Privacy Policy

Last updated: [DATE]

1. Data Controller

[FULL NAME]
[STREET ADDRESS]
[POSTAL CODE, CITY], Germany
Email: [EMAIL]

2. Collection and Storage of Personal Data

2.1 When Visiting the Website

When you access our website, your browser automatically sends information to our server. This information is temporarily stored in a log file, including: IP address, date and time of access, name and URL of the retrieved file, referring website, browser used, and operating system.

2.2 Registration and Usage

When registering for VaultGate, we collect: email address, name (optional), and password (stored as bcrypt hash). During use of the service, we store your trading data, journal entries, voice recordings (transcripts), and AI-generated analyses.

2.3 Broker Connections

When you connect a broker (e.g., Tradovate), your broker credentials are stored encrypted with AES-256-GCM in our database. Decryption only occurs at the time of synchronization. We have no access to your broker account except to retrieve trade data.

3. Data Sharing

We share your data only with the following services:

• Cloudflare, Inc. – CDN and DDoS protection (US-based, EU Standard Contractual Clauses)
• Stripe, Inc. – Payment processing (US-based, EU Standard Contractual Clauses). Credit card data is processed exclusively by Stripe.
• AI Processing – Your trading data is sent to our AI service for analysis. Processing occurs on our own servers, not third-party providers.

4. Your Rights

Under GDPR, you have the right to:

• Access your stored personal data (Art. 15 GDPR)
• Rectification of inaccurate data (Art. 16 GDPR)
• Erasure of your data (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Object to processing (Art. 21 GDPR)

To exercise your rights, contact: [EMAIL]

5. Data Security

We use SSL/TLS encryption for all data transfers. Passwords are stored as bcrypt hashes. Broker credentials are encrypted with AES-256-GCM. Regular backups protect your data against loss.

6. Cookies

VaultGate uses only technically necessary cookies (session cookie for authentication). No tracking or marketing cookies are used.

7. Changes to this Privacy Policy

We reserve the right to update this privacy policy to comply with current legal requirements. The updated policy will apply from your next visit.