LaserSell is built on a “least privilege” network philosophy. For the desktop app and API/SDK clients, all trade construction and signing happen locally on your machine. For the web app, signing is handled by Privy’s Trusted Execution Environment (TEE). We only transmit data strictly necessary to authenticate your account, provide API services, and power the platform. This page summarizes what data leaves your machine and where it goes. The full legal privacy policy is at lasersell.io/privacy.Documentation Index
Fetch the complete documentation index at: https://docs.lasersell.io/llms.txt
Use this file to discover all available pages before exploring further.
What stays local (zero access)
These never leave your machine:| Data | Details |
|---|---|
| Private keys & seed phrases | Desktop: encrypted on your disk in the keystore, never transmitted. Web app: stored in Privy’s TEE, never accessible to LaserSell servers. |
| Strategy configuration | Desktop: runs entirely locally. Web app: stored in our database to maintain your session across browser visits. |
| Trade construction & signing | Desktop: transactions built and signed on your machine. Web app: transactions built server-side, signed by Privy’s TEE, submitted via LaserSell’s RPC. |
What we collect
Authentication & accounts
- Email and credentials: stored in Supabase for account authentication on app.lasersell.io.
- Profile pictures: stored in Supabase Storage if you upload one. You can remove or replace it anytime.
- OAuth profile data:if you sign in via GitHub, X/Twitter, or Google, we receive limited profile info (no passwords).
- MFA:TOTP-based. We do not collect phone numbers.
API & trading activity
- Wallet public keys:sent to the LaserSell API for authentication and session identification.
- API keys:stored encrypted for endpoint authentication.
- Trading activity:as the platform evolves, we plan to log activity tied to your API keys (PnL, configuration, trading frequency, wallet addresses) to improve the product and provide analytics.
Payments
- Stripe handles all payment processing. We do not store raw credit card numbers on our servers.
Technical data
- IP addresses, user-agents, timestamps, and error traces:collected in server logs for infrastructure monitoring and abuse prevention.
- Google Analytics:used on marketing and documentation sites only, not on the authenticated dashboard.
- Essential cookies and local storage:used on app.lasersell.io for session management.
Network connections
When the LaserSell client is running, it establishes outbound connections to:1. Solana network (your RPC)
- Destination: Your configured RPC provider (e.g., Helius, Chainstack).
- Purpose: Reading on-chain data (prices, bonding curves) and broadcasting signed transactions.
- Note: Your RPC provider can see your IP address and the requests you make.
2. Transaction sender (if applicable)
- Destination: Depends on your
send_targetsetting:Helius sender, Astralane, or direct RPC. - Purpose: Broadcasting your locally-signed transactions for fast on-chain landing.
- Note: The sender sees the signed transaction payload.
3. LaserSell API
- Destination:
api.lasersell.app - Purpose: Authentication, license verification, and the Exit Intelligence Stream (WebSocket).
Third-party services
We share data with these providers to operate the platform:| Provider | Purpose |
|---|---|
| Stripe | Payment processing and referral commission payouts (Stripe Connect) |
| Privy | Wallet key management in Trusted Execution Environments (web trading) |
| Supabase | Database and authentication |
| Better Stack | Log management (U.S.) |
| Typeform | Enterprise intake applications |
| Solana RPC nodes | On-chain data resolution |
Data retention
- Account and billing data is retained while your account is active.
- Server logs are routinely cycled or anonymized per operational security practices.
Your rights
- Update your authentication methods and API keys via the dashboard.
- Request access to, correction of, or deletion of your data by emailing support@lasersell.io.