Privacy policy
Welcome to Tradevian. This Privacy policy explains how we collect, use, and protect your personal information when you use our website.
1. Introduction
Tradevian ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our trading journal service at https://tradevian.com (the "Service").
Service Provider:
Business Name: Tradevian
Email: hello@tradevian.com
Website: https://tradevian.com
Address: Buzkova 108, Lymanka, Odesa 65037, Ukraine
Important: Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use the Service.
2. Information We Collect
We collect information that you provide directly to us, information collected automatically, and information from third parties.
2.1 Account Information (Required)
When you register for an account, we collect:
Email address - for account identification and communication
Password - stored as a cryptographic hash (never in plain text)
Username (optional) - for display purposes
2.2 Trading Account Information
To provide our services, we collect:
Broker Account Details:
Broker name
Account number
Account balance
Account type (live, demo, prop firm challenge)
Trading platform (MT5, cTrader, etc.)
Prop Firm Challenge Information:
Prop firm name (FTMO, FundedNext, MyFundedFX, etc.)
Challenge phase (evaluation, verification, funded)
Challenge rules (profit target, drawdown limits, trading days)
Challenge progress and status
2.3 Platform Integration Credentials
To enable automatic trade import, we collect and securely store:
MetaTrader 5 (MT5):
Login ID
Password
Server address
cTrader:
Client ID
Client Secret
Access Token
Refresh Token
MetaAPI Integration:
MetaAPI account token (if used)
Security Measures:
All credentials are encrypted using AES-256 encryption at rest
Credentials are transmitted only over TLS 1.3 encrypted connections
Access to credentials is restricted to authorized systems only
We never share trading platform credentials with third parties
2.4 Trading Data
We collect and store your complete trading history:
Trade Details:
Trading symbol (EUR/USD, GOLD, etc.)
Entry and exit timestamps
Entry and exit prices
Position size (lots)
Profit/Loss (P&L)
Commissions and swap fees
Trade direction (long/short)
Order type (market, limit, stop)
Trade Context:
Psychology notes - your personal notes about emotions and mindset during the trade
Strategy notes - descriptions of your trading strategy and setup
Tags and labels - custom categorization you apply
Screenshots and charts - images you upload showing trade setups
AI analysis results - insights generated by Google Gemini AI
2.5 Performance Analytics and Statistics
We calculate and store:
Win rate and loss rate
Profit factor
Average win and average loss
Maximum drawdown (various types)
Risk-reward ratios
Trading frequency by time period
Calendar heatmaps
Performance by strategy, symbol, time of day
Compliance metrics for prop firm rules
2.6 Files and Media
Screenshots and Images:
Trading charts and setups you upload
May contain metadata (EXIF data, timestamps, device information)
Stored in our secure cloud storage
Exported Reports:
CSV, PDF, and JSON files you generate
Temporarily stored for download
2.7 Payment Information
Billing Details (processed by Stripe/Paddle):
Cardholder name
Billing email address
Billing address
Last 4 digits of card number (for display only)
Payment history and transaction records
Important: We DO NOT store complete credit card numbers, CVV codes, or full payment credentials. Payment processing is handled entirely by PCI-DSS compliant providers (Stripe or Paddle).
2.8 Technical and Usage Data
Automatically Collected:
IP address - for security and fraud prevention
Browser type and version - for compatibility
Device information - operating system, screen resolution
User agent string - browser and device identification
Referral source - how you found our website
Page views and navigation paths - to improve user experience
Session duration - time spent using the Service
Feature usage statistics - which features you use and how often
Cookies and Tracking Technologies:
Essential cookies for authentication and session management
Analytics cookies to understand user behavior (can be opted out)
Performance cookies to optimize the Service
2.9 Communications
We store:
Support emails and chat messages
Feedback and survey responses
Newsletter subscription preferences
Communication preferences and opt-out choices
3. How We Use Your Information
We use the collected information for the following purposes:
3.1 Provide and Improve the Service
Create and manage your account
Import and display your trading data
Calculate performance metrics and analytics
Monitor prop firm rule compliance in real-time
Generate AI-powered insights using Google Gemini AI
Provide multi-account dashboard views
Create reports and exports
Backup your data for disaster recovery
3.2 Platform Integrations
Connect to MT5 and cTrader platforms using your credentials
Automatically import new trades
Sync account balances and positions
