Privacy Policy

1. Introduction

TradersForge LLC (“we,” “us,” or “our”), a Michigan limited liability company, operates TradersForge Journal at app.tradersforge.net and sells downloadable add-on tools for the third-party NinjaTrader 8 platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our products.

2. Information We Collect

Account Information

When you create an account, we collect your email address and display name. If you subscribe to a paid plan or purchase a one-time tool, payment processing is handled entirely by Stripe — we do not store your full credit card number or bank details. We do receive limited information from Stripe (the last four digits of your card, the card brand, the country of issue, and the billing email) for receipts, account-management, and fraud-prevention purposes.

Trading Data

We store trade data you import (via CSV upload or broker sync) to provide the journal, analytics, playbook, and reporting features. This includes trade entries, exits, P&L, symbols, fees, and any journal notes you write. If you choose to share content publicly inside the Service, that content becomes visible to other users until you delete it.

Broker Connections

When you connect a brokerage account, we use OAuth tokens (or, for some brokers, session credentials handled by SnapTrade as our broker-aggregator partner) to access your trade history. We request read-only access and never place orders or modify positions on your behalf. Tokens and credentials are encrypted at rest.

Fraud-Prevention Information

To prevent abuse of free trials and stolen-card payments, we store a non-reversible fingerprint of the payment card you use at trial sign-up. The fingerprint cannot be used to reconstruct your card number; it can only be compared against fingerprints of other cards used on our platform. We use it solely to detect when the same card is used to start trials on multiple accounts. Stripe Radar may also process IP address, browser, and device signals at checkout time for fraud screening on our behalf.

Operational Logs

Our hosting provider (Vercel) records standard server logs including IP addresses, request timestamps, user-agent strings, and HTTP status codes. These are retained on a short-term basis for security, debugging, and abuse prevention.

3. How We Use Your Information

• Provide, maintain, and improve our products
• Sync and display your trading data and analytics
• Process subscription and one-time purchase payments via Stripe
• Send transactional emails (account confirmations, payment receipts, password resets)
• Detect and prevent fraud, abuse, and unauthorized account creation
• Respond to support requests
• Generate AI commentary on your trades when you use that feature (see Third-Party Services)

We do not sell, rent, or share your personal information with third parties for advertising or marketing purposes.

4. Data Storage and Security

Your data is stored in a secured PostgreSQL database hosted by Supabase, with row-level security (RLS) policies enforcing per-user data isolation at the database layer. All data is encrypted in transit (TLS 1.2+), and sensitive credentials (broker tokens, API keys) are encrypted at rest using industry-standard AES encryption. We follow reasonable administrative, technical, and physical safeguards, but no system is perfectly secure and we cannot guarantee absolute security.

5. Third-Party Services

• Supabase— authentication and PostgreSQL database hosting
• Vercel— application hosting and serverless functions
• Stripe— payment processing, subscription management, and fraud screening (Stripe Radar)
• Resend— transactional email delivery
• Anthropic— AI-generated trade commentary and insights, when you use AI features. Trade data sent for AI processing is not used by Anthropic to train their models per their commercial terms.
• SnapTrade and broker APIs— trade data syncing, only with your explicit authorization

Each third-party service has its own privacy policy governing their handling of data. We share with these processors only the information needed to perform the specific task (e.g., your email and payment details with Stripe; your trade rows with Anthropic when you request AI commentary).

6. Data Retention and Deletion

You may delete your account and all associated data at any time from Settings. Upon account deletion, we remove your personal information, trade data, journal entries, and broker connections from our active databases within 30 days. Backups are rotated on a 30-day cycle, after which deleted data ceases to exist anywhere in our infrastructure.

We may retain limited records longer when required to comply with legal obligations, resolve disputes, prevent fraud (including the card fingerprint, in anonymized form), or enforce our agreements. Stripe retains payment records per their own retention policy (typically seven years for tax and compliance reasons), independent of any deletion request to us.

7. Your Rights

You have the right to access, correct, export, or delete your personal information at any time. Most of these can be exercised directly inside the Service:

• Access: view your data on the Settings, Journal, Trades, and Analytics pages
• Export: download your trades as CSV from the Trades page
• Correct: edit any trade or journal entry from the relevant page
• Delete: delete individual entries, or delete your entire account from Settings

If you are a resident of California, the EU/UK, or another jurisdiction with applicable data-protection laws (CCPA, GDPR, etc.), you may have additional rights including the right to object to certain processing, the right to lodge a complaint with a supervisory authority, and the right to portability. To exercise rights that cannot be self-served, email us at support@tradersforge.net.

8. Cookies

We use essential cookies only, for authentication and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

9. Children's Privacy

Our Service is not directed to children under 18, and we do not knowingly collect personal information from anyone under 18. If we learn that we have collected such information, we will delete it.

10. International Users

We operate from the United States and store data on infrastructure located in the United States. By using the Service, you consent to the transfer and processing of your information in the United States, which may have different data-protection laws than your country of residence.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or an in-app notice and will update the “Last updated” date above.

12. Contact Us

If you have questions about this Privacy Policy or want to exercise a data right, contact us at support@tradersforge.net.

Data controller / mailing address: