Privacy Policy

1. Introduction

MyTradeLog (“we,” “us,” “our,” “Company”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

GDPR & CCPA Compliant: We comply with the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).

2. Information We Collect

A. Information You Provide Directly

Account Information:

• Email address
• Password (hashed, never stored in plain text)
• Profile information (experience level, trades size category)

Wallet & Trading Data:

• Wallet address(es) (read-only access)
• Transaction history from blockchain
• Trade entry/exit prices and tokens
• Trade reflections and notes
• Win/loss records

Payment Information:

We do NOT store credit card data. Payment processing is handled by Stripe. We store: billing email, subscription tier, and transaction history.

Communication Data:

• Emails you send to support
• Chat messages if you use our analysis features
• Feedback and surveys you submit

B. Information Collected Automatically

Website Usage:

• IP address, browser type and version
• Pages visited and time spent
• Referrer URL, device information
• Cookies and similar tracking technologies

Service Usage Analytics:

• Analysis requests made, features used
• Errors or bugs encountered
• How long you use the service
• User journey and conversion points

Blockchain Data:

We query public blockchain APIs (Moralis) to verify wallet ownership. Wallet age, transaction count, and portfolio diversity. This data is public on the blockchain; we do not create this data.

3. How We Use Your Information

Primary Uses:

Service Delivery, Account Management, Communication, Support, AI Improvement (anonymized data).

Secondary Uses:

Analytics, Marketing (optional newsletters), Legal & Safety, Research (anonymized only).

What We Do NOT Do:

• Sell your personal data
• Sell your trade data
• Use your data for targeted advertising
• Share your data without your consent

4. Data Retention

After Account Deletion: Personal data deleted within 30 days. Trade data deleted within 30 days. Anonymized data retained. Payment records retained for 7 years.

5. Data Security

• Encryption in Transit (HTTPS/TLS)
• Encryption at Rest
• Access Controls
• API Keys stored securely
• Regular Audits

No security system is 100% secure. In the event of a data breach, we will notify affected users within 72 hours.

6. Your Rights (GDPR & CCPA)

GDPR Rights (EU Residents):

• Access — request a copy of your data
• Rectification — correct inaccurate data
• Erasure — request deletion of your data
• Restrict Processing — limit how we use your data
• Data Portability — receive your data in a portable format
• Object — object to certain processing
• Lodge a Complaint — with your local data authority

CCPA Rights (California Residents):

• Right to Know what data we collect
• Right to Delete your data
• Right to Opt-Out of data sale (we do not sell data)
• Right to Correct inaccurate data
• Non-Discrimination for exercising your rights

7. Third-Party Services

8. Cookies & Tracking Technologies

• Essential Cookies — required for the service to function
• Analytics Cookies — optional, help us improve the service
• Preference Cookies — optional, remember your settings

9. Privacy Controls

Email Preferences:

• Transactional (required)
• Weekly Report (optional)
• Marketing (optional)

Data Collection Preferences:

• Analytics opt-out
• Wallet Scanning control
• AI Improvement opt-out

10. Children's Privacy

Our Service is not intended for users under the age of 18. We do not knowingly collect data from minors.

11. International Data Transfers

We comply with GDPR requirements for international data transfers using Standard Contractual Clauses where applicable.

12. Privacy Policy Changes

We will provide 30 days notice for material changes to this Privacy Policy. Continued use of the Service after changes constitutes acceptance.