Retrieve historical trading data
3.3 AI Analysis
Analyze trading patterns using Google Gemini AI
Identify psychological trading patterns (tilt, revenge trading)
Generate daily trading plans
Perform screenshot OCR (optical character recognition)
Provide trade insights and recommendations
AI Data Processing:
Your trading data may be sent to Google Gemini AI for analysis
Data is transmitted securely and not retained by Google beyond processing
You can disable AI features at any time in settings
3.4 Customer Support
Respond to your inquiries and support requests
Troubleshoot technical issues
Provide guidance on using features
Investigate and resolve complaints
3.5 Communication
Send transactional emails (welcome, password reset, payment confirmations)
Notify you of important Service changes or security alerts
Send optional marketing communications (you can opt out)
Request feedback and conduct surveys
3.6 Billing and Payments
Process subscription payments
Send billing notifications and receipts
Manage upgrades, downgrades, and cancellations
Prevent fraudulent transactions
3.7 Legal and Security
Comply with legal obligations and law enforcement requests
Enforce our Terms of Service
Detect, prevent, and address fraud and security issues
Protect against harm to our rights, property, or safety
3.8 Analytics and Improvements
Understand how users interact with the Service
Identify popular features and pain points
Optimize performance and user experience
Develop new features based on usage patterns
Conduct A/B testing for improvements
4. How We Share Your Information
We do not sell your personal information. We share your data only in the following circumstances:
4.1 Third-Party Service Providers
We share your data with trusted third-party service providers who help us operate the Service:
Supabase (Database Hosting)
Purpose: Stores all user data, trading records, and application state
Data shared: All information described in Section 2
Location: Distributed globally (EU, US data centers)
Security: SOC 2 Type II certified, GDPR compliant
Data Processing Agreement: Yes
Website: https://supabase.com
Google Cloud Platform (Application Hosting)
Purpose: Hosts our web application and API services
Data shared: Technical data required for application operation
Location: Distributed globally based on user location
Security: ISO 27001, SOC 2 certified, GDPR compliant
Data Processing Agreement: Yes
Website: https://cloud.google.com
MetaAPI (Trading Platform Integration)
Purpose: Provides MT5 integration for automatic trade import
Data shared: MT5 credentials, trading data from MT5 accounts
Location: Global infrastructure
Security: Encrypted connections, secure credential storage
Data Processing Agreement: Yes
Website: https://metaapi.cloud
Google Gemini AI (AI Analysis Engine)
Purpose: Analyzes trading performance and generates insights
Data shared: Trading data, psychology notes, performance metrics
Data retention: Not retained after processing (per Google's policy)
Location: Google's AI infrastructure
Security: Enterprise-grade encryption, GDPR compliant
Data Processing Agreement: Yes
Website: https://ai.google.dev
Stripe (Payment Processing)
Purpose: Processes subscription payments (primary processor)
Data shared: Billing information, payment details
Location: Global, with EU data residency options
Security: PCI-DSS Level 1 certified
Data Processing Agreement: Yes
Website: https://stripe.com
Paddle (Payment Processing)
Purpose: Alternative payment processor
Data shared: Billing information, payment details
Location: Global payment infrastructure
Security: PCI-DSS compliant
Data Processing Agreement: Yes
Website: https://paddle.com
Email Service Provider (SendGrid/Mailgun)
Purpose: Sends transactional and marketing emails
Data shared: Email address, name, subscription preferences
Location: Global email infrastructure
Security: SOC 2 certified, GDPR compliant
Data Processing Agreement: Yes
4.2 Legal Requirements
We may disclose your information if required by law:
To comply with legal processes (subpoenas, court orders)
To respond to government or regulatory requests
To enforce our Terms of Service
To protect our rights, property, or safety
To investigate fraud or security issues
In connection with legal proceedings
4.3 Business Transfers
If Tradevian is involved in a merger, acquisition, or sale of assets:
Your information may be transferred to the new owner
We will notify you via email and website notice
The new owner must honor this Privacy Policy
You will have the opportunity to delete your account before transfer
4.4 With Your Consent
We may share information for other purposes with your explicit consent.
4.5 Aggregated and Anonymized Data
We may share aggregated, anonymized data that cannot identify you:
Industry statistics and benchmarks
Usage trends and patterns
Research and analytics
Marketing and promotional materials
5. Data Retention
5.1 Active Accounts
We retain your data for as long as your account is active or as needed to provide services.
