TradingStreak

Privacy Policy

Last updated: 2/14/2026

1. Introduction

Welcome to TradingStreak. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we handle your data depending on how you use our application (Local Mode vs. Cloud Mode).

2. Modes of Operation

Local Mode (Default)

By default, TradingStreak operates as a local-first application. Your journal entries, settings, and trading data are stored exclusively in your browser's LocalStorage. We do not have access to this data, and it is never transmitted to our servers.

Cloud Mode (Optional)

If you choose to sign in with Google, you activate Cloud Mode. In this mode, your data is securely synced to our database to allow access across multiple devices.

3. Data We Collect (Cloud Mode Only)

When you use Cloud Mode, we collect and store the following:

  • Account Info: Your email address, name, and profile picture (provided by Google or Discord).
  • Journal Data: The trading journal entries, PnL data, and notes you create.
  • Usage Data: Basic analytics to improve service performance.

4. Infrastructure & Security

We use industry-standard security measures to protect your data:

  • Hosting: Our application is self-hosted on a secure Virtual Private Server (VPS) using Docker containers.
  • Database: Your data is stored in a private PostgreSQL database hosted on the same secure VPS infrastructure.
  • Encryption: All data transmission is encrypted using SSL/TLS (Let's Encrypt).
  • Access Control: Our database is protected within a private Docker network and is not directly exposed to the public internet.

5. Third-Party Services

We use the following third-party services:

  • Google & Discord: For authentication (OAuth).
  • ipapi.co: For automatic location-based currency detection during onboarding. Your IP address is processed briefly to determine your approximate location and local currency.

6. Payment processing via Stripe

If you make a payment using the Stripe payment service, we store data in connection with your transaction. This data has no direct personal reference, but is nevertheless mentioned here for completeness. Data processed by the third party payment provider is subject to their privacy policy.

1. Scope of data processing

  • Stripe Customer ID (if available)
  • Stripe email address (for transaction confirmation)
  • Transaction ID (tx_id)
  • Currency used
  • Final payment amount

This data contains no direct personal reference and is used exclusively for:

  • Transaction verification
  • Customer support
  • Accounting purposes

2. Purpose of data processing

The processing of this data serves documentation purposes, fulfillment of our contractual obligations, and compliance with legal requirements (particularly tax regulations).

3. Legal basis for processing

Art. 6(1)(b) GDPR (contract fulfillment) for payment processing and Art. 6(1)(c) GDPR (legal obligation) for retention according to § 147 German Tax Code. Processing by Stripe is based on your consent (Art. 6(1)(a) GDPR) when using Stripe Checkout.

4. Duration of storage

Transaction data is stored for 10 years according to § 147 German Tax Code (tax retention requirements). Stripe stores data according to their policies (https://stripe.com/privacy).

5. Possibility of objection and elimination

Objection to the processing of this data required for contract fulfillment and legal obligations is not possible, as the processing is necessary for compliance with our legal requirements.

7. Your Rights

You have the right to export your data (Backup) or delete your account and all associated data at any time via the Profile settings.