Privacy Policy

⚠️ IMPORTANT DISCLAIMER

All information provided by trade & tonic is for informational and educational purposes only and should not be construed as investment advice or a financial recommendation under EU Directive 2014/65/EU (MiFID II). Users are solely responsible for their investment decisions. Market data and AI-generated outputs may not guarantee future results.

1. Introduction

Welcome to trade & tonic ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform at tradeandtonic.com and dev.tradeandtonic.com.

trade & tonic is a financial education and market research platform. We provide educational content, market analysis tools, and research insights. We are NOT a broker, trading platform, or investment advisor.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address

• Password (encrypted)

• Account preferences

• Subscription tier information

2.2 Usage Data

We automatically collect:

• IP address

• Browser type and version

• Device information

• Pages visited and features used

• Analysis requests and results

• Time and date of access

• Referring URLs

2.3 Analysis Data

When you use our platform, we store:

• Stock tickers you analyze

• Analysis results and timestamps

• Portfolio tracking data

• Performance metrics

• User preferences and settings

2.4 Payment Information

For paid subscriptions:

• Payment processing is handled by Paddle.com (our Merchant of Record)

• We do NOT store credit card numbers or payment details

• Paddle collects billing information according to their privacy policy

• We receive only transaction confirmations and subscription status

2.5 Cookies and Tracking

We use cookies and similar technologies for:

• Authentication and session management

• Analytics (PostHog, Google Analytics)

• Performance monitoring (Sentry)

• User preferences

• Security and fraud prevention

3. How We Use Your Information

We use your information to:

• Provide and improve our platform services

• Process and manage your subscription

• Generate market analysis and research insights

• Send important account and service notifications

• Respond to your support requests

• Monitor platform performance and security

• Comply with legal obligations

• Analyze usage patterns to improve features

We do NOT:

• Sell your personal data to third parties

• Share your analysis data with other users

• Use your data to provide financial advice

• Share your trading insights or strategies

4. Data Storage and Security

4.1 Where We Store Data

• Database: Supabase (PostgreSQL) - EU region

• Authentication: Supabase Auth with encrypted passwords

• Backups: Automated daily backups, encrypted at rest

• Logs: Application logs stored securely, auto-deleted after 30 days

4.2 Security Measures

We implement industry-standard security practices:

• Bank-level encryption (TLS 1.3) for data in transit

• Encryption at rest for all stored data

• Strict access controls and authentication

• Regular security audits and monitoring

• Automated error tracking (Sentry)

• DDoS protection and rate limiting

4.3 Data Retention

• Active accounts: Data retained while account is active

• Closed accounts: Data deleted within 30 days of account closure

• Backups: Retained for 90 days for disaster recovery

• Legal requirements: Some data may be retained longer if required by law

5. Third-Party Services

We use the following third-party services:

5.1 Payment Processing

• Paddle.com: Merchant of Record, handles all payments and billing

• Privacy Policy: https://www.paddle.com/legal/privacy

5.2 Infrastructure

• Supabase: Database and authentication

• Privacy Policy: https://supabase.com/privacy

• Google Cloud Platform: Hosting and compute

• Privacy Policy: https://cloud.google.com/terms/cloud-privacy-notice

5.3 Analytics and Monitoring

• PostHog: Product analytics (EU instance)

• Privacy Policy: https://posthog.com/privacy

• Google Analytics: Website analytics

• Privacy Policy: https://policies.google.com/privacy

• Sentry: Error tracking and performance monitoring

• Privacy Policy: https://sentry.io/privacy/

5.4 Market Data

• Tiingo API: Financial market data

• SEC EDGAR: Company filings and fundamentals

• Perplexity AI: News sentiment analysis

All third-party services are carefully selected and comply with GDPR and data protection standards.

6. Your Rights (GDPR)

If you are in the European Economic Area (EEA), you have the following rights:

6.1 Access

You can request a copy of your personal data at any time.

6.2 Rectification

You can update or correct your account information.

6.3 Erasure ("Right to be Forgotten")

You can request deletion of your account and data.

6.4 Data Portability

You can request your data in a machine-readable format.

6.5 Object to Processing

You can object to certain types of data processing.

6.6 Withdraw Consent

You can withdraw consent for optional data processing at any time.

To exercise these rights, contact us at privacy@tradeandtonic.com.

7. International Data Transfers

We primarily store data in the EU region. If data is transferred outside the EU:

• We use Standard Contractual Clauses (SCCs)

• We ensure adequate data protection safeguards

• We comply with GDPR requirements for international transfers

8. Children's Privacy

Our platform is NOT intended for users under 18 years old. We do not knowingly collect data from minors. If you believe we have collected data from a minor, please contact us immediately.

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

• Right to know what personal information is collected

• Right to delete personal information

• Right to opt-out of the sale of personal information (we do NOT sell data)

• Right to non-discrimination for exercising privacy rights

To exercise CCPA rights, contact us at privacy@tradeandtonic.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be notified via email or platform notification.

11. Contact Us

For privacy questions, data requests, or concerns:

Email: privacy@tradeandtonic.com
Support: support@tradeandtonic.com
Address: trade & tonic, Petrzilkova 2835/1, 158 00, Prague, Czech Republic

12. Important Disclaimers

Not Financial Advice

This platform provides educational content and market research tools. Nothing on this platform constitutes financial, investment, trading, or legal advice. All information is for educational and informational purposes only.

Investment Risk

Trading and investing involve substantial risk of loss. Past performance is not indicative of future results. You are solely responsible for your investment decisions.

No Broker Relationship

We are NOT a broker, dealer, or registered investment advisor. We do not execute trades, manage funds, or provide personalized investment recommendations.

Independent Decisions

You make all investment decisions independently through your own brokerage account. We have no connection to your broker or your trades.

By using trade & tonic, you acknowledge that you have read and understood this Privacy Policy.