Helious Privacy Policy
Last updated: 1 July 2026
Introduction
This Privacy Policy explains how we collect, use, share and protect your personal data when you use Helious, our real-time markets terminal, together with our websites at helious.io and helious.news, our applications and our live audio "squawk" feed (together, the Service).
It applies to you whether you use our Free tier or our Pro subscription, and it forms part of, and should be read alongside, our Terms and Conditions.
We are committed to protecting your personal data and handling it in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read this policy carefully so that you understand what we do with your information and the rights you have.
Last updated: 1 July 2026.
1. Who we are (data controller)
The Service is operated by TradeIQ Ltd ("Helious", "we", "us" or "our"), a company registered in Scotland under company number SC831617, whose registered office is at Clyde Offices, 2nd Floor, 48 West George Street, Glasgow, Glasgow City, Scotland, G2 1BP.
For the personal data described in this policy, TradeIQ Ltd is the data controller — meaning we decide how and why your personal data is processed.
If you have any questions about this policy or about how we handle your personal data, you can contact us at support@helious.io or by writing to us at the registered office address above.
2. The personal data we collect
We collect and process the following categories of personal data:
- Account and identity data — such as your name, email address and, optionally, your phone number. You can use the Service without providing a phone number; where you choose to give it, we use it for account security and support.
- Authentication data — where you sign in using a third-party provider such as Google or Microsoft (OAuth), we receive limited profile information from that provider, typically your name, email address and a unique account identifier. We also store credentials you create with us, such as a securely hashed password.
- Subscription and payment data — if you subscribe to our Pro tier, your card payment is processed by our third-party payment processor, StringIQ (stringiq.net). We receive confirmation of payment and limited billing details (for example the outcome of a transaction and partial card information), but we do not collect or store your full card number, which is handled directly by the payment processor under its own privacy policy and applicable card-industry security standards.
- Usage, device and log data — such as your IP address, device and browser type, operating system, approximate location derived from your IP address, the features, feeds and pages you view, timestamps, and diagnostic and event logs generated when you use the Service.
- Communications data — the content of messages you send us, for example support requests, emails and other correspondence, and our replies.
- Cookies and similar technologies — information collected through cookies and similar technologies as described in section 4 below.
Some data is required to provide the Service (for example your email address and account credentials). Other data is optional, and you can choose whether to provide it.
3. How and why we use your data (and our lawful bases)
We only use your personal data where the law allows us to. The table below sets out what we use your data for, and the lawful basis under the UK GDPR that we rely on for each purpose.
- To create and administer your account, deliver the Helious real-time data, calendar, news, commentary, sentiment signals and squawk feed, and to manage your subscription, billing and renewals. Lawful basis: performance of our contract with you.
- To keep the Service secure, prevent and detect fraud and misuse, diagnose and fix problems, understand how the Service is used, and improve and develop our features and analytics. Lawful basis: our legitimate interests in operating a secure, reliable and improving Service, balanced against your rights and interests.
- To send you service-related messages (for example about security, changes to the Service, or your subscription). Lawful basis: performance of our contract and/or our legitimate interests in communicating with you about the Service.
- To send you optional marketing communications and to set non-essential cookies or analytics that require it. Lawful basis: your consent, which you can withdraw at any time.
- To keep accounting, tax and transaction records, and to respond to lawful requests from authorities, courts or regulators. Lawful basis: compliance with a legal obligation.
Where we rely on legitimate interests, we have carried out a balancing exercise to make sure our interests do not override your rights and freedoms. You have the right to object to processing based on legitimate interests — see section 9. Where we rely on consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before you withdrew it.
4. Cookies and similar technologies
We use cookies and similar technologies (such as local storage and pixels) to make the Service work, to keep it secure, and — with your consent where required — to measure and improve it. We group them as follows:
- Strictly necessary / essential — needed to deliver a service you have asked for, such as signing you in, maintaining your session, load-balancing and protecting security. These are set without your consent because the Service cannot function properly without them.
- Functional and low-risk measurement — used to remember your preferences and to measure the performance and reliability of the Service, relied upon under the applicable exemptions where the statutory conditions are met.
- Analytics and advertising cookies that are not exempt — set only where you have given your prior consent.
Where we ask for consent, it is freely given, specific, informed and unambiguous: we do not use pre-ticked boxes, we give "Accept" and "Reject" equal prominence, and you can change or withdraw your preferences at any time through our cookie settings. For more detail, please see our cookie settings and any separate cookie information we make available.
5. Who we share your data with
We do not sell your personal data. We share it only where necessary, and with appropriate safeguards, in the following ways:
- Service providers acting as our processors, who process personal data on our instructions under written data-processing terms, by category: cloud hosting and infrastructure; database services; transactional and marketing email delivery; our payment processor; product and website analytics; and the identity and sign-in providers (Google, Microsoft) that you choose to use for authentication.
