🔒 Privacy Policy

Effective Date: March 28, 2026  |  Last Updated: May 25, 2026

This Privacy Policy describes how TradeVantage ("the Application," "we," "us," or "our") collects, uses, stores, and protects information in connection with your use of our services. By accessing or using the Application, you agree to the practices described in this Privacy Policy.

1. Overview

We are committed to protecting your privacy. The Application is designed as a market analysis and educational tool with a minimal data collection approach. We collect only the information necessary to provide and improve our services.

2. Information We Collect

2.1 Information You Provide Directly

When you create an account or use certain features, we may collect:

  • Account information: Email address and password (password is stored as a cryptographic hash, never in plaintext)
  • Contact form submissions: Name, email address, and message content submitted through our contact page
  • Watchlist data: Ticker symbols you add to your personal watchlist
  • Alert configurations: Alert rules and notification preferences you configure
  • Custom indicator configurations: Custom indicator formulas and settings you save

2.2 Information Collected Automatically

When you access the Application, we may automatically collect:

  • Server logs: IP address, browser type and version, operating system, referring URL, pages visited, date and time of access, and HTTP response codes (standard web server logging)
  • Session data: Ticker symbols searched, chart intervals selected, and date ranges requested during your session
  • Performance data: Page load times, API response times, and error logs (for debugging and service improvement)
  • Rate-limiting data: Request counts per IP address (for abuse prevention and fair usage enforcement)

2.3 Client-Side Storage

The Application stores data locally in your browser using:

  • IndexedDB / Local Storage: Cached market data, user preferences, theme settings, and session state. This data resides solely on your device and is not transmitted to our servers.
  • Legal acknowledgement flags: We may store a timestamp confirming you acknowledged educational-only/legal notices (for example, before entering advanced modules like Trade Desk). This timestamp remains on your device and is not transmitted as account profile data.
  • Session Storage: Temporary session data cleared when you close your browser tab.
  • Cookies: Session cookies for authentication and session management. See Section 9 for details.

2.4 Information We Do NOT Collect

  • Payment card numbers, bank account details, or financial account credentials (payments are processed entirely by Stripe; we never receive or store your payment card information)
  • Social Security numbers or government-issued identification numbers
  • Precise geolocation data
  • Biometric data
  • Data from your social media accounts
  • Cross-site browsing history or tracking across third-party websites

3. How We Use Information

We use the information we collect for the following purposes:

PurposeLegal Basis
Providing and operating the ApplicationContractual necessity (performance of our Terms of Service)
User account authentication and session managementContractual necessity
Delivering alerts and notifications you configureContractual necessity / Consent
Enforcing rate limits and preventing abuseLegitimate interest (security and fair usage)
Diagnosing technical errors and improving service reliabilityLegitimate interest (service improvement)
Responding to your contact inquiriesConsent / Contractual necessity
Processing payments for premium features (via Stripe)Contractual necessity
Recording legal acknowledgement state for required noticesLegal obligation / Legitimate interest (risk and compliance controls)
Complying with legal obligationsLegal obligation

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We share limited information with the following categories of third-party service providers, solely to the extent necessary to operate the Application:

  • Market data providers: Ticker symbols and request parameters are transmitted to financial data APIs to retrieve market data. No personally identifiable information is shared.
  • Payment processor (Stripe): When you purchase a subscription, your payment information is provided directly to Stripe, which processes the transaction under its own Privacy Policy. We receive only a confirmation of payment and subscription status.
  • Email service providers: If you opt into email notifications, your email address and alert content are transmitted to our email service provider for delivery.

4.2 We Do NOT

  • Sell your personal information to third parties
  • Share your personal information with advertisers or marketing companies
  • Trade or exchange your data for any commercial purpose
  • Use your data for targeted advertising or ad profiling
  • Provide your data to data brokers or aggregators

4.3 Legal Disclosure

We may disclose your information if required to do so by law or in response to valid legal process, including:

  • Court orders, subpoenas, or other compulsory legal demands
  • Requests from law enforcement agencies or regulatory authorities
  • To protect the rights, property, or safety of the Provider, our users, or the public
  • To enforce our Terms of Service
  • In connection with a merger, acquisition, or sale of assets (with appropriate notice to users)

5. Data Retention

Data TypeRetention PeriodStorage Location
Account informationUntil account deletion or inactivity for 24 monthsServer-side database (encrypted)
Browser cache / IndexedDBUntil you clear it or uninstallYour device only (client-side)
Server access logs90 days, then automatically purgedServer (temporary)
Error and debug logs30 days, then automatically purgedServer (temporary)
Rate-limiting data24 hoursServer (in-memory or temporary database)
Contact form submissionsUntil resolved, then 12 monthsServer-side database
Alert configurationsUntil you delete them or account deletionServer-side database
Payment recordsAs required by tax and financial regulationsStripe (third-party processor)
Session cookiesSession duration (cleared on browser close)Your browser

6. Data Security

We implement industry-standard technical and organizational measures to protect your information, including:

