TradingStreak

Privacy Policy

Last updated: 5/29/2026

1. Introduction

Welcome to TradingStreak. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we handle your data depending on how you use our application (Local Mode vs. Cloud Mode).

2. Modes of Operation

Local Mode (Default)

By default, TradingStreak operates as a local-first application. Your journal entries, settings, and trading data are stored exclusively in your browser's LocalStorage. We do not have access to this data, and it is never transmitted to our servers.

Cloud Mode (Optional)

If you choose to sign in with Google, you activate Cloud Mode. In this mode, your data is securely synced to our database to allow access across multiple devices.

Cookies and LocalStorage

We use cookies and your browser's LocalStorage exclusively for technically necessary functions. These include keeping you logged in (Authentication Cookies) and saving your UI preferences (e.g., whether you have completed the onboarding or closed specific notifications).

Legal basis: We use these technologies based on our legitimate interest (Art. 6 Abs. 1 lit. f DSGVO / GDPR) in providing a fully functional and user-friendly application, and they are strictly necessary to provide the service you requested (§ 25 Abs. 2 Nr. 2 TTDSG / TDDDG). We do not use any cookies for cross-site tracking or advertising.

3. Data We Collect (Cloud Mode Only)

When you use Cloud Mode, we collect and store the following:

  • Account Info: Your email address, name, and profile picture (provided by Google or Discord).
  • Journal Data: The trading journal entries, PnL data, and notes you create.
  • Usage Data: Basic analytics to improve service performance.
  • Meetup & Community Data: If you create or join Meetups, your chosen location data, participation status, and public leaderboard ranking (if enabled) will be visible to other authenticated users.

4. Infrastructure & Security

We use industry-standard security measures to protect your data:

  • Hosting: Our application is self-hosted on a secure Virtual Private Server (VPS) provided by IONOS SE (Elgendorfer Str. 57, 56410 Montabaur, Germany).
  • Database: Your data is stored in a private PostgreSQL database hosted on the same secure VPS infrastructure located in Germany.
  • Encryption: All data transmission is encrypted using SSL/TLS (Let's Encrypt).
  • Access Control: Our database is protected within a private Docker network and is not directly exposed to the public internet.

5. Third-Party Services

We use the following third-party services:

  • Google & Discord: For authentication (OAuth).
  • Geocoding & Maps: If you create a Meetup, the location you input is processed via geocoding services to generate coordinates for our interactive 3D globe visualization.
  • ipapi.co: For automatic location-based currency detection during onboarding. Your IP address is processed briefly to determine your approximate location and local currency.
  • Google Gemini (AI): If you opt-in to AI Coaching Reports or use the AI Trading Copilot, your anonymized journaling data (such as trades, win rate, and PnL) may be sent to Google's Gemini API to generate insights. This data is not used by Google to train its core models.

6. Payment processing via Stripe

If you make a payment using the Stripe payment service, we store data in connection with your transaction. This data has no direct personal reference, but is nevertheless mentioned here for completeness. Data processed by the third party payment provider is subject to their privacy policy.

1. Scope of data processing

  • Stripe Customer ID (if available)
  • Stripe email address (for transaction confirmation)
  • Transaction ID (tx_id)
  • Currency used
  • Final payment amount

This data contains no direct personal reference and is used exclusively for:

  • Transaction verification
  • Customer support
  • Accounting purposes

2. Purpose of data processing

The processing of this data serves documentation purposes, fulfillment of our contractual obligations, and compliance with legal requirements (particularly tax regulations).

3. Legal basis for processing

Art. 6(1)(b) GDPR (contract fulfillment) for payment processing and Art. 6(1)(c) GDPR (legal obligation) for retention according to § 147 German Tax Code. Processing by Stripe is based on your consent (Art. 6(1)(a) GDPR) when using Stripe Checkout.

4. Duration of storage

Transaction data is stored for 10 years according to § 147 German Tax Code (tax retention requirements). Stripe stores data according to their policies (https://stripe.com/privacy).

5. Possibility of objection and elimination

Objection to the processing of this data required for contract fulfillment and legal obligations is not possible, as the processing is necessary for compliance with our legal requirements.

7. Email Newsletter & Updates

If you explicitly opt-in to our Email Newsletter in your account settings, your email address will be processed by our third-party email provider (Brevo) to send you product updates, trading insights, and important account notices. Furthermore, to analyze and improve the content we send you, we track if you click on links within those emails (Click Tracking).

Legal basis:

The processing of this data is based exclusively on your consent (Art. 6(1)(a) GDPR).

Possibility of objection and elimination:

You can withdraw your consent at any time via the settings page by toggling off the Email Newsletter, or by using the unsubscribe link provided in every newsletter email. This will automatically delete your email from our mailing lists.

8. Your Rights

You have the right to export your data (Backup) or delete your account and all associated data at any time via the Profile settings.