- Professional advisers, such as our lawyers, accountants and auditors, where reasonably necessary.
- Authorities, courts and regulators, where we are required to do so by law, or to establish, exercise or defend legal claims, or to protect the rights, safety or property of TradeIQ Ltd, our users or others.
- A buyer or successor, in connection with any merger, acquisition, reorganisation or sale of assets, subject to appropriate confidentiality protections.
Our providers are contractually bound to keep your personal data secure and to use it only for the purposes we specify.
6. International transfers
Some of our service providers process personal data outside the United Kingdom. Whenever we transfer your personal data internationally, we make sure it is protected by an appropriate legal safeguard.
Depending on the destination, we rely on UK "adequacy" regulations for that country or, where no adequacy decision applies, we put in place appropriate safeguards — such as the ICO's International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses (SCCs) — together with a transfer risk assessment where appropriate.
You can ask us for more information about the safeguards we use by contacting us at support@helious.io.
7. How long we keep your data (retention)
We keep your personal data only for as long as we need it for the purposes set out in this policy, and then we delete or anonymise it. In particular:
- Account and profile data — kept for as long as your account is active, and then deleted or anonymised within a reasonable period (typically 30 to 90 days) after your account is closed, unless we need to keep it longer for a reason below.
- Billing, transaction and tax records — kept for as long as required to meet our accounting and legal obligations (generally 6 to 7 years).
- Security, technical and event logs — kept for a limited period appropriate to security, diagnostics and abuse prevention.
- Support communications — kept for as long as needed to handle your query and for a reasonable period afterwards for our records.
Where we cannot give an exact period, we use clear criteria to decide how long to retain the data, such as the nature of the data, the purpose for which we hold it, and any legal or regulatory requirements.
8. How we protect your data (security)
We use appropriate technical and organisational measures to protect your personal data, including encryption of data in transit (TLS), hashing of passwords, access controls on a least-privilege basis, logging and monitoring, and the use of vetted providers bound by written security obligations.
No method of transmission or storage is completely secure, so while we work hard to protect your personal data, we cannot guarantee absolute security. If you believe your account or data has been compromised, please contact us immediately at support@helious.io.
9. Your rights under UK GDPR
You have the following rights in relation to your personal data:
- Access — to ask for a copy of the personal data we hold about you.
- Rectification — to ask us to correct data that is inaccurate or incomplete.
- Erasure — to ask us to delete your personal data in certain circumstances.
- Restriction — to ask us to limit how we use your data in certain circumstances.
- Portability — to receive certain data in a structured, commonly used, machine-readable format, or to have it transferred to another provider where technically feasible.
- Objection — to object to processing based on our legitimate interests, and to object at any time to the use of your data for direct marketing.
- Withdraw consent — where we rely on your consent, to withdraw it at any time (without affecting processing already carried out).
You also have rights in relation to any automated decision-making. To exercise any of these rights, email us at support@helious.io. We will respond within one month, though we may extend this where a request is complex, in which case we will let you know. There is normally no charge, and we may need to verify your identity before acting on your request.
10. Complaints and the ICO
If you have a concern about how we handle your personal data, please contact us first at support@helious.io so that we can try to put things right.
You also have the right to complain to the Information Commissioner's Office (ICO), the UK's data protection regulator, at ico.org.uk, by telephone on 0303 123 1113, or by post at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. We would, however, appreciate the chance to address your concerns before you approach the ICO.
11. Children
Helious is intended only for adults aged 18 or over. The Service is not directed at children, and we do not knowingly collect personal data from anyone under 18.
If we become aware that we have collected personal data from a person under 18, we will delete it. If you believe that a child has provided us with personal data, please contact us at support@helious.io.
12. Third-party links
The Service may link to, or embed content from, third-party websites and services — for example our sign-in and payment providers, and external market data and news sources.
We are not responsible for the content, availability or privacy practices of those third parties. This policy does not cover their processing of your personal data, so we encourage you to review their own privacy policies before using them.
13. Changes to this policy
We may update this policy from time to time to reflect changes in our Service, our practices, or the law. When we do, we will post the updated version with a new "last updated" date at the top.
Where changes are significant, we will take reasonable steps to notify you — for example by email or through the Service. Your continued use of the Service after the changes take effect means you accept the updated policy.
14. How to contact us
If you have any questions about this policy, or if you would like to exercise any of your rights, you can reach us at:
- Email: support@helious.io
- Post: TradeIQ Ltd, Clyde Offices, 2nd Floor, 48 West George Street, Glasgow, Glasgow City, Scotland, G2 1BP
TradeIQ Ltd is a company registered in Scotland with company number SC831617.
Last updated: 1 July 2026.
Questions about these terms? Email us at support@helious.io.
See also: Terms & Conditions.