  • Encryption in transit: HTTPS/TLS encryption for all data transmitted between your browser and our servers
  • Password hashing: User passwords are stored using strong cryptographic hashing algorithms (bcrypt/Argon2) and are never stored in plaintext
  • Access controls: Restricted access to server infrastructure and databases
  • Regular security reviews: Periodic review of security practices and configurations
  • Secure payment processing: All payment processing is handled by PCI DSS-compliant third parties (Stripe)

Important: No method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You use the Application at your own risk.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

7.1 General Rights (All Users)

  • Right to access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate personal data
  • Right to deletion: Request deletion of your personal data and account
  • Right to data portability: Request your data in a structured, machine-readable format
  • Right to withdraw consent: Withdraw consent for data processing where consent is the legal basis
  • Right to object: Object to processing of your personal data for certain purposes
  • Clear local data: Clear all cached data from your browser at any time using the "Clear Cache" button or browser settings

7.2 European Economic Area (EEA) / UK — GDPR Rights

If you are located in the EEA or UK, you have additional rights under the General Data Protection Regulation (GDPR) and UK GDPR:

  • Right to restrict processing of your personal data
  • Right to lodge a complaint with your local Data Protection Authority (DPA)
  • Right not to be subject to automated decision-making, including profiling, that produces legal or similarly significant effects

Legal basis for processing: We process personal data on the basis of contractual necessity (to provide our services), legitimate interests (to improve security and service quality), consent (for optional notifications), and legal obligations (as required by law).

7.3 California Residents — CCPA/CPRA Rights

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you the following rights:

  • Right to know: What personal information we collect, use, disclose, and sell or share
  • Right to delete: Request deletion of your personal information
  • Right to correct: Request correction of inaccurate personal information
  • Right to opt-out of sale/sharing: We do NOT sell or share your personal information as defined under the CCPA/CPRA
  • Right to non-discrimination: We will not discriminate against you for exercising your rights
  • Right to limit use of sensitive personal information: We do not collect sensitive personal information as defined under CCPA/CPRA

To exercise your rights under CCPA/CPRA, please contact us. We will verify your identity before fulfilling your request.

7.4 Other Jurisdictions

If you are located in a jurisdiction with data protection laws (e.g., Brazil's LGPD, Canada's PIPEDA, Australia's APPs), you may have additional rights. Please contact us to exercise any applicable rights.

8. International Data Transfers

The Application is operated from the United States. If you access the Application from outside the United States, your data may be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Application, you consent to the transfer of your data to the United States. Where required by law, we implement appropriate safeguards for cross-border data transfers.

9. Cookies and Tracking Technologies

9.1 Types of Cookies Used

Cookie TypePurposeDuration
Essential / SessionAuthentication, CSRF protection, session managementSession (cleared on browser close)
FunctionalTheme preference, display settings, timezone selectionPersistent (until cleared)

9.2 Cookies We Do NOT Use

  • Third-party advertising or tracking cookies
  • Analytics cookies (e.g., Google Analytics) — we do not use third-party analytics services
  • Social media tracking pixels or cookies
  • Cross-site tracking cookies

9.3 Your Cookie Choices

You can control cookies through your browser settings, including blocking or deleting cookies. Note that disabling essential cookies may impair the functionality of the Application. Most browsers allow you to set your preferences regarding cookies and similar technologies.

10. Do Not Track (DNT)

The Application respects "Do Not Track" browser signals. We do not engage in cross-site tracking regardless of your DNT settings, as we do not use third-party trackers.

11. Children's Privacy

The Application is not directed at and is not intended for use by individuals under the age of 18 (or the age of majority in their jurisdiction). We do not knowingly collect personal information from children under 13 (or the applicable age in your jurisdiction). If we become aware that we have inadvertently collected personal information from a child, we will take immediate steps to delete that information. If you believe a child has provided personal information to us, please contact us immediately.

12. Third-Party Links

The Application may contain links to third-party websites, services, or content. This Privacy Policy does not apply to third-party sites. We are not responsible for the privacy practices of third-party sites and encourage you to review their privacy policies independently before providing any personal information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be indicated by updating the "Last Updated" date at the top of this policy. We encourage you to review this policy periodically. Your continued use of the Application after any changes constitutes your acceptance of the updated Privacy Policy.

14. Data Breach Notification

In the event of a data breach that compromises your personal information, we will:

  • Notify affected users without undue delay (and within 72 hours where required by GDPR)
  • Provide details of the nature of the breach, the data affected, and the measures taken
  • Notify relevant supervisory authorities as required by applicable law
  • Take immediate steps to mitigate the impact of the breach

15. How to Exercise Your Rights

To exercise any of your data rights described in this Privacy Policy, please:

  • Email: Contact us through our contact page
  • Account deletion: You can delete your account through your account settings page
  • Clear local data: Use the "Clear Cache" button in the Application or clear your browser data
  • Unsubscribe from emails: Use the unsubscribe link in any notification email

We will respond to all valid requests within 30 days (or within the timeframe required by applicable law). We may request verification of your identity before fulfilling your request to protect against unauthorized disclosure.

16. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us.

Summary: We collect minimal data necessary to operate the Application. We do NOT sell your data. Most data is stored locally on your device. You can delete your data at any time. We comply with GDPR, CCPA/CPRA, and other applicable data protection laws.

This Privacy Policy was last updated on May 25, 2026. © TradeVantage. All rights reserved.

← Back to Home