require 2FA for sensitive account operations, such as confirmations, API key management, or subscription changes.

2. Strong Passwords

Using a strong, unique password is the first line of defense for your account. We recommend the following:

  • Passwords should be at least 8 characters long, with a combination of uppercase and lowercase letters, numbers, and special characters.
  • Never reuse passwords from other platforms, especially email accounts or financial services.
  • Update your password periodically to reduce the risk of compromise.
  • Psyll stores all passwords securely using industry-standard hashing and encryption methods to prevent unauthorized access, even in the unlikely event of a data breach.

3. Correspondence Codes

For critical communications, Psyll uses unique correspondence codes sent to your registered email address. These codes help you confirm that messages you receive are authentic and sent by Psyll.

  • Always verify the code in official communications before taking action.
  • Never share your correspondence code with anyone, including support staff.
  • Correspondence codes help prevent phishing attempts and ensure the legitimacy of account-related instructions.

4. Access Control & Login History

Psyll employs advanced access control systems to monitor all account logins and sensitive operations:

  • Every login attempt is logged, including the IP address, location, device type, and timestamp.
  • Users can review their login history in the Security / Login History section to spot any suspicious activity.
  • Unusual activity triggers alerts, temporary access restrictions, or mandatory verification steps to protect your account.
  • We continuously monitor for suspicious patterns to proactively prevent unauthorized access.

5. Account Protection Best Practices

To maximize the security of your account, we advise:

  • Securing your email account linked to Psyll, as it is the primary method for account recovery and notifications.
  • Never sharing passwords, API keys, or 2FA codes with anyone.
  • Logging out from devices you do not control or shared devices.
  • Regularly reviewing account activity, notifications, and settings.
  • Immediately reporting any suspicious activity or suspected compromise to Psyll support.

6. API Keys & Trading Bot Access

API keys and trading bot credentials are stored securely and encrypted to prevent unauthorized access.

  • Private Keys are never displayed in plain text, and access is limited to authorized actions only.
  • Users are responsible for ensuring their API keys are used correctly within the Psyll platform.
  • Misuse or compromise of API keys can result in unauthorized transactions or exposure of sensitive account data.

7. Data Breach Protocol

In the unlikely event of a data breach, Psyll follows strict protocols:

  • Affected users are notified promptly, in accordance with GDPR and other applicable regulations.
  • You may be required to reset your password, re-enable 2FA, or confirm account details.
  • We investigate all security incidents thoroughly to prevent future occurrences and improve our systems.

8. System Notifications & Alerts

Psyll maintains logs of system notifications and alerts related to account activity, security events, and service updates.

  • Users are encouraged to review notifications regularly.
  • Alerts about suspicious logins, failed authentication attempts, or system updates help you respond promptly to potential threats.
  • Notifications are automatically retained for a limited time, typically one month, to balance security monitoring and data privacy.

9. Subscription & Account Expiration

Subscription-related data, including PRO expiration dates and account access settings, is securely stored:

  • PRO subscription expiration details help manage access to premium features.
  • Stored data is automatically deleted upon subscription expiration or account deletion, in compliance with GDPR.

10. User Responsibilities

Your account’s security depends on your adherence to the following responsibilities:

  • Maintain the confidentiality of your passwords, API keys, and authentication codes.
  • Enable and use 2FA whenever possible.
  • Review account activity and promptly report suspicious events.
  • Avoid phishing attempts and always verify communications using correspondence codes.
  • Keep your contact and recovery information up-to-date.

11. Updates to this Policy

Psyll regularly reviews and updates this Security Policy to reflect evolving security standards, regulatory requirements, and new features:

  • Users are encouraged to review this page periodically.
  • Continued use of Psyll indicates acceptance of any updated policies or guidelines.

Conclusion

Securing your account and data is a collaborative effort between Psyll and its users. By following these guidelines and using our tools, you can maintain a safe, reliable, and compliant environment for trading, managing subscriptions, and accessing your personal data. We are committed to continuously improving our security practices to protect your information and provide peace of mind.