Helvetic Broker

Key Security Practices

At Helvetic Broker, your security is our top priority. Here’s how we protect your data and your experience.

At Rest: All sensitive data, including API keys, is encrypted using AES-256.
In Transit: All communications use TLS/HTTPS to ensure your data is protected from interception.

We use secure authentication methods such as OAuth2 and industry-standard protocols.
Our authentication system is powered by Firebase Authentication, providing robust security for user sign-in and account management.
User sessions are managed securely and never expose sensitive information.

No secrets are ever stored in your browser or mobile device.
All API keys are processed and encrypted (AES-256) on secure backend infrastructure.
Only read-only API keys are accepted—never provide withdrawal or trading permissions.

We are fully compliant with GDPR, Swiss, EU, and crypto industry standards.
We never store or hold user funds. Helvetic Broker is a portfolio tracking and informational platform. We do not execute, transfer, or custody any funds on behalf of users.
All API keys provided by users are strictly read-only, ensuring we can only retrieve data and cannot perform any transactions.
We may help prepare unsigned transaction suggestions (e.g., for DEX interactions), but the user must always execute the final action themselves in their own wallet or third-party service.
See our regulatory status and licenses

We use trusted cloud providers with robust physical and network security.
Our infrastructure is built on Google Cloud, Firebase, and protected by Cloudflare for enhanced security, reliability, and DDoS protection.
Firewalls, DDoS protection, and continuous monitoring are in place to protect our infrastructure.

Your security is our mission. If you have any questions or concerns, contact our support team.