Privacy Policy
Effective Date: April 1, 2026 | Entity: Standard Online LLC | Jurisdiction: Wyoming, USA
Legal text provided in English — the governing language of all agreements.
Data Controller
Standard Online LLC, 9440 Santa Monica Boulevard, Beverly Hills, CA 90210. Wyoming limited liability company. Contact: info@standard.online | (310) 299-5158.
Data We Collect
Name, email address, company name, phone number submitted via contact forms, diagnostic booking, or partner provisioning. Behavioral event data from deployed system instances including trial behavior signals, conversion events, and allocation interaction data. API integration data and webhook payloads transmitted between client trading infrastructure and Standard Online systems. Technical data including IP address, browser type, device fingerprint, and session metadata collected automatically via standard infrastructure logging.
Lawful Basis (GDPR Article 6)
Contractual necessity for all data processed in connection with active service agreements. Legitimate interests for behavioral signal processing within deployed system instances. Explicit consent for acquisition communications. Legal obligation for compliance and assessment documentation.
How We Use Your Data
Service delivery and system deployment. 48-hour install execution and KPI tracking across all four system pillars. Communication related to active engagements, assessment sessions, and system updates. Compliance documentation and assessment readiness reporting. System optimization based on aggregate performance patterns across isolated instances — no individual client data is used for optimization without explicit written authorization. AI model training disclosure: Standard Online does not use client proprietary data, competitive intelligence, or trading performance data to train AI models. All AI systems are trained on publicly available acquisition datasets and internally generated synthetic data.
Data Isolation Architecture
All partner data is logically isolated by tenant. Tenant scope is enforced at the database layer through Postgres row-level security policies on every tenant-bearing table; cross-tenant reads are not possible from tenant-facing code. The Swarm Integrity Code governs administrative access through an explicit, audit-logged staff-scope helper. Optional dedicated database deployments are available on request for tier-specific deployments.
Data Residency
US client data hosted on US-based infrastructure. EU/EEA client data hosted within the European Economic Area. Data does not cross jurisdictional boundaries without explicit written client authorization. Custom residency configurations available for Tier 2 and Tier 3 deployments.
Retention
Client data retained for active deployment period plus 90 days post-termination. Extended retention available upon written request for regulatory compliance purposes. Data destruction follows NIST 800-88 Rev 1 guidelines. Full data export available at any time during active engagement. Upon destruction, clients receive written confirmation of data elimination including timestamp and method of erasure.
Your Rights (GDPR)
Access, rectification, erasure, restriction of processing, data portability, and objection. Submit requests to info@standard.online. Response within 30 days. Identity verification required for erasure requests. Right to lodge a complaint with a supervisory authority — Standard Online cooperates fully with all EU data protection regulators and will provide necessary documentation upon request.
Data Processors
Standard Online engages third-party processors including cloud infrastructure providers, email service providers, and analytics platforms. All processors operate under Data Processing Agreements with equivalent data protection standards. Processor categories include: infrastructure hosting, email delivery, payment processing, and security monitoring. Sub-processor chain transparency: Standard Online maintains a current list of all sub-processors with geographic location and data handling scope. This list is available upon request and updated within 30 days of any sub-processor change.
Cookies
Session cookies for Control Plane authentication. Analytics cookies for system performance monitoring. No third-party advertising cookies deployed on standard.online. Cookie consent managed per applicable jurisdiction requirements. Cookie categories: Essential (required for Control Plane access and security), Performance (anonymized system monitoring), Functional (preference storage). Opt-out mechanism: Essential cookies cannot be disabled. Performance and functional cookies can be managed through browser settings or by contacting info@standard.online.
Security
AES-256 encryption at rest for all stored data. TLS 1.3 for all data in transit. Role-based access control with principle of least privilege. Multi-factor authentication required for all administrative access. Annual third-party penetration testing with full remediation of critical findings within 72 hours. Continuous security monitoring with automated anomaly detection. Backup encryption and geographically distributed disaster recovery.
Data Processing Agreements
DPAs available upon request for all EU/EEA clients. Contact info@standard.online to initiate.
Updates
This policy updates when operational or legal requirements change. Material changes communicated to active partners via registered email. Continued engagement constitutes acceptance of updated terms.
Standard Online LLC — 9440 Santa Monica Boulevard, Beverly Hills, CA 90210 | Wyoming LLC | Privacy-by-Design Operations