5.2 Deleted Accounts
When you delete your account:
Most personal data is deleted within 30 days
Some data may be retained for legal or legitimate business purposes:
Financial records (7 years for tax and accounting)
Fraud prevention records (5 years)
Legal compliance records (as required by law)
Anonymized analytics data may be retained indefinitely
5.3 Inactive Accounts
Accounts inactive for 2+ years may be deleted:
We will send email notice 30 days before deletion
You can export your data before deletion
Reactivation prevents automatic deletion
5.4 Backup Retention
Backup copies may exist for up to 90 days after deletion
Backups are for disaster recovery only
Backup data is not accessible for normal operations
6. Data Security
We implement comprehensive security measures to protect your information:
6.1 Encryption
At Rest:
AES-256 encryption for all sensitive data
Trading platform credentials encrypted separately
Database encryption enabled
In Transit:
TLS 1.3 for all data transmission
HTTPS enforced for all connections
Secure WebSocket connections
6.2 Access Controls
Role-based access control (RBAC) for internal systems
Multi-factor authentication for administrative access
Principle of least privilege for data access
Regular access audits
6.3 Authentication
Bcrypt password hashing (industry standard)
Optional two-factor authentication (2FA)
Strong password requirements enforced
Session management and automatic logout
6.4 Monitoring and Auditing
24/7 security monitoring
Intrusion detection systems
Regular security audits and penetration testing
Comprehensive logging of data access
6.5 Vendor Security
All third-party providers are vetted for security
Data Processing Agreements with all vendors
Regular vendor security assessments
6.6 Limitations
While we implement strong security measures:
No system is 100% secure
We cannot guarantee absolute security
You are responsible for protecting your account credentials
Notify us immediately of any suspected security breach
7. Your Data Protection Rights
7.1 Rights for All Users
Access: Request a copy of your personal data
Correction: Update inaccurate or incomplete data
Deletion: Request deletion of your account and data
Export: Download your data in machine-readable formats (CSV, JSON)
Opt-out: Unsubscribe from marketing communications
7.2 Additional GDPR Rights (EU Users)
Right to Rectification: Correct inaccurate personal data
Right to Erasure ("Right to be Forgotten"): Delete your data under certain circumstances
Right to Restrict Processing: Limit how we use your data
Right to Data Portability: Receive your data in a portable format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Revoke consent for data processing at any time
Right to Lodge a Complaint: File a complaint with your local data protection authority
7.3 How to Exercise Your Rights
Email: hello@tradevian.com
Subject Line: "Data Privacy Request"
Include: Your full name, email address, and specific request
Response Time:
We will respond within 30 days (GDPR requirement)
Complex requests may take up to 60 days with notice
We may request identity verification
No Fee:
Requests are free unless excessive or repetitive
We may charge a reasonable fee for additional copies
7.4 Data Export
You can export your data at any time:
In-app: Settings → Export Data
Formats: CSV (trades), JSON (complete data)
Included: All trading data, notes, analytics, account settings
8. International Data Transfers
8.1 Data Storage Locations
Your data may be stored and processed in:
European Union (EU data centers)
United States (US data centers)
Other locations where our service providers operate
8.2 Transfer Safeguards
For transfers outside your country:
We use Standard Contractual Clauses (SCCs) approved by the EU Commission
Our providers are GDPR-compliant
We ensure adequate data protection measures
8.3 EU-US Data Transfers
We comply with EU-US Data Privacy Framework principles
Service providers are Privacy Shield certified or use SCCs
We monitor regulatory developments and adjust practices accordingly
9. Cookies and Tracking Technologies
9.1 Types of Cookies We Use
Essential Cookies (Cannot be Disabled):
Authentication and session management
Security and fraud prevention
Load balancing and performance
Functional Cookies (Can be Disabled):
Remember your preferences
Language and currency settings
UI customization choices
Analytics Cookies (Can be Opted Out):
Google Analytics (anonymized IP)
Mixpanel (user behavior analytics)
Hotjar (heatmaps and session recordings)
Marketing Cookies (Can be Opted Out):
Conversion tracking for ads
Retargeting pixels
Email campaign tracking
9.2 Managing Cookies
Browser Controls:
Most browsers let you block or delete cookies
Blocking essential cookies may break the Service
Instructions: Check your browser's help section
Our Cookie Settings:
Settings → Privacy → Cookie Preferences
Toggle analytics and marketing cookies on/off
Essential cookies cannot be disabled
9.3 Do Not Track (DNT)
Some browsers support DNT signals
We honor DNT signals where technically feasible
Note: DNT is not a legal requirement
10. Third-Party Links
The Service may contain links to third-party websites:
We are not responsible for their privacy practices
We recommend reading their privacy policies
Examples: Broker websites, prop firm sites, educational resources
11. Children's Privacy
11.1 Age Restriction
The Service is not intended for users under 18
We do not knowingly collect data from minors
You must be 18+ to create an account
11.2 Parental Notice
If we learn we have collected data from a minor:
We will delete it immediately
Parents may contact us at hello@tradevian.com
We will verify parental identity before discussing minor's data
12. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights:
12.1 Right to Know
What personal information we collect
Sources of the information
Purposes for collecting or selling
Third parties we share with
12.2 Right to Delete
Request deletion of personal information
Exceptions for legal obligations
12.3 Right to Opt-Out
We do not sell personal information
No opt-out necessary
12.4 Right to Non-Discrimination
We will not discriminate for exercising CCPA rights
Same service quality for all users
12.5 Exercising CCPA Rights
Contact us at hello@tradevian.com with "CCPA Request" in the subject line.
13. Changes to This Privacy Policy
13.1 Updates
We may update this Privacy Policy:
Changes effective immediately upon posting
"Last Updated" date at the top reflects latest version
Material changes will be notified via email
Continued use after changes = acceptance
13.2 Notification Methods
Email to your registered address
Prominent notice on the Service
In-app notification
30 days notice for material changes
13.3 Reviewing Changes
Previous versions available upon request
Change history maintained
You may delete your account if you disagree with changes
14. Contact Us
For questions, concerns, or requests about this Privacy Policy:
Email: hello@tradevian.com
Subject Line: "Privacy Policy Inquiry"
Website: https://tradevian.com
Response Time:
General inquiries: 48 hours
Data rights requests: 30 days (GDPR)
Security concerns: 24 hours