Privacy Policy

Overview

BT4T (Better Trader 4 Tomorrow) is committed to protecting your privacy and ensuring the security of your trading data. This privacy policy explains how we collect, use, store, and protect your personal information.

Data Collection

Trading Data

• Trade records: Entry/exit prices, timestamps, symbols, position sizes, P&L
• Journal entries: Text notes, emotion ratings (0-10), tags, file attachments
• Performance metrics: Win rates, drawdown, risk metrics calculated from your trades
• AI analysis: Cached summaries, pattern detection, and recommendations generated from your data

Account Information

• Authentication: Email address, encrypted passwords
• Plan details: Subscription level, usage limits
• Preferences: UI settings, timezone, currency preferences

Technical Data

• Usage analytics: Page views, feature usage, error logs (anonymized)
• API integration: Exchange API credentials (encrypted at rest)
• Session data: Authentication tokens, temporary cache

Cookies & Local Storage

• Authentication: Session tokens stored in browser localStorage for login persistence
• Preferences: UI settings, theme, timezone stored locally
• Analytics: No third-party tracking cookies used
• Control: Clear localStorage to remove all locally stored data

Data Usage

Primary Purposes

• Trading analysis: Generate insights, performance metrics, and AI-powered recommendations
• Account management: Authentication, plan enforcement, feature access
• Product improvement: Analyze usage patterns to enhance functionality (anonymized data only)

AI Processing

• AI-powered insights: We use OpenAI's API to generate trading insights, journal analysis, and educational content
• Data sent to OpenAI: Your trading data, journal entries, and performance metrics may be processed by OpenAI's GPT models
• OpenAI privacy: OpenAI does not use data sent via API to train their models (per their API Terms)
• Pattern detection: Additional heuristic analysis of trading patterns and emotions runs on our servers
• Caching: AI-generated summaries are cached for performance and remain private to your account
• Opt-out: You can disable AI features and prevent data from being sent to external services

Data Storage & Security

Storage Locations

• Primary database: PostgreSQL database hosted on secure cloud infrastructure
• File uploads: Images and attachments stored in encrypted cloud storage
• API credentials: Encrypted using industry-standard AES-256 encryption
• External processing: Some data temporarily processed by OpenAI API for AI features (see AI Processing section)

Security Measures

• Encryption: All sensitive data encrypted at rest and in transit
• Access control: Strict authentication and authorization for all data access
• Audit logging: All data access and modifications are logged
• Regular backups: Encrypted backups with secure offsite storage

Data Retention

• Active accounts: Data retained indefinitely while account is active
• Inactive accounts: Data retained for 12 months after last login
• Deleted accounts: All data permanently deleted within 30 days of account deletion
• Legal requirements: May retain data longer if required by law

Data Sharing

Limited Third-Party Processing

• Trading data: Never shared with third parties for commercial purposes
• AI analysis: Trading data may be sent to OpenAI API for analysis (see AI Processing section)
• Anonymous analytics: Only aggregated, anonymized usage statistics may be shared
• No data selling: We never sell your personal or trading data to third parties

Legal Disclosure

• Legal compliance: May disclose data if required by law or valid legal process
• Security incidents: May share data with law enforcement if necessary for security
• Business transfers: Data may transfer in case of merger or acquisition (users will be notified)

User Rights

Data Access

• Export functionality: Download all your trading data and journal entries
• API access: Programmatic access to your data through our API
• Transparency: View all data we store about your account

Data Control

• Deletion rights: Delete individual trades, journal entries, or entire account
• Correction rights: Modify or correct any stored data
• Portability: Export data in standard formats (CSV, JSON)

Privacy Controls

• Visibility settings: Control what data is visible in shared features
• Communication preferences: Opt out of marketing communications
• Data processing: Limit certain types of automated processing

File Uploads

Supported Formats

• Images: PNG, JPG/JPEG files only
• Size limits: Maximum 5MB per file
• Storage: Files stored securely with unique identifiers

File Processing

• No analysis: We do not analyze or process uploaded image content
• Access control: Files only accessible by the uploading user
• Retention: Files deleted when associated journal entry is deleted

Contact & Updates

Questions & Requests

• Email: privacy@bt4t.com
• Response time: We respond to privacy inquiries within 72 hours
• Data requests: Processing time up to 30 days for complex requests

Policy Updates

• Notification: Users notified of material changes via email
• Version control: All policy versions maintained with change history
• Effective dates: Changes effective 30 days after notification

Compliance

Standards

• Industry best practices: Follows NIST Cybersecurity Framework
• Data minimization: Collect only data necessary for service functionality
• Purpose limitation: Use data only for stated purposes

Regional Considerations

• GDPR: EU users have additional rights under GDPR
• CCPA: California users have additional rights under CCPA
• Data residency: Data processing location available upon request

---

Contact Information:
BT4T Privacy Team
Email: privacy@bt4t.com
Updated: October 9, 2025