Privacy Policy

1. Who We Are

TraderIQ operates the TraderIQ platform at traderiq.com. For the purposes of GDPR, TraderIQ is the data controller for personal data collected through this platform. For questions or to exercise your rights, contact us at support@traderiq.com.

2. Information We Collect

Account information: your name and email address when you register. Passwords are hashed and salted by Supabase's authentication system (using bcrypt) and are never stored in plain text.

Trading data: the trades, notes, screenshots, tags, goals, checklists, and journal entries you choose to log. This data belongs to you.

Billing information: when you subscribe to a paid plan, payment details are collected and processed directly by Stripe, Inc. We receive only a Stripe customer ID and subscription status — we never store your full card number, expiry date, or CVV on our servers.

Technical data: IP address (used for rate limiting and security), browser type, and general usage patterns (pages visited, features used). We do not use third-party analytics services.

Device session data: when you use the Sync & Devices feature, we store device name, browser, operating system, and last-active timestamp to display your connected sessions.

3. Legal Basis for Processing (GDPR)

We only process your personal data where we have a lawful basis to do so under GDPR Article 6:

Contract performance (Art. 6(1)(b)): Processing your account information, trading data, and billing information is necessary to provide the TraderIQ service you have signed up for.

Legitimate interests (Art. 6(1)(f)): We process technical data (IP address, browser type) to protect the security of our platform, prevent abuse, and maintain service reliability. Our legitimate interest in security and fraud prevention does not override your fundamental rights.

Legal obligation (Art. 6(1)(c)): We may retain certain billing records to comply with applicable tax and accounting obligations.

Consent (Art. 6(1)(a)): Preference cookies (theme, layout) are set only with your explicit consent, which you can withdraw at any time via Cookie Preferences.

4. How We Use Your Information

We use your information to: provide and maintain the TraderIQ service; authenticate your account and maintain session security; process subscription payments through Stripe; generate your personal analytics, AI insights, and coaching reports; send transactional emails (account confirmations, billing receipts, material policy updates); and respond to support requests. We do not send marketing or promotional emails. All email communications from TraderIQ are transactional or legally required.

Your trading data is used solely to power your personal dashboard and analytics. We do not sell, rent, or share your personal data with third parties for their own marketing or commercial purposes.

We do not use your data to train AI or machine learning models. All AI analysis is performed using our own rule-based algorithms applied to your data within our own systems.

5. Data Storage and International Transfers

Your data is stored on Supabase infrastructure, which operates data centres in the United States. By using TraderIQ, you acknowledge that your data may be stored and processed in the United States.

For users in the European Union or United Kingdom: data transfers to the United States are conducted under Standard Contractual Clauses (SCCs) as provided by Supabase's data processing agreements, which are compliant with GDPR Chapter V transfer requirements.

All data is transmitted over encrypted HTTPS/TLS connections. Passwords are hashed using bcrypt. Database access is protected by Row Level Security (RLS) — each user's data is logically isolated and inaccessible to other users.

6. Third-Party Services

Stripe (stripe.com): payment processing. Stripe is PCI-DSS Level 1 certified. Their privacy policy governs payment data.

Supabase (supabase.com): database, authentication, and file storage infrastructure. Your data is hosted on Supabase's servers subject to their privacy policy.

MyFXBook: market sentiment data displayed on the Sentiment page. This data is fetched server-side and is not associated with your personal account data.

We do not use Google Analytics, Facebook Pixel, or any other third-party advertising or behavioural tracking technology.

7. Cookies

We use essential cookies to keep you signed in and preference cookies to remember your chosen colour theme and layout settings. We do not use advertising or cross-site tracking cookies.

You can view a full list of cookies we set, manage your preferences, or withdraw consent at any time via our Cookie Policy page (/cookie-policy) or the Cookie Preferences option in the app sidebar and footer.

8. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, your personal data (trades, notes, profile, uploaded screenshots) is permanently deleted from our active systems within 30 days.

We may retain anonymised, aggregated statistical data (e.g., platform-wide trade counts) that cannot be linked back to you.

Billing records and transaction history may be retained for up to 7 years to comply with applicable tax and accounting obligations, even after account deletion.

9. Your Rights (GDPR and PIPEDA)

You have the following rights regarding your personal data. To exercise any of these rights, contact us at support@traderiq.com. We will respond within 30 days.

Right of access: Request a copy of the personal data we hold about you.

Right to rectification: Correct inaccurate personal data. Most data can be updated directly in your account settings.

Right to erasure (right to be forgotten): Request deletion of your personal data. You can delete your account from the Settings page, which triggers permanent data removal within 30 days.

Right to data portability: Export your trade data in CSV format from the Journal page at any time.

Right to restriction of processing: In certain circumstances, request that we limit how we use your data.

Right to object: Object to processing based on our legitimate interests.

Right to withdraw consent: Where processing is based on consent (preference cookies), withdraw consent at any time via Cookie Preferences without affecting the lawfulness of processing before withdrawal.

Right to lodge a complaint: If you believe we have mishandled your data, you have the right to lodge a complaint with your national supervisory authority: EU users — your local Data Protection Authority (DPA); UK users — the Information Commissioner's Office (ICO) at ico.org.uk; Canadian users — the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca.

10. Children's Privacy

TraderIQ is not directed at persons under the age of 18. We do not knowingly collect personal data from anyone under 18. If you believe we have inadvertently collected data from a minor, please contact us at support@traderiq.com and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated to you by email or via a notice in the application at least 14 days before they take effect.

The date at the top of this page reflects the most recent revision. Continued use of TraderIQ after changes take effect constitutes acceptance of the updated policy.

12. Contact

For any questions, data subject requests, or privacy concerns, contact us at: support@traderiq.com

We aim to respond to all privacy-related enquiries within 5 business days and to formal data subject requests within 30 days.