Last updated: March 2026
We collect your email address for authentication, your broker API keys (encrypted with AES-256-GCM), and trading activity data synced from your connected broker accounts. We do not collect payment card data directly — payments are handled by third-party processors.
Your data is used solely to provide the TradeGuard service: monitoring trading limits, storing trade history, sending breach alerts, and displaying analytics. We do not sell, rent, or share your data with third parties for advertising or marketing purposes.
All broker API keys are encrypted using AES-256-GCM encryption before being stored in our database. The encryption key is stored separately in a secure environment. We only request the minimum permissions needed (read-only where possible) and never withdraw funds from your account.
Trade history and account data are retained for the duration of your subscription. Upon account deletion, all personal data and API keys are permanently removed within 30 days. You can request deletion at any time by contacting support.
We use a single session cookie (tg_uid) to maintain your authentication session. This is a strictly necessary httpOnly cookie and cannot be used for tracking. We do not use advertising or analytics cookies.
We may use third-party services such as Supabase (database hosting) and Vercel (cloud hosting). These providers are bound by their own privacy policies and process data only as necessary to provide their services.
You have the right to access, correct, or delete your personal data. You may also request a copy of your data in a portable format. To exercise these rights, contact us at privacy@tradeguard.io.
For privacy questions or data requests, contact us at privacy@tradeguard.io. We aim to respond within 5 business days.