LaserSell

Privacy Policy

Last updated: February 26, 2026

Version: 2026-02-26

This Privacy Policy describes how XEN LLC d/b/a LaserSell (“Company,” “we,” “us”) collects, uses, and shares information when you use our websites and LaserSell services (collectively, the “Services”). By using the Services, you agree to the practices described in this Privacy Policy.

1. Who We Are

Company: XEN LLC (d/b/a LaserSell)

Address: 5005 W Laurel Suite 100 #1282, Tampa, FL 33607, USA

Support Contact: support@lasersell.io

Security Contact: security@lasersell.io

2. Scope

This Privacy Policy applies to our websites (including www.lasersell.io and our dashboard at app.lasersell.io), our documentation site (docs.lasersell.io), our API and streaming services (api.lasersell.io and stream.lasersell.io), as well as our community and support channels (such as Discord and Telegram).

3. Information We Collect

3.1 Account and Authentication Information

  • Account Credentials. When you register on app.lasersell.io, we collect your email address and securely manage your authentication via our infrastructure provider (Supabase).
  • OAuth Data. If you choose to authenticate using a third-party provider (GitHub, X/Twitter, or Google), we receive strictly limited default profile information (such as your email address, name, and profile picture) required to establish your session.
  • Multi-Factor Authentication (MFA). We support App-Based Time-Based One-Time Passwords (TOTP) for MFA. We do not collect or store phone numbers for SMS verification.

3.2 Purchase and Billing Information

  • Stripe Checkout Data. We use Stripe to process payments for our tiered subscription plans. We receive payment confirmation, subscription status, and billing details required to grant API access and manage your tier. We do not process or store your raw credit card numbers on our servers.

3.3 API, Stream, and Trading Activity Data

  • API Routing and Telemetry. Our transaction building API (api.lasersell.io) securely logs relevant diagnostic identifiers (such as your Solana wallet public key) to assist with debugging, customer support, and infrastructure monitoring.
  • WebSocket Stream Activity. Our execution intelligence stream (stream.lasersell.io) processes live market data. As the platform evolves, we plan to log specific trading activity tied to your API keys—such as Profit and Loss (PnL), configuration settings, trading duration, trading frequency, and associated wallet addresses—to provide historical analytics, enforce tier limits, and prevent abuse.
  • API Keys. We generate and store encrypted API keys within your account to authenticate your requests to our endpoints.

3.4 Support, Security, and Enterprise Intake

  • Enterprise Onboarding. If you apply for an Enterprise plan via Typeform, we collect business information including your name, email, phone number, company name, website, business category, estimated volume, active user counts, and business objectives.
  • Support Communications. If you contact us via email, Discord, or Telegram, we collect the contents of your messages and any identifiers associated with your platform account.
  • Security Reports. Information submitted to our security team, including encrypted payloads sent using our public PGP key.

3.5 Usage Data, Logs, and Cookies

  • Essential Cookies and Local Storage. The app.lasersell.io dashboard strictly uses essential cookies and local storage necessary for session management, user authentication, and security.
  • Analytics. We use Google Analytics on our marketing site (www.lasersell.io) and our documentation site (docs.lasersell.io) to understand visitor traffic. We do not deploy Google Analytics on the authenticated application dashboard.
  • Server and Error Logs. Our servers log diagnostic data (such as IP addresses, user-agents, request timestamps, and error traces) to monitor platform health, enforce rate limiting, and prevent fraudulent activity.

4. How We Use Information

  • To authenticate your account, process tiered subscription payments, and manage your API keys.
  • To provide access to the transaction building API and WebSocket intelligence streams.
  • To evaluate Enterprise applications and provision custom infrastructure.
  • To provide technical support and respond to security vulnerability reports.
  • To monitor, maintain, debug, and secure the infrastructure against automated abuse.
  • To comply with legal obligations and enforce our Terms of Service.

5. How We Share Information

We may share information with the following categories of service providers to operate our business:

  • Payment Processing: Stripe (to process checkout and manage recurring subscriptions).
  • Infrastructure and Authentication: Supabase (for database hosting, edge functions, and user authentication management).
  • Telemetry and Log Management: Better Stack (to aggregate and securely store server logs, monitor system health, and debug issues within the United States).
  • Intake and Communications: Typeform (for Enterprise lead intake) and our transactional email providers.
  • Community Platforms: Discord and Telegram (for community engagement and support).
  • Blockchain Infrastructure: RPC nodes and public Solana endpoints used to resolve on-chain data. When you submit transactions, public blockchain networks may expose wallet addresses and transaction hashes.
  • Legal and Safety: We may disclose information to comply with the law, protect users, prevent fraud, and defend our rights.

No Sale of Personal Data. We do not sell your personal information. Furthermore, we do not sell your API usage or trading data to data brokers, nor do we use this data for targeted advertising.

6. Data Retention

We retain your account and billing information for as long as your account is active or as needed to provide the Services, resolve disputes, and comply with legal obligations. Server logs, error traces, and telemetry are routinely cycled or anonymized in accordance with our operational security practices.

7. Your Choices and Rights

  • Account Management: You may update your authentication methods, manage your subscriptions, and regenerate your API keys directly from the app.lasersell.io dashboard.
  • Access and Deletion: You may request access to, correction of, or deletion of your personal information by contacting support@lasersell.io.
  • Communications: We may send transactional notices regarding your subscription or security updates.

8. Security and Vulnerability Reporting

We implement robust administrative, technical, and organizational measures—including API key encryption and strict session management—to protect your data. However, no internet transmission is entirely secure.

If you are a security researcher and have found a vulnerability, please report it to security@lasersell.io. You can find our public PGP key for secure, encrypted communications at www.lasersell.io/lasersell-pgp-key.asc.

9. International Transfers

If you access our Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other jurisdictions where our service providers operate, which may have different data protection laws than your home country.

10. Children’s Privacy

The Services are strictly intended for users 18 years of age and older. We do not knowingly collect personal information from children.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time as we release new features or change our business practices. We will notify you of any material changes by updating the “Last updated” date at the top of this policy or via an in-app notice.

12. Contact

If you have questions about this Privacy Policy, please contact us at support@lasersell.io.