Privacy Policy

Effective Date: April 15, 2026 · Last Updated: April 15, 2026

TradeControl (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you visit our website at tradecontrol.io (the “Site”) and use our risk-management software platform for futures prop firm traders (the “Service”).

By accessing or using our Site or Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please do not use our Site or Service.

1. Information We Collect

1.1 Information You Provide Directly

  • Account & Registration Data: Name, email address, and login credentials when you create an account or apply for beta access.
  • Profile & Trading Preferences: Prop firm name, number of trading accounts, preferred trading platforms (e.g., NinjaTrader, Tradovate, TradingView), and risk-control configuration settings.
  • Payment Information: If and when paid plans become available, billing details such as payment card information or other payment credentials. Payment processing is handled by third-party payment processors; we do not store full payment card numbers on our servers.
  • Communications: Information you provide when contacting support, submitting feedback, or participating in surveys, including your name, email, and message content.

1.2 Information Collected Automatically

  • Device & Browser Data: IP address, browser type and version, operating system, device identifiers, and screen resolution.
  • Usage Data: Pages visited, time spent on pages, click patterns, referring URLs, and navigation paths within the Site and Service.
  • Cookies & Tracking Technologies: We use cookies, pixel tags, and similar technologies to collect information about your browsing activity. See Section 7 (Cookies & Tracking) below for details.
  • Log Data: Server logs that record requests made to our servers, including timestamps, request URLs, and response codes.

1.3 Information From Third Parties

  • Trading Platform Integrations: If you connect TradeControl with third-party trading platforms (e.g., Tradovate via API), we may receive account identifiers, position data, order data, and execution data necessary to enforce your risk controls. We do not access or store your brokerage login credentials.
  • Analytics Providers: We receive aggregated analytics data from services such as Google Analytics and Microsoft Clarity.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, operate, maintain, and improve the TradeControl platform, including enforcing risk controls, session lockouts, trailing profit locks, and schedule enforcement across your trading accounts.
  • Account Management: To create and manage your account, authenticate your identity, and process beta applications.
  • Communication: To send you service-related notices, updates, security alerts, and support messages. With your consent, we may also send promotional communications; you can opt out at any time.
  • Analytics & Improvement: To understand how users interact with our Site and Service, diagnose technical issues, and improve performance, features, and user experience.
  • Security & Fraud Prevention: To detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activities.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests, including obligations related to financial services and trading activity.

3. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom (UK), we process your personal data on the following legal bases:

  • Contractual Necessity: Processing necessary to perform our contract with you (e.g., providing the Service, managing your account).
  • Legitimate Interests: Processing necessary for our legitimate business interests (e.g., analytics, fraud prevention, product improvement), provided those interests are not overridden by your data protection rights.
  • Consent: Where you have given specific consent (e.g., marketing communications, non-essential cookies).
  • Legal Obligation: Processing necessary to comply with legal requirements.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: With third-party vendors who assist us in operating the Service, including cloud hosting providers (e.g., AWS), analytics services (e.g., Google Analytics), email delivery services, and payment processors. These providers are contractually obligated to use your data only as directed by us and to maintain appropriate security measures.
  • Trading Platform Partners: With connected trading platforms (e.g., Tradovate) only to the extent necessary to enforce your configured risk controls. Data shared is limited to what is required for order management and account monitoring.
  • Legal Requirements: When required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of TradeControl, our users, or the public.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
  • With Your Consent: We may share information for other purposes with your explicit consent.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. When your account is closed, we will retain and securely store your data for a period necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

  • Account Data: Retained for the duration of your account plus 12 months after closure.
  • Trading & Risk Control Data: Retained for up to 7 years to comply with financial record-keeping obligations and regulatory requirements.
  • Usage & Analytics Data: Retained in aggregated, anonymized form indefinitely for product improvement purposes.
  • Support Communications: Retained for up to 3 years after the last interaction.

6. Your Rights

6.1 Rights Under GDPR (EEA/UK Residents)

If you are located in the EEA or UK, you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data (“right to be forgotten”), subject to legal retention requirements.
  • Restriction: Request that we restrict processing of your data under certain circumstances.
  • Portability: Receive your personal data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests, including profiling.
  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

6.2 Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information collected, the sources, purposes, and third parties with whom it is shared.
  • Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions.
  • Right to Correct: Request correction of inaccurate personal information.
  • Right to Opt-Out: We do not sell or share your personal information for cross-context behavioral advertising. If this changes, we will provide a “Do Not Sell or Share My Personal Information” link.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, contact us at [email protected]. We will respond within the timeframes required by applicable law (30 days under GDPR; 45 days under CCPA/CPRA).

7. Cookies & Tracking Technologies

We use the following categories of cookies and tracking technologies:

  • Essential Cookies: Required for the Site and Service to function (e.g., authentication, session management). These cannot be disabled.
  • Analytics Cookies: Used to understand how visitors interact with the Site (e.g., Google Analytics). These collect anonymized or pseudonymized data about page views, session duration, and user flows.
  • Performance Cookies: Used to monitor and improve Site performance (e.g., Microsoft Clarity for heatmaps and session recordings). These may record mouse movements, clicks, and scrolling behavior in an anonymized manner.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Site or Service. We honor Do Not Track (DNT) and Global Privacy Control (GPC) signals where required by law.

8. Data Security

We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest.
  • Secure, access-controlled cloud infrastructure.
  • Role-based access controls limiting data access to authorized personnel.
  • Regular security assessments and vulnerability testing.
  • Hashed and salted password storage; we never store plaintext passwords.

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

TradeControl is based in the United States. If you access the Site or Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

For transfers from the EEA/UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other legally recognized transfer mechanisms, to ensure an adequate level of data protection.

10. Children’s Privacy

Our Site and Service are not directed to individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected], and we will promptly delete such information.

11. Third-Party Links

Our Site may contain links to third-party websites, trading platforms, or services (e.g., Tradovate, NinjaTrader, TradingView, prop firm websites). We are not responsible for the privacy practices or content of these third parties. We encourage you to review their privacy policies before providing any personal information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on this page and update the “Last Updated” date. For material changes, we will provide notice through the Site or via email. Your continued use of the Site or Service after such changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

TradeControl
Email: [email protected]
Website: tradecontrol.io