1. Introduction
This Privacy Policy describes how Edge Analyzer (“we,” “us,” or “our”) collects, uses, stores, and protects your personal information when you use the Edge Analyzer platform (“Service”). We are committed to protecting your privacy and handling your data responsibly. This policy applies to all users of the Service, including account holders, mentors, and visitors.2. Information We Collect
2.1 Information You Provide
| Category | Data Collected |
|---|---|
| Account information | Email address, password (hashed), display name |
| Profile information | Preferred currency, timezone, account preferences |
| Trading data | Account names, account types, trade journals, playbook entries, goals, notes, uploaded images and videos |
| Financial tracking | Purchase amounts, payout amounts, receipts (uploaded by you) |
| Broker credentials | Rithmic username/password (AES-256 encrypted), ProjectX API keys (AES-256 encrypted), Tradovate OAuth tokens |
| Payment information | Processed by Stripe — we do not store credit card numbers |
| Communications | Support emails, feedback, feature requests |
2.2 Information Collected Automatically
- Usage data: Pages visited, features used, session duration, click patterns
- Device information: Browser type, operating system, screen resolution
- Network information: IP address (used for rate limiting and security)
- Cookies and similar technologies: See our Cookie Policy
2.3 Information from Third Parties
- Broker APIs: Trade history, order history, account balances, position data (synced with your authorization)
- Stripe: Subscription status, payment success/failure, billing dates (no card numbers)
3. How We Use Your Information
We use your information to:Provide the Service
Process trade data, generate dashboard metrics, deliver AI insights, enable copy trading, manage subscriptions
Authenticate and Secure
Verify your identity, protect your account, prevent unauthorized access
Improve the Service
Analyze usage patterns, identify bugs, optimize performance
Communicate
Send account-related notifications, subscription updates, security alerts
We Do NOT:
4. How We Store and Protect Your Data
4.1 Data Storage
- Your data is stored in Supabase-managed PostgreSQL databases with automated backups
- Broker credentials are encrypted with AES-256 before storage
- All data is encrypted in transit using TLS (HTTPS)
- Row-Level Security (RLS) policies isolate each user’s data at the database level
4.2 Security Measures
| Measure | Description |
|---|---|
| Encryption at rest | AES-256 encryption for sensitive credentials |
| Encryption in transit | TLS encryption for all data |
| Session management | Automatic timeouts |
| Rate limiting | Prevention of brute-force attacks |
| Security headers | CSP, HSTS, X-Frame-Options |
| Webhook verification | Signature verification for integrations |
4.3 Data Access
Access to your data is restricted to:- You: Full access to your own data
- Mentors you invite: Read-only access to trades, journals, and metrics (no financial data)
- Support team: Read-only access for troubleshooting when needed
- Engineering team: Access limited to maintaining and improving the Service
5. Data Sharing
We share your data only in these circumstances:| Circumstance | Details |
|---|---|
| Broker APIs | Trade data sent for copy trading (to place trades on your accounts) |
| Stripe | Subscription and billing data for payment handling |
| Service providers | Infrastructure providers under strict data processing agreements |
| Legal requirements | When required by law, court order, or government request |
| Business transfers | In connection with a merger, acquisition, or sale (with advance notice) |
We never sell your data to third parties or share it for advertising purposes.
6. Your Rights
6.1 All Users
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your account and data
- Data portability: Receive your data in a machine-readable format
6.2 EU/EEA Users (GDPR)
In addition to the rights above, you have the right to:- Restrict processing: Request that we limit how we use your data
- Object to processing: Object to certain types of data processing
- Withdraw consent: Withdraw consent where processing is based on consent
- Lodge a complaint: File a complaint with your local data protection authority
6.3 California Users (CCPA)
You have the right to:- Know what personal information we collect and how it is used
- Request deletion of your personal information
- Opt out of the sale of personal information (we do not sell personal information)
- Non-discrimination for exercising your privacy rights
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Active accounts | Data retained as long as account is active |
| Cancelled accounts | Data retained (request deletion if needed) |
| Deleted accounts | Permanently removed within 30 days of request |
| Broker credentials | Deleted when connection removed or account deleted |
| Logs and analytics | Retained for up to 12 months |
8. International Data Transfers
Your data may be processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international data transfers, including:- Standard contractual clauses (for EU/EEA data transfers)
- Data processing agreements with all service providers
- Compliance with applicable data protection laws
9. Children’s Privacy
The Service is not intended for users under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.10. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or applicable law. Material changes will be communicated via email or notice within the Service at least 30 days before taking effect.11. Contact
For privacy-related questions or to exercise your data rights:- Email: [email protected]
- Support: [email protected]