Back to home

Privacy Policy

Last updated: May 21, 2026

1. Overview

TradeLedger ("we", "us") respects your privacy. This policy explains what data we collect, how we use it, and the choices you have. By using TradeLedger you consent to this policy.

2. Data We Collect

  • Account data: email, optional phone, name, password hash (handled by Supabase Auth).
  • Trade data: trades, strategies, notes, screenshots you upload — your User Content.
  • Subscription data: plan, billing cycle, trial status. Card details are stored by Stripe, never by us.
  • Usage data: page views, error logs, basic analytics to improve the Service.
  • Feedback: messages you submit via the Feedback widget.

3. How We Use Your Data

  • Provide and maintain the Service.
  • Process subscriptions and billing via Stripe.
  • Send transactional emails (signup confirmation, billing receipts, trial reminders) via Resend.
  • Run AI Copilot inferences via Anthropic Claude.
  • Diagnose issues and improve the product.
  • Respond to your feedback or support requests.

We do not sell your data. We do not share your trade content with third parties except the processors required to run the Service (listed below).

4. Sub-processors

We rely on the following providers to deliver TradeLedger:
  • Supabase (database, authentication, storage)
  • Vercel (hosting and CDN)
  • Stripe (payments and subscription management)
  • Anthropic (Claude API for AI Copilot)
  • Resend (transactional email delivery)
  • Finnhub & CoinGecko (market data quotes)
Each provider has its own privacy policy and data processing agreement.

5. Your AI Data & Anthropic

When you use the AI Copilot, we send relevant trade context to Anthropic's Claude API to generate responses. Anthropic does not use your data to train their models (per their API policy). We minimize what we send — only the trades and strategies relevant to your conversation.

6. Data Retention

  • Active accounts: data retained while you use the Service.
  • Cancelled subscriptions: data retained for 90 days then deleted unless you reactivate.
  • Deleted accounts: deleted within 30 days of your request, except where retention is required by law (e.g. financial records for Stripe).
  • Backups: retained up to 30 days.

7. Your Rights (GDPR, CCPA)

Depending on where you live, you may have the right to:
  • Access a copy of your data
  • Correct inaccurate data
  • Delete your data
  • Export your data (we offer CSV export from the journal)
  • Object to certain processing
  • Withdraw consent
Email [email protected] to exercise any of these rights. We respond within 30 days.

8. Cookies

We use essential cookies only — session cookies for authentication via Supabase. We do not use third-party advertising or tracking cookies.

9. Security

We use industry-standard security: HTTPS everywhere, encryption at rest in Supabase, row-level security to isolate user data, signed webhooks for Stripe events. No system is 100% secure — please use a strong password and report suspicious activity.

10. International Transfers

Our processors (Supabase, Vercel, Stripe, Anthropic, Resend) may process data in the US and EU. By using TradeLedger you consent to these transfers.

11. Children

TradeLedger is not directed to children under 18. We do not knowingly collect data from minors. If you believe we have, contact us to delete it.

12. Changes to This Policy

We may update this policy. Material changes will be communicated by email or in-app at least 14 days before taking effect.

13. Contact

Questions or data requests: [email protected]

TradeLedger · AI Trading Journal · 2026