Privacy Policy 

NeuroTrader ("we", "us") operates the NeuroTrader platform. We act as the data controller for the personal data processed through the Service. For privacy questions or to exercise your rights, contact us via the Contact page.

Account data: your login, name, email address, and password (stored in hashed form).

Usage data: trades, assets, notes, and other content you add to the platform; preferences and settings.

Technical data: IP address, browser type, device information, and cookies necessary for authentication and operation.

Payment data: when you subscribe, payment is processed by Stripe or NOWPayments. We receive confirmation of payment status and an order identifier, but we do not store your full card details.

Exchange data: if you connect an exchange, we store read-only API keys (encrypted) solely to import your trade history.

To provide and operate the Service; to authenticate you and keep your account secure; to process subscriptions and payments; to provide analytics and features you request; to communicate with you about your account and important changes; and to comply with legal obligations.

We process your data on the following bases: performance of a contract (providing the Service you sign up for); your consent (where required); our legitimate interests (security, improvement, fraud prevention); and compliance with legal obligations.

We do not sell your personal data. We share data only with service providers (processors) that help us run the Service, including: payment processors (Stripe, NOWPayments), hosting and database providers, and email delivery providers. These parties process data on our behalf under appropriate safeguards.

Under the GDPR you have the right to access, correct, delete, restrict, or object to the processing of your personal data, as well as the right to data portability and to withdraw consent at any time. You may also lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us via the Contact page. You can delete most of your data directly by deleting your account in Settings.

We keep your data for as long as your account is active or as needed to provide the Service and comply with legal obligations. Sessions are protected with httpOnly cookies, passwords are hashed, and sensitive values such as exchange API keys are encrypted.

We use cookies that are strictly necessary for authentication and the operation of the Service. We do not use cookies to sell your data. You can control cookies through your browser settings, though disabling essential cookies may prevent you from logging in.

The Service is not intended for anyone under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us data, contact us and we will delete it.