Legal

Privacy Policy

Last updated: July 4, 2026

1. Who is responsible

TraderLog, Ch. de la Vieille-Fontaine 13, 1233 Bernex, Switzerland, is responsible for the personal data processed on traderlog.co. Contact: hello@traderlog.co. We process personal data in accordance with the Swiss Federal Act on Data Protection (FADP) and, where it applies, the EU General Data Protection Regulation (GDPR).

2. What we collect

  • Account data: email address, display name, password (stored only as a salted hash), and your preferences.
  • Journal and trading data: the trades, notes, and statistics you enter, and fills you choose to import from your broker (for example Schwab or Interactive Brokers). We only read what the import needs; we never receive your broker password when you use an OAuth connection.
  • Billing data: your subscription status and Stripe identifiers. Card details go directly to Stripe; we never see or store them.
  • Usage data: basic product analytics (pages used, features clicked) collected first-party. We do not use third-party advertising trackers.
  • Email events: which of our emails were delivered or bounced, and your unsubscribe status.

3. Why we process it

  • to provide the service you signed up for (contract);
  • to bill subscriptions and prevent abuse (contract, legitimate interest);
  • to send transactional emails such as receipts, trial reminders, and security notices (contract);
  • to send product emails, which you can opt out of with one click (legitimate interest / consent);
  • to keep the service secure and improve it, using aggregated or de-identified data where possible (legitimate interest).

4. Who processes it for us

We share data only with processors needed to run the service:

  • Stripe (payments and billing);
  • Resend (email delivery);
  • our hosting provider (servers located in the United States).

Where data leaves Switzerland or the EU/EEA, we rely on recognized safeguards such as standard contractual clauses provided by these processors. We do not sell personal data.

5. Cookies

We use one essential cookie: an httpOnly authentication cookie that keeps you signed in. No advertising or cross-site tracking cookies are set.

6. How long we keep it

Account and journal data are kept while your account exists. Deleting your account in Settings removes your account and journal data from the live system; residual copies in encrypted backups roll off on a fixed schedule. Billing records are kept as long as bookkeeping law requires. Email suppression entries are kept so we do not email you again after you unsubscribe.

7. Your rights

You can request access to, correction of, export of, or deletion of your personal data, and you can object to or restrict certain processing. Write to hello@traderlog.co from your account email and we will respond within 30 days. If you believe we mishandled your data you can complain to the Swiss FDPIC or your local data protection authority.

8. Security

Traffic is encrypted with TLS, passwords are hashed, access to production systems is restricted, and payment data is handled entirely by Stripe. No system is perfectly secure; if a breach affects you, we will notify you as the law requires.

9. Children

TraderLog is not directed at anyone under 18, and we do not knowingly collect their data.

10. Changes

We will update this policy as the product evolves and note the date at the top. For material changes we will notify you by email or in the app.